Winbind, RedHat 7.1, Pam 0.74-22 ohh so close to working

Anthony J. Breeds-Taurima tony at cantech.net.au
Mon Oct 22 18:01:52 GMT 2001


On Mon, 22 Oct 2001, Adam Ranville wrote:

> Hello,
>
> 	I have gone through the howto provided but I am not yet able to
> logon to my linux box using NT4 domain accounts. I can however authenticate
> to restricted shares and I can obtain groups and users via "getent" and
> "wbinfo -u". All I really need now is a working /etc/pam.d/login. I've tried
> examples from the howto as with others from the mailing list but I can not
> seem to get the needed results.
>
> This is a redhat 7.1 install with version 2.2.2 of samba( ./configure
> --with-winbind --with-pam). I've provided my /etc/pam.d/login below and my
> smb.conf.  Any help would be much appreciated.
>
> Thanks in advance,
>
> Adam
> /etc/pam.d/login:
>
> #%PAM-1.0
> auth       required     /lib/security/pam_securetty.so
> auth       required     /lib/security/pam_stack.so service=system-auth
> auth       required     /lib/security/pam_nologin.so
> account    required     /lib/security/pam_stack.so service=system-auth
> password   required     /lib/security/pam_stack.so service=system-auth
> session    required     /lib/security/pam_stack.so service=system-auth
> session    optional     /lib/security/pam_console.so


Can we see the dat in /etc/pam.d/system-auth.  You're statcking the
aith sysytem from there so thats the fil we need to see.

#%PAM-1.0
auth       required     /lib/security/pam_securetty.so
auth       required     /lib/security/pam_stack.so service=system-auth
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth
session    optional     /lib/security/pam_console.so


Also check  that thses files exist.
-rwxr-xr-x   1 root     root        14921 Sep 10 14:11 /lib/libnss_winbind.so
lrwxrwxrwx   1 root     root           17 Sep  4 13:44 /lib/libnss_winbind.so.2 -> libnss_winbind.so
-rwxr-xr-x   1 root     root        13838 Sep 10 14:12 /lib/security/pam_winbind.so


> /usr/local/samba/lib/smb.conf:

<snip>

Looks fine to me.

When you logon to the console makesure you login as:
DOMAIN\user  NOT user

You will probably see errors in the login process as the domain seperator '\'
has special meaning.  Many people recomend a '+' instead.

Yours Tony.

/*
 * "The significant problems we face cannot be solved at the
 * same level of thinking we were at when we created them."
 * --Albert Einstein
 */





More information about the samba mailing list