Winbind/RH7.1...More Help

Rafael rafiros at
Fri Oct 19 11:35:06 GMT 2001

        Thank you all for your help, but unfortunally it didn't work.
        If anyone got any idea, please help me because this problem it's
driving me crazy.


----- Original Message -----
From: "Rogelio J. Baucells" <rogelio at>
To: "Rafael" <rafiros at>
Sent: Friday, October 19, 2001 1:52 PM
Subject: RE: Winbind/RH7.1...More Help

Hello Rafael

I have not read other messages you sent to the list, but I am going to
give you the configuration I am using in my RH7.1 box.

First you have to install samba with PAM enambled (./configure
--with-pam) or install a RPM package compiled with that option.

Then you have to modify the /etc/nsswitch.conf file to add winbind to
passwd: files winbind
group: files winbind

Once you have done that you need to modify the pam configuration files
for the services you want to use winbind to authenticate users. I
modified the system-auth file (it is used by all services in a RedHat
box). If you want to do the same use the file attached to this email.

Be sure before you log out the box that you can log into with an account
that has root access(su), in case something goes wrong.

Rogelio J.

-----Original Message-----
From: Rafael [mailto:rafiros at]
Sent: Friday, October 19, 2001 12:27 PM
To: Sean Trammell
Cc: samba at
Subject: Re: Winbind/RH7.1...More Help

    I'm with the same problem and i only can get access to my samba
with i stop the winbind service.
    Does anyone know the right configuration of pam so that with winbind
running i can get access to samba and login to the linux box?


----- Original Message -----
From: "Sean Trammell" <strammell at>
To: "Winston Nimchan" <Winston_Nimchan at>
Cc: <samba at>
Sent: Friday, October 19, 2001 11:53 AM
Subject: Re: Winbind/RH7.1...More Help

> That is most likely a PAM problem, you need to create/modify a file
> /etc/pam.d/samba
> so that authentication will work against your domain (only for the
> samba service, logging into your linux computer is a different
> service).  Be very careful with PAM, you can lock yourself out of your
> machine if it is misconfigured.  For example, my /etc/pam.d/samba file
> looks like this:
> auth            required        /lib/security/
> auth            required        /lib/security/
> auth            sufficient      /lib/security/
> auth            required        /lib/security/
shadow nullok
> account         required        /lib/security/
> session         required        /lib/security/
> password        required        /lib/security/
> Check to make sure that PAM is configured correctly for samba here,
> and then you can check the error log at /var/log/messages for any
> errors relating to PAM if it still won't work.  Also make sure
> that the pam module is in place in /lib/security.
> Login is a separate module (not samba), you would need to modify
> another module config to do that.
> -Sean
> Winston Nimchan wrote:
> >
> > The winbind now getent passwd & groups returns the domain
> > users/groups
> >
> > What should be the next step? my clients (Win2K & Win9x) are still
> > prompting for a password and I cannot login to my linux box using
> > DOMAIN*domainuser.
> >
> > Must I add each domain user as a user on the linux box?
> >
> > Regards
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:

To unsubscribe from this list go to the following URL and read the

More information about the samba mailing list