Please help with winbind setup
Kevin
kevin at mpcf.com
Thu Nov 8 09:21:03 GMT 2001
getent passwd and groups work fine and return the
correct listings.
I double checked the file names and locations and they
are all good.
I ran /sbin/ldconfig (i never knew about this one).
I changed my /etc/pam.d/samba file to look like the one
you gave me below
Still no luck. It keeps asking for a name and password
and accepts none of them. I increased the logging
level on smbd and now there are entries in the winbind
and smbd logs but none of them are errors.
Thanks,
VeKTeReX
David Brodbeck wrote:
>
> Do 'getent passwd' and 'getent group' list your NT users? If not, check
> your /etc/nsswitch.conf file. Also, make sure you have
> /lib/libnss_winbind.so and /lib/libnss_winbind.so.2. (One should be an
> actual file, and the other one a link to that file. Run /sbin/ldconfig
> after changing these, if you need to change them.) If the getent commands
> don't work, PAM authentication won't work either.
>
> For your /etc/pam.d/samba file, try this:
>
> auth sufficient /lib/security/pam_winbind.so
> auth required /lib/security/pam_pwdb.so use_first_pass
> nullok shadow
> account required /lib/security/pam_winbind.so
>
> The pam_securetty and pam_nologin.so lines may be confusing things. The
> above is what's working on my RedHat 7.0 system.
>
> -----Original Message-----
> From: Kevin [mailto:kevin at mpcf.com]
> Sent: Thursday, November 08, 2001 10:39 AM
> To: samba at lists.samba.org
> Subject: Please help with winbind setup
>
> I created a file called "samba" in the /etc/pam.d/ dir
> which contains the following lines:
>
> auth required /lib/security/pam_securetty
> auth required /lib/security/pam_nologin.so
> auth sufficient /lib/security/pam_winbind.so
> auth required /lib/security/pam_pwdb.so use_first_pass
> shadow nullok
> account required /lib/security/pam_winbind.so
>
> I am ONLY concerned with users being able to access the
> samba shares. I don't want them to be able to login or
> ftp to the samba box. If anyone here can help me out
> with this one i would really appreciate it. If any
> more info is required, please don't hesitate to ask.
More information about the samba
mailing list