[Samba] Cant Log Into Terminal Using Winbind
Joe Giles
jgiles at joeman1.com
Tue Jul 9 15:39:19 GMT 2002
Ok, I put it in my sshd and login file like this
SSHD:
#%PAM-1.0
auth sufficient /lib/security/pam_winbind.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_mkhomedir.so skel=/etc/skel umask=0022
session required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_limits.so
session optional /lib/security/pam_console.so
LOGIN:
#%PAM-1.0
auth sufficient /lib/security/pam_winbind.so
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_mkhomedir.so skel=/etc/skel umask=0022
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so
(NOTE: There is a Line Wrap. The mkhomedir.so line in ONE line in the cfg file)
and Im getting this error in the secure log:
Jul 9 15:59:47 alblinux sshd[6580]: Accepted password for ALBDOMNT+username from 166.41.179.82 port 3017
Jul 9 15:59:47 alblinux sshd[6580]: fatal: PAM session setup failed[6]: Permission denied
Any Thoughts?
Thanks
Joe
> I don't think the template homedir creates the directory for you.
>
> One option is to have to use PAM, I've never done that before but the
> module name is pam_mkhomedir.
>
> You probably add something like:
>
> session required /lib/security/pam_mkhomedir.so
> skel=/path/to/skel/files
>
> Let me know if it works.
>
> Good Luck,
>
> Josh
>
>
> -----Original Message-----
> From: Joe Giles [mailto:jgiles at joeman1.com]
> Sent: Tuesday, July 09, 2002 1:42 PM
> To: Konkol, Josh; 'Joe Giles'; samba at lists.samba.org
> Subject: RE: [Samba] Cant Log Into Terminal Using Winbind
>
>
> Actually, it is working now.. You are a god :)
>
> But, How can I get it to create the template directories. I have it set in
> the smb.conf file like this:
>
> template homedir = /home/winnt/%D/%U
> template shell = /bin/bash
>
> But when I log it it says this:
>
> Could not chdir to home directory /home/winnt/MCIDOMNT/username: No such
> file or directory
> bash-2.05a$
>
> Thanks
>
> Joe
>
> > Move:
> >
> > auth sufficient /lib/security/pam_winbind.so
> >
> > to the top of the auth stack and it should work
> > Josh
> >
> > -----Original Message-----
> > From: Joe Giles [mailto:jgiles at joeman1.com]
> > Sent: Tuesday, July 09, 2002 1:00 PM
> > To: samba at lists.samba.org
> > Subject: [Samba] Cant Log Into Terminal Using Winbind
> >
> >
> > List,
> >
> > I am unable to log into a terminal using Winbind service. I have the login
> > file correctly modifyed and nsswitch too. I have the 2.2.5 version of
> SAMBA
> > with the new winbind. SAMBA shares work great, so I think it is something
> > else. I get this error in the messages log:
> >
> > Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: check pass; user unknown
> > Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: authentication failure;
> > logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=...
> > Jul 9 11:46:01 alblinux pam_winbind[5463]: user 'MCIDOMNT+username'
> granted
> > acces
> > Jul 9 11:46:09 alblinux sshd(pam_unix)[5463]: check pass; user unknown
> >
> >
> > Here is the login file :
> >
> > #%PAM-1.0
> > auth required /lib/security/pam_securetty.so
> > auth required /lib/security/pam_stack.so service=system-auth
> > auth sufficient /lib/security/pam_winbind.so
> > auth required /lib/security/pam_nologin.so
> > account sufficient /lib/security/pam_winbind.so
> > account required /lib/security/pam_stack.so service=system-auth
> > password required /lib/security/pam_stack.so service=system-auth
> > session required /lib/security/pam_stack.so service=system-auth
> > session optional /lib/security/pam_console.so
> >
> > Any Help would be great. Also, all the .so files are inplace and correctly
> > linked. Again, SAMBA shars works great using domain access.
> >
> > Joe Giles
> > jgiles at joeman1.com
> > AOL ID: mcigiles
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: http://lists.samba.org/mailman/listinfo/samba
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: http://lists.samba.org/mailman/listinfo/samba
> >
>
>
>
> Joe Giles
> jgiles at joeman1.com
> AOL ID: mcigiles
>
Joe Giles
jgiles at joeman1.com
AOL ID: mcigiles
More information about the samba
mailing list