winbind and NT domain not allowinf authentication

Buchan Milne bgmilne at cae.co.za
Tue Nov 20 01:09:45 GMT 2001


What is the value for "template shell" ? The default is set to 
/bin/false. Also, your "template homedir", which defaults to /home/%D/%U 
where %D is the domain name and %U is the username. Is your home 
directory created?

For more info on winbind on Mandrake (with sample pam config files), see
http://mandrakeuser.org/connect/csamba5.html#windbind

Buchan

>Bonjour
>I'm testing winbind to allow NT domain users (my domain is WOKUP) loging in
>a unix station (hostname : david).
>
>At the login prompt, I'm entering my windows users (WOKUP\toto) and my
>domain password.
>All I can see is "creating home directory ..." and i'm logged out.
>What is happening ?
>Thanks for all clues.
>
>Sorry for my bad english.
>
>David
>ddeg at wokup.com
>
>
>in my /var/log/messages :
>
>Nov 16 17:22:19 david pam_winbind[3498]: user 'wokup\toto' granted acces
>Nov 16 17:22:19 david pam_winbind[3498]: user 'wokup\toto' granted acces
>Nov 16 17:22:19 david login(pam_unix)[3498]: session opened for user
>wokup\toto by (uid=0)
>Nov 16 17:22:19 david login[3498]: Permission denied
>
>my /etc/pam.d/login file
>#%PAM-1.0
>auth       required     /lib/security/pam_securetty.so
>auth       required     /lib/security/pam_stack.so service=system-auth
>auth       required     /lib/security/pam_nologin.so
>account    sufficient /lib/security/pam_winbind.so
>account    required     /lib/security/pam_stack.so service=system-auth
>password   required     /lib/security/pam_stack.so service=system-auth
>session    required     /lib/security/pam_stack.so service=system-auth
>session    required /lib/security/pam_mkhomedir.so skel=/etc/skel/
>umask=0022
>session    optional     /lib/security/pam_console.so
>
>my /etc/pam.d/system-auth file
>#%PAM-1.0
>auth        required      /lib/security/pam_env.so
>auth        sufficient    /lib/security/pam_winbind.so
>auth        sufficient    /lib/security/pam_unix.so likeauth nullok
>use_first_pass
>auth        required      /lib/security/pam_deny.so
>account     sufficient    /lib/security/pam_winbind.so
>account     required      /lib/security/pam_unix.so
>password    required      /lib/security/pam_cracklib.so retry=3
>password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5
>shadow
>password    required      /lib/security/pam_deny.so
>session     required      /lib/security/pam_mkhomedir.so skel=/etc/skel/
>umask=0022
>session     required      /lib/security/pam_limits.so
>session     required      /lib/security/pam_unix.so
>
>Software versions :
>PDC : Windows NT 4.0 SP6
>samba v2.2.2
>Mandrake 8.1
>

-- 
|----------------Registered Linux User #182071-----------------|
Buchan Milne                Mechanical Engineer, Network Manager
Cellphone * Work       +27 82 472 2231 * +27 21 808 2497 ext 202
Stellenbosch Automotive Engineering         http://www.cae.co.za






More information about the samba-ntdom mailing list