Pam question

Rogelio J. Baucells rogelio at
Mon Sep 17 08:06:02 GMT 2001

Hello Gustavo

You need to change the pam files of the services you want to auth using
winbindd. For example if you want to allo users to login using telnet,
you need to change the '/etc/pam.d/login' file. If you are using RedHat
linux there is a system-auth file that is used by all services. I
modified this file because I wanted to auth all services using winbind
(my modification to this file is posted in a thread called 'Winbindd --
before I send a bug report'). Test your service while you are logged in
the console, because if you modify a file you are using to log in
(login, sshd) and there is a problem with winbind, you wont be able to
log in again.

Rogelio J. Baucells

-----Original Message-----
From: Michels, Gustavo [EES/BR]
[mailto:gustavo.michels at]
Sent: Monday, September 17, 2001 10:28 AM
To: samba at
Subject: Pam question

Hello people,

Maybe a simple question, but I can't find any info on the list or the
manpages about this.

I am using the latest samba_2_2 cvs code in linux with winbind working
perfectly. The samba server will act as a file/print server, so the
just need to be authenticated by the NT PDC.

The winbind manpage says to add these entries in /etc/pam.d/*

auth        required    /lib/security/
auth        required    /lib/security/
auth        required    /lib/security/
auth        required    /lib/security/ use_first_pass shadow
account     required    /lib/security/

My question is exactly which file  is this '*' in my case. Which one(s)
should be added/changed in /etc/pam.d? I tried adding a 'samba' file
these entries as well as using a 'passwd' file with the same entries and
both work. I'd just like to know which one am I supposed to use, or
another one.



To unsubscribe from this list go to the following URL and read the

More information about the samba mailing list