Hello All,


I have samba version 3.3.2 installed on a system running Ubuntu Server 9.04 (32-bit).  The users trying to mount the samba shares authenticate over the LDAP server.
Here is how my configuration files look like,

1. /etc/samba/smb.conf

[global]
server string = %h server (Samba, Ubuntu)
map to guest = Bad User
obey pam restrictions = Yes
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
dns proxy = No
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
passdb backend = ldapsam:ldaps://ldap1.xetus.com
ldap suffix = dc=xetus,dc=com


2. /etc/nsswitch.conf

passwd:      files ldap
group:         files ldap
shadow:      files ldap

hosts:          files dns
networks:    files

protocols:    db files
services:     db files
ethers:        db files
rpc:             db files

netgroup: nis


3. /etc/pam.d/common-auth

auth [success=2 default=ignore] pam_unix.so nullok_secure
auth [success=1 default=ignore] pam_ldap.so use_first_pass
auth requisite pam_deny.so
auth required pam_permit.so


4. /etc/pam.d/common-account

account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so
account [success=1 default=ignore] pam_ldap.so
account requisite pam_deny.so
account required pam_permit.so


5. /etc/pam.d/common-password

password requisite pam_cracklib.so retry=3 minlen=8 difok=3
password [success=2 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512
password [success=1 user_unknown=ignore default=die] pam_ldap.so use_authtok try_first_pass
password requisite pam_deny.so
password required pam_permit.so
password optional pam_smbpass.so nullok use_authtok use_first_pass
6. /etc.pam.d/common-session

session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session required                 pam_unix.so
session optional pam_ldap.so
session optional pam_ck_connector.so nox11
session required        pam_mkhomedir.so umask=0022 skel=/etc/skel



I have another system running Ubuntu Server 10.04 (64-bit) where samba version 3.4.7 is installed (using apt-get). The /etc/nsswitch.conf and all the /etc/pam.d/common-{auth, ccount,password,session} match the respective files from Ubuntu Server 9.04 system (described earlier).
Other  relevant packages installed on both the systems are winbind, libpam-smbpass and smbldap-tools.  My question is, why does ldap authentication works with samba version 3.3.2 and not with samba version 3.4.7 even though the directives in the configuration files are the same?  Am i missing a step here.
Can anyone point me in the right direction on this issue. I would  appreciate all your time and help.
Thanks in advance.

- Amit
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba