PAM w/ Samba

From: Richard Duran <rduran dallasairmotive com>
To: gdm SunSITE dk
Subject: PAM w/ Samba
Date: Wed, 12 Nov 2003 15:27:43 -0600

I'm re-submitting this, as I'm not sure it got out the first time:

   ----------------

This is my first time on this list, so if this is a FAQ, please forgive
as I could not locate that document:

We are having users login to a linux desktop using PAM/Samba to
authenticate the user against a Win2K PDC (Primary Domain Controller).

This works just fine, except when the PDC has the "User must change
password at next logon" checkbox selected (when a new account is created
with this set, or a password has been reset). In this case, PAM comes
back with NT_STATUS_PASSWORD_MUST_CHANGE. When this happens, GDM pops-up
an "Authentication failed". It would be nice to have GDM request a new
password from the user. (They only get the pop-up when they type the
correct password that needs to be changed, if they type the incorrect
password, GDM display the text "Incorrect username or password...").

Are there any plans to incorporate a feature to request a new password,
or is this the responsibility of the pam_smb module?

Secondly, since we are authenticating against a Windows PDC, we are
forced to login using "PDC\user". It would be nice if GDM could detect
the existence of "/etc/pam_smb.conf" and allow the user to select either
"<hostname>" or "<domainname>". Of course, this is only a matter of
aesthetics.

Any pointers would be appreciated. I would be glad to donate my time and
programming to the cause if needed.

Regards,
-richard duran

Follow-Ups:
- Re: PAM w/ Samba
  - From: George

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]