[samba] pam authentication solaris9

Tommy.Fallsen at kongsberg.com Tommy.Fallsen at kongsberg.com
Thu Oct 31 07:39:00 GMT 2002 

Hi

I'm trying to get winbindd work with authentication for other services. 
Winbindd works fine in samba.

I get these errors using rlogin from another server to sun10.
 
Oct 31 08:26:11 sun10 pam_winbind[26694]: request failed, PAM error was 4,
NT error was NT_STATUS_INVALID_PARAMETER
Oct 31 08:26:11 sun10 pam_winbind[26694]: internal module error (retval = 4,
user = `tommyf' Supported configurations for passwd management are as
follows:
    passwd: files
    passwd: files ldap
    passwd: files nis
    passwd: files nisplus
    passwd: compat
    passwd: compat AND
    passwd_compat: ldap OR
    passwd_compat: nisplus
Please check your /etc/nsswitch.conf file
Login incorrect

pam.conf, it is pretty different on Solaris 9, than on Solaris 8.


#
#ident	"@(#)pam.conf	1.20	02/01/23 SMI"
#
# Copyright 1996-2002 Sun Microsystems, Inc.  All rights reserved. # Use is
subject to license terms. # # PAM configuration # # Unless explicitly
defined, all services use the modules # defined in the "other" section. # #
Modules are defined with relative pathnames, i.e., they are # relative to
/usr/lib/security/$ISA. Absolute path names, as # present in this file in
previous releases are still acceptable. # # Authentication management # #
login service (explicit because of pam_dial_auth) #
login   auth required		/usr/lib/security/pam_winbind.so.1
login	auth requisite		pam_authtok_get.so.1 try_first_pass
login	auth required		pam_dhkeys.so.1	try_first_pass
login	auth required		pam_unix_auth.so.1 try_first_pass
login	auth required		pam_dial_auth.so.1 try_first_pass
#
# rlogin service (explicit because of pam_rhost_auth)
#
rlogin	auth sufficient		/usr/lib/security/pam_winbind.so.1
rlogin	auth sufficient		pam_rhosts_auth.so.1 try_first_pass
rlogin	auth requisite		pam_authtok_get.so.1 try_first_pass
rlogin	auth required		pam_dhkeys.so.1	try_first_pass
rlogin	auth required		pam_unix_auth.so.1 try_first_pass
#
# rsh service (explicit because of pam_rhost_auth,
# and pam_unix_auth for meaningful pam_setcred)
#
rsh	auth sufficient		pam_rhosts_auth.so.1
other	auth sufficient		/usr/lib/security/pam_winbind.so.1
rsh	auth required		pam_unix_auth.so.1 try_first_pass
#
# PPP service (explicit because of pam_dial_auth)
#
#ppp	auth requisite		pam_authtok_get.so.1
#ppp	auth required		pam_dhkeys.so.1
#ppp	auth required		pam_unix_auth.so.1
#ppp	auth required		pam_dial_auth.so.1
#
# Default definitions for Authentication management
# Used when service name is not explicitly mentioned for authenctication #
other	auth requisite		pam_authtok_get.so.1
other	auth required		pam_dhkeys.so.1
other	auth required		pam_unix_auth.so.1
#
# passwd command (explicit because of a different authentication module) #
passwd	auth required		pam_passwd_auth.so.1
#
# cron service (explicit because of non-usage of pam_roles.so.1) #
cron	account required	pam_projects.so.1
cron	account required	pam_unix_account.so.1
#
# Default definition for Account management
# Used when service name is not explicitly mentioned for account management
#
other	account sufficient	/usr/lib/security/pam_winbind.so.1
other	account requisite	pam_roles.so.1
other	account required	pam_projects.so.1
other	account required	pam_unix_account.so.1
#
# Default definition for Session management
# Used when service name is not explicitly mentioned for session management
#
other	session required	pam_unix_session.so.1
#
# Default definition for  Password management
# Used when service name is not explicitly mentioned for password management
#
other	password required	pam_dhkeys.so.1
other	password requisite	pam_authtok_get.so.1
other	password requisite	pam_authtok_check.so.1
other	password required	pam_authtok_store.so.1
#
# Support for Kerberos V5 authentication (uncomment to use Kerberos) #
#rlogin		auth optional		pam_krb5.so.1 try_first_pass
#login		auth optional		pam_krb5.so.1 try_first_pass
#other		auth optional		pam_krb5.so.1 try_first_pass
#cron		account optional 	pam_krb5.so.1
#other		account optional 	pam_krb5.so.1
#other		session optional 	pam_krb5.so.1
#other		password optional 	pam_krb5.so.1 try_first_pass


thanks....



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tommy Fallsen	System Administrator 
Kongsberg Defence & Aerospace
			Email: tommyf at kongsberg.com
			TEL: +47 32287783 MOB +47 93057326
			WEB: http://www.kongsberg.com/eng/kog/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~      

"The information in this e-mail and in any attachments is 
confidential and intended solely for the attention and use 
of the named addressee(s). This information may be subject 
to legal, professional or other privilege and further 
distribution of it is strictly prohibited without our 
authority. If you are not the intended recipient, you 
are not authorised to and must not disclose, copy, distribute, 
or retain this message or any part of it, and should notify 
us immediately."

-------------- next part --------------
HTML attachment scrubbed and removed

More information about the samba mailing list