In workgroup mode, the SMB server is responsible for authenticating users locally when access is requested to shared resources.
Before You Begin
If the Samba service is running on the Oracle Solaris system, you must disable it. See How to Disable the Samba Service.
For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.2 .
# svcadm enable -r smb/server
This command enables the SMB server and any service on which it depends, such as the idmap service.
# smbadm join -w workgroup-name
Add the following line to the end of the file:
password required pam_smb_passwd.so.1 nowarn
See the pam_smb_passwd (5) man page.
The SMB server cannot use the Oracle Solaris encrypted version of the local user's password for authentication. Therefore, you must generate an encrypted version of the local user's password for the SMB server to use. When the SMB PAM module is installed, the passwd command generates this encrypted version of the password.
# passwd username
The following example shows how to configure the SMB server in workgroup mode. The name of the workgroup being joined is myworkgroup.
# svcadm enable -r smb/server # smbadm join -w myworkgroup
Install the PAM module and generate the password for user cal.
# echo "password required pam_smb_passwd.so.1 nowarn" >> /etc/pam.d/other # passwd cal
You would then create a share in order to have SMB clients access the SMB shares on your SMB server.