<address><email>vorlon@netexpress.net</email></address>
</affiliation>
</author>
- <pubdate> (Jun 21 2001) </pubdate>
+ <pubdate>May 31, 2003</pubdate>
</chapterinfo>
<title>PAM based Distributed Authentication</title>
possibilities and in particular how to deploy tools like pam_smbpass.so to your adavantage.
</para>
+<note><para>
+The use of Winbind require more than PAM configuration alone. Please refer to: <link linkend="winbind"></link>
+</para></note>
+
<sect1>
<title>Features and Benefits</title>
<para>
The remaining information in this subsection was taken from the documentation of the Linux-PAM
-project.
+project. For more information on PAM, see
+<ulink url="http://ftp.kernel.org/pub/linux/libs/pam/">
+http://ftp.kernel.org/pub/linux/libs/pam</ulink> The Official Linux-PAM home page.
</para>
<para>
by commenting them out except the calls to <filename>pam_pwdb.so</filename>.
</para>
+<sect3>
+<title>PAM: original login config</title>
+
<para><screen>
#%PAM-1.0
# The PAM configuration file for the `login' service
password required pam_pwdb.so shadow md5
</screen></para>
+</sect3>
+
+<sect3>
+<title>PAM: login using pam_smbpass</title>
+
<para>
PAM allows use of replacable modules. Those available on a sample system include:
</para>
PAM documentation for further helpful information.
</para></note>
+</sect3>
+
</sect2>
<sect2>
-<title>PAM Configuration in smb.conf</title>
+<title>smb.conf PAM Configuration</title>
<para>
There is an option in smb.conf called <ulink
</para>
<para>
-When Samba is configured to enable PAM support (i.e.
+When Samba-3 is configured to enable PAM support (i.e.
<option>--with-pam</option>), this parameter will
control whether or not Samba should obey PAM's account
and session management directives. The default behavior
</sect2>
<sect2>
-<title>Authentication off a remote CIFS Server using winbindd.so</title>
+<title>Remote CIFS Authentication using winbindd.so</title>
<para>
All operating systems depend on the provision of users credentials accecptable to the platform.
generic interface to authentication mechanisms.
</para>
-<para>
- For more information on PAM, see <ulink url="http://ftp.kernel.org/pub/linux/libs/pam/">The linux PAM homepage</ulink>.
-</para>
-
<para>
This module authenticates a local smbpasswd user database. If you require
support for authenticating against a remote SMB server, or if you're