Topic: Authenticating Linux workstations againt SME

[girkers]

How do I get a Linux Workstation to authenticate against a SME server so I can access shared resources.

[steever]

Hello.

Some of us have been working on this.  There was some progress towards authenticating Linux workstations using NIS and using NFS for mounting the home directory - search for NIS and NFS in the forums for details - but to my mind it wasn't a very effective technique.

Vern Ceder (from the US) and I (from Australia/Japan/NZ) have been able to authenticate Ubuntu Linux workstations against Samba 3 servers using the process detailed here: http://tech.canterburyschool.org/tech/UbuntuWorkstations.

I have used this technique to authenticate Ubuntu against SME Server 7 without making any alterations to the server itself.  It's a pretty neat solution.  Let me know how you go.

Steve

[girkers]

Steever,

Thanks I will do some research on using NIS and NFS as looking at your resolution the link, whilst good it seems to me to go against what I personally beleive in for a linux network. I.E. a M$ free network (no SMBFS).

It is great that SME works so well with Windows as that is its primarly desktop base, but after install Ubuntu 6.06 (Dapper Drake) it is great and I am putting it into my daughters school for a test.

I just thought that SME, based on UNIX, was designed for a networking environment thus would be easily have workstations connect to a server.  I will post back the results of my research.

[steever]

I agree.  But until SME Server changes to an LDAP backend for its Samba database, it is really the only solution.  NIS and NFS have been criticised widely for their security, so I wouldn't spend too much time working in that area.  Also, you'll have trouble automagically mapping users' homes when they log in if you try NFS, due to the way the home directory is located in SME Server - /home/e-smith/files/users/username/home

I am waiting for the day when SME goes fully LDAP - we'll be able to authenticate Mac clients, Linux clients and all manner of stuff with ease.

One day ...

[HebsgaardS]

Hello.
...
Vern Ceder (from the US) and I (from Australia/Japan/NZ) have been able to authenticate Ubuntu Linux workstations against Samba 3 servers using the process detailed here: http://tech.canterburyschool.org/tech/UbuntuWorkstations.
...
Steve

Hi,

I have successfully set up Open Suse 10.1 following the above guide. The only thing that caused problems was the modifications to common-auth and common-session.
Having "auth    required        pam_mount.so" in /etc/pamd.d/common-auth and "session optional        pam_mount.so" in /etc/pam.d/common-session caused cron jobs and "su <user> -c ..." in startup script files to fail with:
pam_mount: error trying to retrieve authtok from auth code

I moved
auth    required        pam_mount.so and
session optional        pam_mount.so
to /etc/pam.d/login and /etc/pam.d/xdm which solved the problem.

Stefan

[ramasule]

I got my client on the domain.
When I go to log in now at the loginscreen I get authentication failed.
It was something modified in my pam files.
I noticed in common-auth instead of required there was requisite ...

Also will this work for roaming clients?

Thanks,
DL