Please help with winbind setup

Kevin kevin at mpcf.com
Thu Nov 8 09:21:03 GMT 2001 

getent passwd and groups work fine and return the
correct listings.
I double checked the file names and locations and they
are all good.
I ran /sbin/ldconfig (i never knew about this one).
I changed my /etc/pam.d/samba file to look like the one
you gave me below

Still no luck.  It keeps asking for a name and password
and accepts none of them.  I increased the logging
level on smbd and now there are entries in the winbind
and smbd logs but none of them are errors.

Thanks,
VeKTeReX


David Brodbeck wrote:
> 
> Do 'getent passwd' and 'getent group' list your NT users?  If not, check
> your /etc/nsswitch.conf file. Also, make sure you have
> /lib/libnss_winbind.so and /lib/libnss_winbind.so.2.  (One should be an
> actual file, and the other one a link to that file.  Run /sbin/ldconfig
> after changing these, if you need to change them.)  If the getent commands
> don't work, PAM authentication won't work either.
> 
> For your /etc/pam.d/samba file, try this:
> 
> auth            sufficient      /lib/security/pam_winbind.so
> auth            required        /lib/security/pam_pwdb.so use_first_pass
> nullok shadow
> account required        /lib/security/pam_winbind.so
> 
> The pam_securetty and pam_nologin.so lines may be confusing things.  The
> above is what's working on my RedHat 7.0 system.
> 
> -----Original Message-----
> From: Kevin [mailto:kevin at mpcf.com]
> Sent: Thursday, November 08, 2001 10:39 AM
> To: samba at lists.samba.org
> Subject: Please help with winbind setup
> 
> I created a file called "samba" in the /etc/pam.d/ dir
> which contains the following lines:
> 
> auth    required        /lib/security/pam_securetty
> auth    required        /lib/security/pam_nologin.so
> auth    sufficient      /lib/security/pam_winbind.so
> auth    required        /lib/security/pam_pwdb.so use_first_pass
> shadow nullok
> account required        /lib/security/pam_winbind.so
> 
> I am ONLY concerned with users being able to access the
> samba shares.  I don't want them to be able to login or
> ftp to the samba box.  If anyone here can help me out
> with this one i would really appreciate it.  If any
> more info is required, please don't hesitate to ask.

More information about the samba mailing list