[Samba] PAM.d files other general knowledge
Pierce, Shawn D
shawn.d.pierce at intel.com
Tue Jul 9 23:40:03 GMT 2002
In the installation docs it says to edit the /etc/pam.d/* files. I took this
to mean only to edit the /etc/pam.d/samba file. I have noticed that people
have been editing the SAMBA file, /etc/pam.d/login and
/etc/pam.d/system-auth.
Here is my Samba file :
#%PAM-1.0
auth sufficient /lib/security/pam_winbind.so
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so
It seems to work I can log into my Samba share with users from my DOMAIN and
Trusted domains but, not always right away. One account I must have tried a
100 times but it didn't work until I used the wbinfo -a USER%PASSWORD. Other
accounts worked the first time through.
I also have the /homes/winnt directory specified in the smb.conf file but
there are never any directories for users created in there. Do I need a
expanded [HOMES] section in my smb.conf? Or am I missing another parameter?
I believe I ave a rather basic smb.conf file as well are there things that
are critical that I would be missing from this file?
[global]
winbind uid = 10000-20000
encrypt passwords = yes
template shell = /bin/bash
socket options = TCP_NODELAY
template homedir = /home/winnt/%D/%U
winbind cache time = 10
max log size = 25
password server = 172.31.1.38
security = domain
winbind separator = +
winbind gid = 10000-20000
log level = 4
server string = AzSort Samba linux
workgroup = mfg
netbios name = %h
log file = /var/log/log.%m
netbios aliases = %h
[homes]
comment = Home Directories
browseable = yes
writable = yes
# Un-comment the following and create the netlogon directory for Domain
Logons
; [netlogon]
; comment = Network Logon Service
; path = /usr/local/samba/lib/netlogon
; guest ok = yes
; writable = no
; share modes = no
# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
;[Profiles]
; path = /usr/local/samba/profiles
; browseable = no
; guest ok = yes
# NOTE: If you have a BSD-style print system there is no need to
# specifically define each individual printer
[printers]
comment = All Printers
path = /usr/spool/samba
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = no
writable = no
printable = yes
# This one is useful for people to share files
[tmp]
path = /tmp
writable = yes
Thanks for all the help BTW reading the list got me through the install
today with only some minor frustration.
Shawn
More information about the samba
mailing list