[samba] pam authentication solaris9
Tommy.Fallsen at kongsberg.com
Tommy.Fallsen at kongsberg.com
Thu Oct 31 07:39:00 GMT 2002
Hi
I'm trying to get winbindd work with authentication for other services.
Winbindd works fine in samba.
I get these errors using rlogin from another server to sun10.
Oct 31 08:26:11 sun10 pam_winbind[26694]: request failed, PAM error was 4,
NT error was NT_STATUS_INVALID_PARAMETER
Oct 31 08:26:11 sun10 pam_winbind[26694]: internal module error (retval = 4,
user = `tommyf' Supported configurations for passwd management are as
follows:
passwd: files
passwd: files ldap
passwd: files nis
passwd: files nisplus
passwd: compat
passwd: compat AND
passwd_compat: ldap OR
passwd_compat: nisplus
Please check your /etc/nsswitch.conf file
Login incorrect
pam.conf, it is pretty different on Solaris 9, than on Solaris 8.
#
#ident "@(#)pam.conf 1.20 02/01/23 SMI"
#
# Copyright 1996-2002 Sun Microsystems, Inc. All rights reserved. # Use is
subject to license terms. # # PAM configuration # # Unless explicitly
defined, all services use the modules # defined in the "other" section. # #
Modules are defined with relative pathnames, i.e., they are # relative to
/usr/lib/security/$ISA. Absolute path names, as # present in this file in
previous releases are still acceptable. # # Authentication management # #
login service (explicit because of pam_dial_auth) #
login auth required /usr/lib/security/pam_winbind.so.1
login auth requisite pam_authtok_get.so.1 try_first_pass
login auth required pam_dhkeys.so.1 try_first_pass
login auth required pam_unix_auth.so.1 try_first_pass
login auth required pam_dial_auth.so.1 try_first_pass
#
# rlogin service (explicit because of pam_rhost_auth)
#
rlogin auth sufficient /usr/lib/security/pam_winbind.so.1
rlogin auth sufficient pam_rhosts_auth.so.1 try_first_pass
rlogin auth requisite pam_authtok_get.so.1 try_first_pass
rlogin auth required pam_dhkeys.so.1 try_first_pass
rlogin auth required pam_unix_auth.so.1 try_first_pass
#
# rsh service (explicit because of pam_rhost_auth,
# and pam_unix_auth for meaningful pam_setcred)
#
rsh auth sufficient pam_rhosts_auth.so.1
other auth sufficient /usr/lib/security/pam_winbind.so.1
rsh auth required pam_unix_auth.so.1 try_first_pass
#
# PPP service (explicit because of pam_dial_auth)
#
#ppp auth requisite pam_authtok_get.so.1
#ppp auth required pam_dhkeys.so.1
#ppp auth required pam_unix_auth.so.1
#ppp auth required pam_dial_auth.so.1
#
# Default definitions for Authentication management
# Used when service name is not explicitly mentioned for authenctication #
other auth requisite pam_authtok_get.so.1
other auth required pam_dhkeys.so.1
other auth required pam_unix_auth.so.1
#
# passwd command (explicit because of a different authentication module) #
passwd auth required pam_passwd_auth.so.1
#
# cron service (explicit because of non-usage of pam_roles.so.1) #
cron account required pam_projects.so.1
cron account required pam_unix_account.so.1
#
# Default definition for Account management
# Used when service name is not explicitly mentioned for account management
#
other account sufficient /usr/lib/security/pam_winbind.so.1
other account requisite pam_roles.so.1
other account required pam_projects.so.1
other account required pam_unix_account.so.1
#
# Default definition for Session management
# Used when service name is not explicitly mentioned for session management
#
other session required pam_unix_session.so.1
#
# Default definition for Password management
# Used when service name is not explicitly mentioned for password management
#
other password required pam_dhkeys.so.1
other password requisite pam_authtok_get.so.1
other password requisite pam_authtok_check.so.1
other password required pam_authtok_store.so.1
#
# Support for Kerberos V5 authentication (uncomment to use Kerberos) #
#rlogin auth optional pam_krb5.so.1 try_first_pass
#login auth optional pam_krb5.so.1 try_first_pass
#other auth optional pam_krb5.so.1 try_first_pass
#cron account optional pam_krb5.so.1
#other account optional pam_krb5.so.1
#other session optional pam_krb5.so.1
#other password optional pam_krb5.so.1 try_first_pass
thanks....
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tommy Fallsen System Administrator
Kongsberg Defence & Aerospace
Email: tommyf at kongsberg.com
TEL: +47 32287783 MOB +47 93057326
WEB: http://www.kongsberg.com/eng/kog/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"The information in this e-mail and in any attachments is
confidential and intended solely for the attention and use
of the named addressee(s). This information may be subject
to legal, professional or other privilege and further
distribution of it is strictly prohibited without our
authority. If you are not the intended recipient, you
are not authorised to and must not disclose, copy, distribute,
or retain this message or any part of it, and should notify
us immediately."
-------------- next part --------------
HTML attachment scrubbed and removed
More information about the samba
mailing list