Winbind, RedHat 7.1, Pam 0.74-22 ohh so close to working
Anthony J. Breeds-Taurima
tony at cantech.net.au
Mon Oct 22 18:01:52 GMT 2001
On Mon, 22 Oct 2001, Adam Ranville wrote:
> I have gone through the howto provided but I am not yet able to
> logon to my linux box using NT4 domain accounts. I can however authenticate
> to restricted shares and I can obtain groups and users via "getent" and
> "wbinfo -u". All I really need now is a working /etc/pam.d/login. I've tried
> examples from the howto as with others from the mailing list but I can not
> seem to get the needed results.
> This is a redhat 7.1 install with version 2.2.2 of samba( ./configure
> --with-winbind --with-pam). I've provided my /etc/pam.d/login below and my
> smb.conf. Any help would be much appreciated.
> Thanks in advance,
> auth required /lib/security/pam_securetty.so
> auth required /lib/security/pam_stack.so service=system-auth
> auth required /lib/security/pam_nologin.so
> account required /lib/security/pam_stack.so service=system-auth
> password required /lib/security/pam_stack.so service=system-auth
> session required /lib/security/pam_stack.so service=system-auth
> session optional /lib/security/pam_console.so
Can we see the dat in /etc/pam.d/system-auth. You're statcking the
aith sysytem from there so thats the fil we need to see.
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so
Also check that thses files exist.
-rwxr-xr-x 1 root root 14921 Sep 10 14:11 /lib/libnss_winbind.so
lrwxrwxrwx 1 root root 17 Sep 4 13:44 /lib/libnss_winbind.so.2 -> libnss_winbind.so
-rwxr-xr-x 1 root root 13838 Sep 10 14:12 /lib/security/pam_winbind.so
Looks fine to me.
When you logon to the console makesure you login as:
DOMAIN\user NOT user
You will probably see errors in the login process as the domain seperator '\'
has special meaning. Many people recomend a '+' instead.
* "The significant problems we face cannot be solved at the
* same level of thinking we were at when we created them."
* --Albert Einstein
More information about the samba