LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 04-12-2004, 12:46 PM   #1
enkrypter
LQ Newbie
 
Registered: Apr 2004
Posts: 4

Rep: Reputation: 0
Slackware + SAMBA + WinBind + NT Domain = 3 day headache


Greetings all!

I am a long time slackware user and am by no means a linux noob. However, I have run into a bit of a pickle and am posting to ask a question to confirm my suspicions.

I am attempting to get samba working to provide unified logons from an NT domain. I know this is doable, I know how to configure it, and I know I need WinBindd. However, after recent reading I found out I was missing a very important part to the equation and that was PAM. I guess PAM is needed by SAMBA and Winbind to do the local authentication form the NT domain.

Since slackware does not have PAM, I am at a loss. I am not about to attempt recompiling, what I can only imagine will end up being the entire OS, for PAM functionality so I am looking at other options. As much as I hate to say it I am looking at Fedora, simply due to it's use of PAM.

However, I am open to suggestions on how and if I can get my linux logins authenticated from my NT domain without the use of PAM on salckware. It breaks my heart to not be able to do this stuff with slack, as it's been so kind to me over the years...

Any advice is welcome. I have begun researching the possibility of LDAP as well.

My current project is to create a Linux SMBFax setup, integrated into my windows environment. Part of my trouble now is samba. I need to get usernames authenticated from windows users, so I know whom to send the smbfax bounce back email message to.

Please advise and thanks,

Tom Taylor
 
Old 04-12-2004, 02:16 PM   #2
hp_tux
Member
 
Registered: Mar 2004
Location: Germany
Distribution: Slackware 14
Posts: 87

Rep: Reputation: 15
Hello,

well, I just downloaded the latest samba source (3.0.2a), and did the following:
Code:
./configure --help|grep -i pam
And this is the output:
Code:
  --with-pam              Include PAM support (default=no)
  --with-pam_smbpass      Build PAM module for authenticating against passdb backends (default=no)
I think this will solve your problem!

cu

hp_tux
 
Old 04-12-2004, 03:20 PM   #3
enkrypter
LQ Newbie
 
Registered: Apr 2004
Posts: 4

Original Poster
Rep: Reputation: 0
so,

When I compile will it create the necisary pam module that will talk to my passwd file? I find it hard to believe that the samba package that comes with slackware would not be configured this way by defualt, being as that slack does not use pam...??

Thanks for the info. I will try this later.
 
Old 04-15-2004, 06:55 PM   #4
ssolina
LQ Newbie
 
Registered: Sep 2003
Posts: 5

Rep: Reputation: 0
Post

Hey there....

I believe that PAM integration with Winbind and Samba is only required if you want NT Domain users to use any locally hosted services from the Samba box.

When a Domain user wants to use a "PAM-enabled" service the WinBind daemon will query the Domain Controller for a valid user account. PAM will run it's course according to it's modules being called (i.e.Auth or Account) and give access to the Linux (not Samba) based service.

So for instance, if a Domain user wants to login to the FTP server on the Linux machine, it will go thru the scenario that I mentioned above. So you won't have to use any local users built on your Linux Server, but you can use any Windows Domain user via winbind.
 
Old 04-15-2004, 10:23 PM   #5
enkrypter
LQ Newbie
 
Registered: Apr 2004
Posts: 4

Original Poster
Rep: Reputation: 0
I ended up getting my fax system as described in http://www.linuxgazette.com/issue79/fraile.html

I understand how PAM works, however. I could get samba and winbind to join an NT domain, I could also list users and groups from my NT domain. I could not however get those accounts to list as local accounts which is needed by samba for authentication purposes.

Winbind can be compiled with PAM and NIS to create a moduel that does that sort of authentication. After this past week, I am convinced that this task would have been a lot of extra and needless work for me. I love slackware like an only child, but I decided that a stripped down version of Fedora was probably my best option.

On a side note, I got a windows Fax solution now, built on Linux.

Windows users can print anything they wish to a samba accessible printershare. They install any postscript driver they want, and print.

Moments later they get an email containing a hyperlink. They click it and are taken to a custom page where they can enter a phone number and selecta cover page. Upon submission that user is then kept up to date on the status of their fax. They get failure and or confirmation emails.

All in all I would give this system a huge thumbs up. It will save my company thousands of dollars, adn work better than any commercial offering I have seen!

I did run into a lot of trouble with the smbfax software on Fedora and the way the scripts wanted to execute system commands. Fedora was too picky and didn't like setuid perl. I ended up rewriting what was almost the entire smbfax suite to be compliant with what should be almost any Linus OS.

The only downer about this solution is that you must maintain an up-to-date alias list for which to send emails to windows users.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba Winbind and 2003 domain carnold SUSE / openSUSE 0 08-26-2005 05:53 PM
winbind + samba + gdm unable to login with Domain user theowl Linux - Networking 1 06-11-2004 08:30 AM
Samba 3, Winbind (getent) not returning Domain USers delphiq Linux - Software 1 04-16-2004 05:18 AM
Samba + Winbind + Domain Users group wheeliemonster Linux - Networking 0 01-27-2004 09:56 AM
SAMBA access based on NT Domain groups [using winbind] tisource Linux - Networking 1 11-24-2003 12:34 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 05:29 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration