[Samba-it] pam_winbind.so e samba 3.0.23a

[simo]

On Thu, 2006-08-17 at 17:33 +0200, Paolo Sala wrote:

> > passwd:         files winbind
> > ;passwd:         compat
> > group:          files winbind
> > ;group:          compat
> > shadow:         files winbind
> > ;shadow:         compat

Togli winbind da shadow, winbind non fornisce nessuna informazione per
la mappa shadow

> > auth    sufficient      pam_winbind.so
> > auth    sufficient      pam_unix.so     nullok_secure use_first_pass
> > auth    required    pam_deny.so

questa e' ok.

> 
> > psala at psala-lx2:~$ cat /etc/pam.d/common-account
> > #
> > # /etc/pam.d/common-account - authorization settings common to all 
> > services
> > #
> > # This file is included from other service-specific PAM config files,
> > # and should contain a list of the authorization modules that define
> > # the central access policy for use on the system.  The default is to
> > # only deny service to users whose accounts are expired in /etc/shadow.
> > #
> > #account        required        pam_unix.so
> >
> > account sufficient pam_winbind.so
> > account required        pam_unix.so

e questa dovrebbe essere ok pure.

> 
> > psala at psala-lx2:~$ cat /etc/pam.d/common-session
> > #
> > # /etc/pam.d/common-session - session-related modules common to all 
> > services
> > #
> > # This file is included from other service-specific PAM config files,
> > # and should contain a list of modules that define tasks to be performed
> > # at the start and end of sessions of *any* kind (both interactive and
> > # non-interactive).  The default is pam_unix.
> > #
> > #session        required        pam_unix.so
> >
> > session  required   pam_mkhomedir.so skel=/etc/skel umask=0022

questa non l'ho capita

io metterei:

session optional pam_mkhomedir.so skel=/etc/skel umask=0022
session sufficient pam_winbind.so
session required pam_unix.so


Simo.