how to change local and remote (winbind) password seperately
Michael Hamann
mail at mhamann.net
Thu May 19 08:55:47 UTC 2005
Hi everybody,
does anybody know a way how to setup the passability to change passwords
for local users and winbind (remote) users ?
Right kow, I setup my /etc/pam.d/passwd like this:
------
password sufficient pam_winbind.so
password required pam_unix.so
------
Now when I try to change the password for a user logged in via winbind
auth I can change the password without any problems:
tglatzelr at testtux:~$ passwd
Changing password for tglatzel
(current) NT password:
Enter new NT password:
Retype new NT password:
passwd: password updated successfully
For Notebooks Users I would like to allow local users to login and also
allow them to change their passwords on the local system.
With the configuration above I have to let the winbind auth fail to be
able to enter the local passwd dialog. Afters the failed winbind auth, I
am able to change the local password. this works somehow but it looks
quite ugly.
Is their a way to sepereate the password change process maybe in an
localpasswd and a passwd script?
How do I define new pam configuration in /etc/pam.d ? How does the program
passwd know that its pam configuration is set up in /pam.d/passwd?
Where in the source would I have to add modifications to create a seperate
localpasswd program to change only local passwords ? I just looked into
the passwd sources but did not find a pam ID or somethin comparable as I
expected.
Any hints would be very helpful...
best regards
Michael
More information about the Pam-list
mailing list