Winbind on HPUX 11, some small progress
Esh, Andrew
Andrew_Esh at adaptec.com
Thu Feb 6 21:40:13 GMT 2003
I thought I was told early on in this discussion that HP-UX doesn't like
certain keywords in nsswitch.conf, and winbind is one of them. That being
the case, isn't libnss_winbind.1 useless?
Can another nsswitch keyword be faked into pointing at winbind? Maybe
libnss_ldap.1 -> libnss_winbind.so, and a "passwd: ldap files ..." in
nsswitch.conf.
Also, a truss (or strace) on getent might show or fail to show
libnss_winbind.1 being loaded and called.
What else is known about winbind? The nss library is just a translation shim
that calls winbindd through a named pipe. Is the pipe file there while
winbindd is up and running? Does fuser show that winbindd has
/tmp/.winbindd/pipe open? How about "netstat -ax | grep winbindd"? Does
wbinfo work? It uses the same communication.
> -----Original Message-----
> From: Miles Roper [mailto:mroper at westcoastdhb.org.nz]
> Sent: Thursday, February 06, 2003 3:07 PM
> To: 'MCCALL,DON (HP-USA,ex1)'; samba-technical at lists.samba.org;
> michael_steffens at bbn.exch.hp.com; GILCHRIST,KIM (HP-NewZealand,ex1)
> Subject: RE: Winbind on HPUX 11, some small progress
>
>
> Hi Don,
>
> lrwxrwxrwx 1 root sys 17 Feb 7 09:59
> libnss_winbind.1
> -> li
> bnss_winbind.so
> -r-xr-xr-x 1 bin bin 28672 Jan 24 15:23
> libnss_winbind.so
>
> Same problem, I was all excited there for a moment :o)
>
> Cheers
>
> Miles
>
> -----Original Message-----
> From: MCCALL,DON (HP-USA,ex1) [mailto:don_mccall at hp.com]
> Sent: Friday, 7 February 2003 09:50 a.m.
> To: 'Miles Roper'; MCCALL,DON (HP-USA,ex1);
> samba-technical at lists.samba.org; 'samba at lists.samba.org';
> 'Esh, Andrew';
> 'Ronan Waide'; STEFFENS,MICHAEL (HP-Germany,ex1); 'Richard Sharpe';
> 'John H Terpstra'; GILCHRIST,KIM (HP-NewZealand,ex1)
> Subject: RE: Winbind on HPUX 11, some small progress
>
>
> Hi Miles,
> reading further;
> change you link to the following:
>
> lrwxr-xr-x 1 root sys 46 Aug 27 11:16
> /usr/lib/libnss_winbin
> d.1 -> libnss_winbind.so
>
> We (HP-UX) don't know from .so files...
> So winbind in nsswitch.conf entries is going to trigger looking for a
> libnss_winbind.1
> NOT a libnss_winbind.so.1
>
> See if that doesn't help,
> Don
>
> > -----Original Message-----
> > From: Miles Roper [mailto:mroper at westcoastdhb.org.nz]
> > Sent: Thursday, February 06, 2003 15:41
> > To: 'MCCALL,DON (HP-USA,ex1)'; samba-technical at lists.samba.org;
> > 'samba at lists.samba.org'; 'Esh, Andrew'; 'Ronan Waide';
> > michael_steffens at bbn.exch.hp.com; 'Richard Sharpe'; 'John H
> Terpstra';
> > GILCHRIST,KIM (HP-NewZealand,ex1)
> > Subject: RE: Winbind on HPUX 11, some small progress
> >
> >
> > had the same problem, I thought compiling it from scratch
> may fix it,
> > although I've only just recently worked out how to get the
> > extra debugging
> > from pam, but symptoms were exactly the same.
> >
> > has taken me a long time to work out how to compile it on
> > hpux with gcc, had
> > to change a include file and the configure script, i've
> > included it for you
> > interest :o)
> >
> > in configure find
> >
> > if test $ac_cv_prog_cc_Ae = yes; then
> > BLDSHARED="true"
> > SHLD="/usr/bin/ld"
> > LDSHFLAGS="-B symbolic -b -z"
> > PICFLAG="+z"
> > fi
> >
> > change to
> >
> > #if test $ac_cv_prog_cc_Ae = yes; then
> > BLDSHARED="true"
> > SHLD="/usr/bin/ld"
> > LDSHFLAGS="-B symbolic -b -z"
> > # PICFLAG="+z"
> > #fi
> >
> > find
> > /usr/local/lib/gcc-lib/hppa2.0n-hp-hpux11.00/3.1/include/stdio.h
> > BEFORE
> > extern int snprintf(char *, _hpux_size_t, char *,...);
> > AFTER
> > extern int snprintf(char *, _hpux_size_t, const char *,...);
> >
> > ps, that was quick :o)
> >
> > -----Original Message-----
> > From: MCCALL,DON (HP-USA,ex1) [mailto:don_mccall at hp.com]
> > Sent: Friday, 7 February 2003 09:36 a.m.
> > To: 'Miles Roper'; MCCALL,DON (HP-USA,ex1);
> > samba-technical at lists.samba.org; 'samba at lists.samba.org';
> > 'Esh, Andrew';
> > 'Ronan Waide'; STEFFENS,MICHAEL (HP-Germany,ex1); 'Richard Sharpe';
> > 'John H Terpstra'; GILCHRIST,KIM (HP-NewZealand,ex1)
> > Subject: RE: Winbind on HPUX 11, some small progress
> >
> >
> > Hi Miles,
> > any reason you are compiling it yourself, instead of pulling
> > the depot from
> > the samba ftp site?
> > That is what I am using successfully.
> > Don
> >
> > > -----Original Message-----
> > > From: Miles Roper [mailto:mroper at westcoastdhb.org.nz]
> > > Sent: Thursday, February 06, 2003 15:31
> > > To: 'MCCALL,DON (HP-USA,ex1)'; samba-technical at lists.samba.org;
> > > 'samba at lists.samba.org'; 'Esh, Andrew'; 'Ronan Waide';
> > > michael_steffens at bbn.exch.hp.com; 'Richard Sharpe'; 'John H
> > Terpstra';
> > > GILCHRIST,KIM (HP-NewZealand,ex1)
> > > Subject: RE: Winbind on HPUX 11, some small progress
> > >
> > >
> > > Hi Don,
> > >
> > > Michael Steffens a while back sent me a compiled version of
> > > getent which I
> > > couldn't get to work.
> > >
> > > I compiled your version and it doesn't seem to produce any
> > > result either,
> > > seems to return immeditaly without doing anything.
> > >
> > > ie
> > > coastdr: /mnt/1/samba/test> ./getent passwd WESTCOASTDHB+mroper
> > > coastdr: /mnt/1/samba/test>
> > >
> > > If I run it without any parameters I get a core dump :o)
> > >
> > > Better tell you that I'm compiling winbind with gcc 3.01
> on hpux. I
> > > compiled the getent program you sent me with.
> > >
> > > gcc -c -I. -g -O2 getent.c
> > > gcc -g getent.o -o getent
> > >
> > > >From what you have said it would seem like libnss_winbind.so
> > > itsn't working.
> > > Anyway to get any debug output?
> > >
> > > Here is my /usr/lib/libnss*
> > >
> > > -r-xr-xr-x 1 bin bin 28672 Mar 13 2001
> > > libnss_compat.1
> > > -r-xr-xr-x 1 bin bin 104536 Nov 6 1997
> > libnss_dns.1
> > > -r-xr-xr-x 1 bin bin 40960 Mar 7 2001
> > > libnss_files.1
> > > lrwxrwxrwx 1 root sys 17 Jan 27 09:49
> > > libnss_ldap.1 ->
> > > libns
> > > s_winbind.so
> > > -r-xr-xr-x 1 bin bin 40960 Mar 13 2001
> > libnss_nis.1
> > > -r-xr-xr-x 1 bin bin 57344 Mar 13 2001
> > > libnss_nisplus.1
> > > -r-xr-xr-x 1 bin bin 28672 Jan 24 15:23
> > > libnss_winbind.so
> > > lrwxrwxrwx 1 root sys 17 Jan 27 11:51
> > > libnss_winbind.so.1 ->
> > > libnss_winbind.so
> > > lrwxrwxrwx 1 root sys 17 Oct 15 16:14
> > > libnss_winbind.so.2 ->
> > > libnss_winbind.so
> > >
> > > Here is my /etc/nsswitch.conf
> > >
> > > hosts: dns [NOTFOUND=continue UNAVAIL=continue
> > > TRYAGAIN=continue] files
> > > [N
> > > OTFOUND=return UNAVAIL=continue TRYAGAIN=return]
> > > passwd: files winbind
> > > group: files winbind
> > >
> > > Here is the compile output from libnss_winbind.so
> > >
> > > Compiling nsswitch/winbind_nss.c with -fpic
> > > nsswitch/winbind_nss.c: In function `fill_pwent':
> > > nsswitch/winbind_nss.c:600: warning: passing arg 2 of
> > > `get_static' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c:612: warning: passing arg 2 of
> > > `get_static' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c:629: warning: passing arg 2 of
> > > `get_static' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c:641: warning: passing arg 2 of
> > > `get_static' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c:653: warning: passing arg 2 of
> > > `get_static' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c: In function `fill_grent':
> > > nsswitch/winbind_nss.c:690: warning: passing arg 2 of
> > > `get_static' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c:702: warning: passing arg 2 of
> > > `get_static' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c:728: warning: passing arg 2 of
> > > `get_static' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c:753: warning: passing arg 2 of
> > > `get_static' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c: In function `_nss_winbind_getpwent_r':
> > > nsswitch/winbind_nss.c:870: warning: passing arg 4 of
> > > `fill_pwent' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c: In function `_nss_winbind_getpwuid_r':
> > > nsswitch/winbind_nss.c:920: warning: passing arg 4 of
> > > `fill_pwent' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c:933: warning: passing arg 4 of
> > > `fill_pwent' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c: In function `_nss_winbind_getpwnam_r':
> > > nsswitch/winbind_nss.c:982: warning: passing arg 4 of
> > > `fill_pwent' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c:995: warning: passing arg 4 of
> > > `fill_pwent' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c: In function `_nss_winbind_getgrent_r':
> > > nsswitch/winbind_nss.c:1119: warning: passing arg 5 of
> > > `fill_grent' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c: In function `_nss_winbind_getgrnam_r':
> > > nsswitch/winbind_nss.c:1179: warning: passing arg 5 of
> > > `fill_grent' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c:1193: warning: passing arg 5 of
> > > `fill_grent' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c: In function `_nss_winbind_getgrgid_r':
> > > nsswitch/winbind_nss.c:1242: warning: passing arg 5 of
> > > `fill_grent' from
> > > incompatible pointer type
> > > nsswitch/winbind_nss.c:1256: warning: passing arg 5 of
> > > `fill_grent' from
> > > incompatible pointer type
> > > Compiling nsswitch/winbind_nss_solaris.c with -fpic
> > > Linking nsswitch/libnss_winbind.so
> > >
> > > Any idea where to go from here?
> > >
> > > Cheers
> > >
> > > Miles
> > >
> > > -----Original Message-----
> > > From: MCCALL,DON (HP-USA,ex1) [mailto:don_mccall at hp.com]
> > > Sent: Thursday, 6 February 2003 05:53 a.m.
> > > To: 'Miles Roper'; MCCALL,DON (HP-USA,ex1);
> > > samba-technical at lists.samba.org; 'samba at lists.samba.org';
> > > 'Esh, Andrew';
> > > 'Ronan Waide'; STEFFENS,MICHAEL (HP-Germany,ex1);
> 'Richard Sharpe';
> > > 'John H Terpstra'; GILCHRIST,KIM (HP-NewZealand,ex1)
> > > Subject: RE: Winbind on HPUX 11, some small progress
> > >
> > >
> > > Hi Miles,
> > > This sounds like a
> > > PAM_USER_UNKNOWN 13
> > > error. Which would indicate that winbind daemon did it's job
> > > (ie passed the
> > > username and
> > > password to the password server ,and got validation back that
> > > the user is
> > > authenticated,
> > > but then when it went thru the nsswitch stuff to 'look up'
> > > the user, that
> > > failed.
> > > Kinda wierd. I don't have your original post, but I'm
> > > assuming that you
> > > have
> > > passwd: files winbind
> > > group: files winbind
> > >
> > > in your /etc/nsswitch.conf file
> > > and that you have working links to the winbind nss code
> > > (look something
> > > like this):
> > >
> > > 46 Aug 27 11:16 /usr/lib/libnss_winbind.1 ->
> > > /usr/local/samba/lib/winbind/libnss_winbind.so
> > >
> > >
> > > To verify that your nsswitch code is working compile the
> > > getent.c program I
> > > have attached to this message, and then verify that you can get an
> > > appropriate uid/gid back for a user
> > > defined on your NT password server in the following manner;
> > >
> > > getent passwd <domainname><domainseparator><username>
> > > (for instance on my system, I use '+' as winbind domain
> > > separator, and my
> > > domain is atl-wtec,
> > > so: getent passwd atl-wtec+administrator returns me the
> > > 'passwd' entry
> > > faked up from the
> > > NT domain controller I am a member of.
> > >
> > > Just a thought,
> > > Don
> > >
> > > > -----Original Message-----
> > > > From: Miles Roper [mailto:mroper at westcoastdhb.org.nz]
> > > > Sent: Tuesday, February 04, 2003 21:28
> > > > To: 'MCCALL,DON (HP-USA,ex1)'; samba-technical at lists.samba.org;
> > > > 'samba at lists.samba.org'; 'Esh, Andrew'; 'Ronan Waide';
> > > > michael_steffens at bbn.exch.hp.com; 'Richard Sharpe'; 'John H
> > > Terpstra';
> > > > Kim (E-mail)
> > > > Subject: Winbind on HPUX 11, some small progress
> > > >
> > > >
> > > > Hi All,
> > > >
> > > > Well, i've managed to enable some debugging in syslog, I
> > > had to put in
> > > > /etc/syslog.conf
> > > >
> > > > ;*.debug
> > > >
> > > > on the syslog line.
> > > >
> > > > So at least I have an error which is being returned into
> > syslog from
> > > > winbind.
> > > >
> > > > This is what I get from winbind
> > > >
> > > > Feb 4 21:13:17 coastdr pam_winbind[20753]: Verify user `lonnie'
> > > > Feb 4 21:13:18 coastdr pam_winbind[20753]: user 'lonnie'
> > > > granted acces
> > > > Feb 4 21:13:18 coastdr pam_winbind[20753]: LOGIN: exiting
> > > > with return code
> > > > 13
> > > >
> > > > This is what I get from pamsmb (ignore the dates, they are a
> > > > bit funny for
> > > > some reason)
> > > >
> > > > Feb 5 14:53:55 coastdr pamsmbd[20119]: server: remote auth user
> > > > unix:trainingus
> > > > er nt:traininguser NTDOM:WESTCOASTDHB PDC:COASTDB BDC:
> > > > Feb 5 14:53:55 coastdr pamsmbd[20119]: cache_add:
> inserted entry
> > > > Feb 4 20:53:55 coastdr : pamsmbd: Got something back... 0
> > > > Feb 4 20:53:55 coastdr : pam_smb: got back 0 username
> > traininguser
> > > > Feb 4 20:53:55 coastdr : LOGIN: exiting with return code 13
> > > >
> > > > So the error with pamsmb and winbind is the same. I've done
> > > > a man on login
> > > > and can only find a description of errors, not the error
> > > > codes. What is
> > > > error code 13? If I can find that out it will make looking
> > > > for it a bit
> > > > easier. I thought it might be that the shell doens't exist,
> > > > but I tried
> > > > making a user with a invalid shell and get back error code 1,
> > > > so its not
> > > > that.
> > > >
> > > > Ideas?
> > > >
> > > > Cheers
> > > >
> > > > Miles
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: Miles Roper
> > > > Sent: Monday, 3 February 2003 08:54 a.m.
> > > > To: 'MCCALL,DON (HP-USA,ex1)'
> > > > Cc: 'samba-technical at lists.samba.org';
> > 'samba at lists.samba.org'; Esh,
> > > > Andrew; Ronan Waide; STEFFENS,MICHAEL (HP-Germany,ex1); 'Richard
> > > > Sharpe'; 'John H Terpstra'
> > > > Subject: RE: [Samba] RE: Winbind on HPUX11, Totally Stuck,
> > > Please Help
> > > >
> > > >
> > > > Thanks for your help, still no luck though. More info for you.
> > > >
> > > > with no debug statements in my /etc/pam.conf I get in sys log
> > > > the following.
> > > >
> > > > Feb 2 14:43:02 coastdr pam_winbind[2832]: user
> > > > 'traininguser' granted acces
> > > >
> > > > with debug turned on I get
> > > >
> > > > Feb 2 14:47:49 coastdr pam_winbind[2839]: Verify user
> > > `traininguser'
> > > > Feb 2 14:47:49 coastdr pam_winbind[2839]: user
> > > > 'traininguser' granted acces
> > > >
> > > > the user is still logging out.
> > > >
> > > > incidentlally, when I log in as a unix user, rather than a
> > > > win2k user I
> > > > don't get anything in sys log. I've included my pam.conf below.
> > > >
> > > > Also, I checked for /etc/shells, no such file, and I have set
> > > > my smb.conf
> > > > shell line to
> > > >
> > > > template shell = /sbin/sh
> > > >
> > > > and also tried
> > > >
> > > > template shell = /usr/bin/sh
> > > >
> > > > both files exist.
> > > >
> > > > #
> > > > # PAM configuration
> > > > #
> > > > # Authentication management
> > > > #
> > > > login auth sufficient
> > > /usr/lib/security/libpam_unix.1 debug
> > > > login auth sufficient
> /usr/lib/security/libpam_winbind.1
> > > > debug
> > > > #login auth sufficient
> > > /usr/lib/security/libpam_smb.1 nolocal
> > > > debug
> > > > su auth required /usr/lib/security/libpam_unix.1 debug
> > > > dtlogin auth required /usr/lib/security/libpam_unix.1 debug
> > > > dtaction auth required /usr/lib/security/libpam_unix.1 debug
> > > > ftp auth required /usr/lib/security/libpam_unix.1 debug
> > > > OTHER auth required /usr/lib/security/libpam_unix.1 debug
> > > > #
> > > > # Account management
> > > > #
> > > > login account sufficient
> > > /usr/lib/security/libpam_unix.1 debug
> > > > login account sufficient
> /usr/lib/security/libpam_winbind.1
> > > > debug
> > > > su account required
> > > /usr/lib/security/libpam_unix.1 debug
> > > > dtlogin account required
> > > /usr/lib/security/libpam_unix.1 debug
> > > > dtaction account required
> > > /usr/lib/security/libpam_unix.1 debug
> > > > ftp account required
> > > /usr/lib/security/libpam_unix.1 debug
> > > > #
> > > > OTHER account required
> > > /usr/lib/security/libpam_unix.1 debug
> > > > #
> > > > # Session management
> > > > #
> > > > login session sufficient
> > > /usr/lib/security/libpam_unix.1 debug
> > > > login session sufficient
> /usr/lib/security/libpam_winbind.1
> > > > debug
> > > > dtlogin session required
> > > /usr/lib/security/libpam_unix.1 debug
> > > > dtaction session required
> > > /usr/lib/security/libpam_unix.1 debug
> > > > OTHER session required
> > > /usr/lib/security/libpam_unix.1 debug
> > > > #
> > > > # Password management
> > > > #
> > > > login password sufficient
> > > /usr/lib/security/libpam_unix.1 debug
> > > > login password sufficient
> /usr/lib/security/libpam_winbind.1
> > > > debug
> > > > passwd password required
> > > /usr/lib/security/libpam_unix.1 debug
> > > > passwd password required
> /usr/lib/security/libpam_winbind.1
> > > > debug
> > > > dtlogin password required
> > > /usr/lib/security/libpam_unix.1 debug
> > > > dtaction password required
> > > /usr/lib/security/libpam_unix.1 debug
> > > > OTHER password required
> > > /usr/lib/security/libpam_unix.1 debug
> > > >
> > > > Cheers
> > > >
> > > > Miles
> > > >
> > > > -----Original Message-----
> > > > From: MCCALL,DON (HP-USA,ex1) [mailto:don_mccall at hp.com]
> > > > Sent: Saturday, 1 February 2003 04:53 a.m.
> > > > To: 'John H Terpstra'; Miles Roper
> > > > Cc: 'samba-technical at lists.samba.org';
> > 'samba at lists.samba.org'; Esh,
> > > > Andrew; Ronan Waide; STEFFENS,MICHAEL (HP-Germany,ex1);
> MCCALL,DON
> > > > (HP-USA,ex1); 'Richard Sharpe'
> > > > Subject: RE: [Samba] RE: Winbind on HPUX11, Totally Stuck,
> > > Please Help
> > > >
> > > >
> > > > Hi, Miles,
> > > > Actually on HP-UX, you will need to add the word 'debug' at
> > > > the end of each
> > > > of
> > > > the lines in you /etc/pam.conf file, to enable more debugging
> > > > to go into the
> > > >
> > > > /var/adm/syslog/syslog.log file.
> > > >
> > > > One thing that I have seen something like this happen on
> > is if the
> > > > /etc/shells file is corrupt, or if the shell that is defined
> > > > for the user
> > > > (since they don't have a /etc/passwd entry, this would be
> > > > whatever you put
> > > > in
> > > > template in the smb.conf) does not exactly match one of
> > the lines in
> > > > /etc/shells,
> > > > or the defaults, if this file does not exist.
> > > > The defaults for 11.0 are:
> > > >
> > > >
> > > >
> > > > /sbin/sh
> > > > /usr/bin/sh
> > > > /usr/bin/rsh
> > > > /usr/bin/ksh
> > > > /usr/bin/rksh
> > > > /usr/bin/csh
> > > > /usr/bin/keysh
> > > >
> > > > Hope this helps,
> > > > Don
> > > > > -----Original Message-----
> > > > > From: John H Terpstra [mailto:jht at samba.org]
> > > > > Sent: Friday, January 31, 2003 1:36
> > > > > To: Miles Roper
> > > > > Cc: 'samba-technical at lists.samba.org';
> > > 'samba at lists.samba.org'; Esh,
> > > > > Andrew; Ronan Waide; STEFFENS,MICHAEL (HP-Germany,ex1);
> > > 'MCCALL,DON
> > > > > (HP-USA,ex1)'; 'Richard Sharpe'
> > > > > Subject: RE: [Samba] RE: Winbind on HPUX11, Totally Stuck,
> > > > Please Help
> > > > >
> > > > >
> > > > > On Fri, 31 Jan 2003, Miles Roper wrote:
> > > > >
> > > > > > Hi Everyone,
> > > > > >
> > > > > > I'm forgetting about the password one at the moment, thanks
> > > > > for all your
> > > > > > input :o)
> > > > > >
> > > > > > I still don't have a clue how to solve my main problem.
> > > > > I'm assuming that
> > > > > > its not actually winbind related now, as I've recently
> > > > > tried pam_smb and get
> > > > > > the same basic problem.
> > > > > >
> > > > > > Basically, when I log into the UNIX box, the
> > > > > username/password of a NT user
> > > > > > is being authenticated, but doesn't actually log in. It
> > > > > doesn't get past
> > > > > > the password line. I know it accepts the password. Its
> > > > > almost as if it
> > > > > > can't find the shell. But the template variable is set
> > > > > within the smb.conf
> > > > > > file. Permissions are fine. I have exactly the same
> > > > > problem with the
> > > > > > pam_smb module.
> > > > >
> > > > > So what does PAM report into your /var/log files?
> > > > >
> > > > > Have you tried adding to each line in your /etc/pam.d/login
> > > > > (after the .so
> > > > > file name) the word 'audit' - this will increase the volume
> > > > > of debugging
> > > > > info spit out into /var/log/messages, or wherever PAM send
> > > > > this on your
> > > > > distro.
> > > > >
> > > > > - John T.
> > > > >
> > > > > >
> > > > > > If there is any further information I can send let me know.
> > > > > >
> > > > > > Ideas?
> > > > > >
> > > > > > Thanks
> > > > > >
> > > > > > Miles
> > > > > >
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: MCCALL,DON (HP-USA,ex1) [mailto:don_mccall at hp.com]
> > > > > > Sent: Friday, 31 January 2003 07:06 a.m.
> > > > > > To: STEFFENS,MICHAEL (HP-Germany,ex1); Ronan Waide
> > > > > > Cc: 'samba at lists.samba.org'; Esh, Andrew; Miles Roper;
> > > > > > 'samba-technical at lists.samba.org'; 'Richard Sharpe'
> > > > > > Subject: RE: [Samba] RE: Winbind on HPUX11, Totally Stuck,
> > > > > Please Help
> > > > > >
> > > > > >
> > > > > > Hi Everyone,
> > > > > > This whole problem with the password command not working
> > > > > when winbind
> > > > > > is included as a method in the nsswitch.conf can probably
> > > > > be worked around
> > > > > > by simply using the -r files (or -r nis or -r nisplus)
> > > > > switch. Take a look
> > > > > > at the man page for passwd on HP-UX 11.x and see if this
> > > > > won't help you
> > > > > > out.
> > > > > > Hope this helps,
> > > > > > Don
> > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Michael Steffens [mailto:michael.steffens at hp.com]
> > > > > > > Sent: Tuesday, January 28, 2003 11:52
> > > > > > > To: Ronan Waide
> > > > > > > Cc: 'samba at lists.samba.org'; Esh, Andrew; Miles Roper;
> > > > > > > 'samba-technical at lists.samba.org'; 'Richard Sharpe'
> > > > > > > Subject: Re: [Samba] RE: Winbind on HPUX11, Totally
> > > > > Stuck, Please Help
> > > > > > >
> > > > > > >
> > > > > > > Ronan Waide wrote:
> > > > > > > > On January 28, Andrew_Esh at adaptec.com said:
> > > > > > > >
> > > > > > > >>I don't have HPUX, so I don't know what to suggest for
> > > > > > > that. I just know
> > > > > > > >>getent won't work without winbindd in nsswitch.conf
> > > on Linux.
> > > > > > > >
> > > > > > > >
> > > > > > > > I think the point that was being made is that
> NSS support
> > > > > > > on HPUX only
> > > > > > > > supports a few known types, of which one is LDAP. The
> > > > > discussion was
> > > > > > > > basically about faking out the system so that what it
> > > > > thinks is LDAP
> > > > > > > > is actually winbind.
> > > > > > >
> > > > > > > Yep. It's a HP-UX specific workaround. Please ignore it
> > > > > > > everywhere else.
> > > > > > >
> > > > > > > Michael
> > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > > > --
> > > > > John H Terpstra
> > > > > Email: jht at samba.org
> > > > >
> > > >
> > >
> >
>
More information about the samba-technical
mailing list