[Samba] Problem with pam_mkhomedir.so on Solaris 9

Kleber Leal kalvesleal at yahoo.com.br
Mon Jul 3 11:31:24 GMT 2006


Hi all,
I wanna install Samba on Solaris 9 to integrate all
authentication on Active Directory.
I am using this the configuration:

/usr/local/samba/lib/smb.conf
[global]
   workgroup = SEDE
   server string = Samba Server
   security = domain
   load printers = no
   log file = /usr/local/samba/var/log.%m
   max log size = 50
  password server = 044864.dominio 044873.dominio
   socket options = TCP_NODELAY
   wins server = 044865.dominio
   dns proxy = no
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
winbind separator = +
template homedir = /export/home/%U
template shell = /usr/bin/bash
winbind use default domain = yes
[homes]
   comment = Home Directories
   browseable = no
   writable = yes
[printers]
   comment = All Printers
   path = /usr/spool/samba
   browseable = no
   guest ok = no
   writable = no
   printable = yes


/etc/pam.conf
login   auth sufficient         pam_winbind.so
try_first_pass
login   auth requisite          pam_authtok_get.so.1
login   auth required           pam_dhkeys.so.1
login   auth required           pam_unix_auth.so.1
login   auth required           pam_dial_auth.so.1
rlogin  auth sufficient         pam_winbind.so
rlogin  auth sufficient         pam_rhosts_auth.so.1
rlogin  auth requisite          pam_authtok_get.so.1
rlogin  auth required           pam_dhkeys.so.1
rlogin  auth required           pam_unix_auth.so.1
rsh     auth sufficient         pam_rhosts_auth.so.1
rsh     auth required           pam_unix_auth.so.1
ppp     auth requisite          pam_authtok_get.so.1
ppp     auth required           pam_dhkeys.so.1
ppp     auth required           pam_unix_auth.so.1
ppp     auth required           pam_dial_auth.so.1
other   auth sufficient         pam_winbind.so
other   auth requisite          pam_authtok_get.so.1
other   auth required           pam_dhkeys.so.1
other   auth required           pam_unix_auth.so.1
passwd  auth required           pam_passwd_auth.so.1
cron    account required        pam_projects.so.1
cron    account required        pam_unix_account.so.1
other   account sufficient      pam_winbind.so
other   account requisite       pam_roles.so.1
other   account required        pam_projects.so.1
other   account required        pam_unix_account.so.1
other  session required         pam_mkhomedir.so
skel=/etc/skel umask=0022
other   session required        pam_unix_session.so.1
other   session sufficient      pam_winbind.so
other   password sufficient     pam_winbind.so
try_first_pass
other   password required       pam_dhkeys.so.1
other   password requisite      pam_authtok_get.so.1
other   password requisite      pam_authtok_check.so.1
other   password required       pam_authtok_store.so.1


/etc/nsswitch.conf
passwd:     files winbind
group:      files winbind
hosts:      files dns
ipnodes:    files
networks:   files
protocols:  files
rpc:        files
ethers:     files
netmasks:   files
bootparams: files
publickey:  files
netgroup:   files
automount:  files
aliases:    files
services:   files
sendmailvars:   files
printers:       user files
auth_attr:  files
prof_attr:  files
project:    files


The problem is: when I try logon with this
configuration on pam.conf with my ad users, the host
close the conection, and when I comment out the
pam_mkhomedir.so line the ad users can log on. The
homedirs are not created on the first logon.
I think is there a problema with pam_mkhomedir.so. If
anyone has a Solaris 9 with pam_mkhomedir.so
operational please send your pam.conf.

The pam_mkhomedir.so module was compilled conform
described on http://keutel.de/pam_mkhomedir/. No erros
was reported on compillation.

043702-/# ls -l /lib/security/pam_mkhomedir.so
-rwxr-xr-x   1 root     bin        31276 Jun 29 13:55
/lib/security/pam_mkhomedir.so

Thank you.

Kléber






		
_______________________________________________________ 
Novidade no Yahoo! Mail: receba alertas de novas mensagens no seu celular. Registre seu aparelho agora! 
http://br.mobile.yahoo.com/mailalertas/ 
 



More information about the samba mailing list