Pam question

[Rogelio J. Baucells]

Hello Gustavo

You need to change the pam files of the services you want to auth using
winbindd. For example if you want to allo users to login using telnet,
you need to change the '/etc/pam.d/login' file. If you are using RedHat
linux there is a system-auth file that is used by all services. I
modified this file because I wanted to auth all services using winbind
(my modification to this file is posted in a thread called 'Winbindd --
before I send a bug report'). Test your service while you are logged in
the console, because if you modify a file you are using to log in
(login, sshd) and there is a problem with winbind, you wont be able to
log in again.

Rogelio J. Baucells

-----Original Message-----
From: Michels, Gustavo [EES/BR]
[mailto:gustavo.michels at emersonenergy.com]
Sent: Monday, September 17, 2001 10:28 AM
To: samba at lists.samba.org
Subject: Pam question


Hello people,

Maybe a simple question, but I can't find any info on the list or the
manpages about this.

I am using the latest samba_2_2 cvs code in linux with winbind working
perfectly. The samba server will act as a file/print server, so the
users
just need to be authenticated by the NT PDC.

The winbind manpage says to add these entries in /etc/pam.d/*

auth        required    /lib/security/pam_securetty.so
auth        required    /lib/security/pam_nologin.so
auth        required    /lib/security/pam_winbind.so
auth        required    /lib/security/pam_pwdb.so use_first_pass shadow
nullok
account     required    /lib/security/pam_winbind.so

My question is exactly which file  is this '*' in my case. Which one(s)
should be added/changed in /etc/pam.d? I tried adding a 'samba' file
with
these entries as well as using a 'passwd' file with the same entries and
both work. I'd just like to know which one am I supposed to use, or
maybe
another one.

Thanks!

Cheers
Gustavo

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba