Winbind, RedHat 7.1, Pam 0.74-22 ohh so close to working

Andrew Bartlett abartlet at pcug.org.au
Tue Oct 23 14:24:23 GMT 2001


Adam Ranville wrote:
> 
> Hello,
> 
>         I've attached the config that I was trying to use along with my
> original file.
> 
>         I can access a share without domain\username and it works fine. Do I
> require domain\(or +) username for telnet? I have tried that as well.
> 
>         With the attempted system-auth it would kick me out right after
> entering the login. It doesn't even prompt for a password. (single user got
> me out of it).
> 
> Thanks for the help,
> 
> Adam
> 
> attempted /etc/pam.d/system-auth:
> 
> auth      sufficient    /lib/security/pam_winbind.so
> auth        sufficient    /lib/security/pam_unix.so likeauth nullok md5
> shadow use_first_pass
> auth        required      /lib/security/pam_deny.so
> account     sufficient    /lib/security/pam_unix.so
> account     required      /lib/security/pam_deny.so
> account     required      /lib/security/pam_winbind.so

Put this ABOVE pam_deny.  pam_winbind is never even being checked, as
logins are already denied.  Make it look like the pam_unix line

> password    required      /lib/security/pam_cracklib.so retry=3
> password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5
> shadow
> password    required      /lib/security/pam_deny.so
> session     required      /lib/security/pam_limits.so
> session     required      /lib/security/pam_unix.so
> 
> original /etc/pam.d/system-auth:
> 
> auth        required      /lib/security/pam_env.so
> auth        sufficient    /lib/security/pam_unix.so likeauth nullok
> auth        required      /lib/security/pam_deny.so
> 
> account     required      /lib/security/pam_unix.so
> 
> password    required      /lib/security/pam_cracklib.so retry=3
> password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5
> shadow
> password    required      /lib/security/pam_deny.so
> 
> session     required      /lib/security/pam_limits.so
> session     required      /lib/security/pam_unix.so
> instructions:  http://lists.samba.org/mailman/listinfo/samba

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Samba Team member, Build Farm maintainer        abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net




More information about the samba mailing list