On 04/09/2014 11:15, Dang Zhiqiang wrote:
thank you.
I used smb share by "zfs set sharesmb=on tank/test", not want to modify samba
configure file.
only add "other password required pam_smb_passwd.so.1 nowarn" is OK?
currently, I not found other questions.
Yes, but you need to enable users with 'smbadm enable-user <username>'
to activate that passwords are taken from /etc/shadow. Note, no Samba is
involved here at all, so none of its configs and passwrd files are active,
nor should there be any samba program running, only the Solaris smb daemons
activated via svcadm for smb/server, smb/client; samba DISABLED.
At 2014-09-04 04:18:45, "Udo Grabowski (IMK)" <udo.grabow...@kit.edu> wrote:
Too early in the morning... smbpasswd file is Samba, but the
funtionality that the /etc/shadow file is used as password
basis with this entry is valid for Solaris own CIFS service, see
'man smbadm' under 'enable-user' .
For Samba (>3.0.0, if compiled with --with-pam --with-smb_passwd ),
you seemingly can use additional entries like this in /etc/pam.conf
(note the difference: pam_smbpass versus pam_smb_passwd)
other password required pam_smbpass.so use_authtok
samba password required pam_dhkeys.so.1
samba password requisite pam_authtok_get.so.1
samba password requisite pam_authtok_check.so.1
samba password required pam_authtok_store.so.1
samba password required pam_smbpass.so use_authtok
samba session required pam_unix_session.so.1
and in smb.conf file:
preferred master = yes
domain master = yes
local master = yes
domain logons = yes
security = user
obey pam restrictions = yes
You need to set the password after reboot again since
the password hash format changes.
But I don't know if this really works.
Otherwise, you can write a small 'expect' script to
synchronize that users call when changing their password.
On 04/09/2014 09:13, Dang Zhiqiang wrote:
thank you very much.
I'm sorry, passwd command not update smbpasswd file in 151a8 too, fix it like
151a9.
At 2014-09-04 01:37:38, "Udo Grabowski (IMK)" <udo.grabow...@kit.edu> wrote:
On 04/09/2014 05:31, Dang Zhiqiang wrote:
passwd command update smbpasswd file in 151a8, but update OS to 151a9 is not,
how to fix it?
You need this line in /etc/pam.conf:
other password required pam_smb_passwd.so.1 nowarn
--
Dr.Udo Grabowski Inst.f.Meteorology & Climate Research IMK-ASF-SAT
http://www.imk-asf.kit.edu/english/sat.php
KIT - Karlsruhe Institute of Technology http://www.kit.edu
Postfach 3640,76021 Karlsruhe,Germany T:(+49)721 608-26026 F:-926026
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
--
Dr.Udo Grabowski Inst.f.Meteorology & Climate Research IMK-ASF-SAT
http://www.imk-asf.kit.edu/english/sat.php
KIT - Karlsruhe Institute of Technology http://www.kit.edu
Postfach 3640,76021 Karlsruhe,Germany T:(+49)721 608-26026 F:-926026
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
