Winbind, RedHat 7.1, Pam 0.74-22 ohh so close to working

Adam Ranville adam at mks.com
Wed Oct 24 09:44:03 GMT 2001


	Well that seems to have moved me one step closer. I now get a
positive authentication not in /var/messages but it just hangs after I input
the password. Missing a home directory? Invalid shell maybe? I checked the
logs and I've been getting nothing negative.

Almost there...

Adam

tail /var/log/messages:
	Oct 24 12:36:19 hqnis1 pam_winbind[1552]: user 'MKS\adam' granted
acces  


/etc/pam.d/system-auth:

auth      sufficient    /lib/security/pam_winbind.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok md5
shadow use_first_pass
auth        required      /lib/security/pam_deny.so
account     sufficient    /lib/security/pam_unix.so
account     sufficient  /lib/security/pam_winbind.so
account     required      /lib/security/pam_deny.so
password    required      /lib/security/pam_cracklib.so retry=3
password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5
shadow
password    required      /lib/security/pam_deny.so
session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so


-----Original Message-----
From: Anthony J. Breeds-Taurima [mailto:tony at cantech.net.au]
Sent: Tuesday, October 23, 2001 10:00 PM
To: Adam Ranville
Cc: Samba (E-mail)
Subject: RE: Winbind, RedHat 7.1, Pam 0.74-22 ohh so close to working


On Tue, 23 Oct 2001, Adam Ranville wrote:

> original file. 

Thanks.
 
> 	I can access a share without domain\username and it works fine. Do I
> require domain\(or +) username for telnet? I have tried that as well. 

Yes you will need to login as:
DOMAIN\user   (or DOMAIN+user)
 
> 	With the attempted system-auth it would kick me out right after
> entering the login. It doesn't even prompt for a password. (single user
got
> me out of it).
> 
> Thanks for the help,
> 
> Adam
> 
> attempted /etc/pam.d/system-auth:

<snip>

> account     required      /lib/security/pam_deny.so
> account     required      /lib/security/pam_winbind.so

Like Andrew said swap these 2 lines and you should be happy.

Yours Tony.

/*
 * "The significant problems we face cannot be solved at the 
 * same level of thinking we were at when we created them."
 * --Albert Einstein
 */




More information about the samba mailing list