Winbind/RH7.1...More Help

Winston Nimchan Winston_Nimchan at
Fri Oct 19 12:08:02 GMT 2001

Tried all the suggestions and still can't see my domain users/groups
with getent
secret is good and message has nothing abnormal bout PAM


-----Original Message-----
From: Sean Trammell [mailto:strammell at]
Sent: Friday, October 19, 2001 10:54 AM
To: Winston Nimchan
Cc: samba at
Subject: Re: Winbind/RH7.1...More Help

That is most likely a PAM problem, you need to create/modify a file at:

so that authentication will work against your domain (only for the
samba service, logging into your linux computer is a different
service).  Be very careful with PAM, you can lock yourself out of your
machine if it is misconfigured.  For example, my /etc/pam.d/samba file
looks like this:

auth            required        /lib/security/
auth            required        /lib/security/
auth            sufficient      /lib/security/
auth            required        /lib/security/ use_first_pass
shadow nullok
account         required        /lib/security/
session         required        /lib/security/
password        required        /lib/security/

Check to make sure that PAM is configured correctly for samba here,
and then you can check the error log at /var/log/messages for any
errors relating to PAM if it still won't work.  Also make sure
that the pam module is in place in /lib/security.

Login is a separate module (not samba), you would need to modify
another module config to do that.


Winston Nimchan wrote:
> The winbind now getent passwd & groups returns the domain
> users/groups
> What should be the next step? my clients (Win2K & Win9x) are still
> prompting for a password and I cannot login to my linux box using
> DOMAIN*domainuser.
> Must I add each domain user as a user on the linux box?
> Regards

More information about the samba mailing list