Winbind, RedHat 7.1, Pam 0.74-22 ohh so close to working
Andrew Bartlett
abartlet at pcug.org.au
Tue Oct 23 14:24:23 GMT 2001
Adam Ranville wrote:
>
> Hello,
>
> I've attached the config that I was trying to use along with my
> original file.
>
> I can access a share without domain\username and it works fine. Do I
> require domain\(or +) username for telnet? I have tried that as well.
>
> With the attempted system-auth it would kick me out right after
> entering the login. It doesn't even prompt for a password. (single user got
> me out of it).
>
> Thanks for the help,
>
> Adam
>
> attempted /etc/pam.d/system-auth:
>
> auth sufficient /lib/security/pam_winbind.so
> auth sufficient /lib/security/pam_unix.so likeauth nullok md5
> shadow use_first_pass
> auth required /lib/security/pam_deny.so
> account sufficient /lib/security/pam_unix.so
> account required /lib/security/pam_deny.so
> account required /lib/security/pam_winbind.so
Put this ABOVE pam_deny. pam_winbind is never even being checked, as
logins are already denied. Make it look like the pam_unix line
> password required /lib/security/pam_cracklib.so retry=3
> password sufficient /lib/security/pam_unix.so nullok use_authtok md5
> shadow
> password required /lib/security/pam_deny.so
> session required /lib/security/pam_limits.so
> session required /lib/security/pam_unix.so
>
> original /etc/pam.d/system-auth:
>
> auth required /lib/security/pam_env.so
> auth sufficient /lib/security/pam_unix.so likeauth nullok
> auth required /lib/security/pam_deny.so
>
> account required /lib/security/pam_unix.so
>
> password required /lib/security/pam_cracklib.so retry=3
> password sufficient /lib/security/pam_unix.so nullok use_authtok md5
> shadow
> password required /lib/security/pam_deny.so
>
> session required /lib/security/pam_limits.so
> session required /lib/security/pam_unix.so
> instructions: http://lists.samba.org/mailman/listinfo/samba
--
Andrew Bartlett abartlet at pcug.org.au
Samba Team member, Build Farm maintainer abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba
mailing list