[Samba] Samba, Passwd, LDAP auth

Bruno Gimenes Pereti pereti at ump.edu.br
Fri Apr 4 12:23:07 GMT 2003

Hi Peter,

I´m not sure but I think you have a misconfiguration in the account session.
When you use required for pam_unix.so the user must exist in passwd and
shadow. Try:

account     sufficient    /lib/security/pam_unix.so
account     required    /lib/security/pam_ldap.so

Please correct me if I´m wrong.


> #%PAM-1.0
> # This file is auto-generated.
> # User changes will be destroyed the next time authconfig is run.
> auth        required      /lib/security/pam_env.so
> auth        sufficient    /lib/security/pam_unix.so likeauth nullok
> auth        sufficient    /lib/security/pam_ldap.so use_first_pass
> auth        required      /lib/security/pam_deny.so
> account     required      /lib/security/pam_unix.so
> account     sufficient    /lib/security/pam_ldap.so
> password    required      /lib/security/pam_cracklib.so retry=3 type=
> password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5
> shadow
> password    sufficient    /lib/security/pam_ldap.so use_authtok
> password    required      /lib/security/pam_deny.so
> session     required      /lib/security/pam_limits.so
> session     required      /lib/security/pam_unix.so
> session     optional      /lib/security/pam_ldap.so
> As far as I can tell, I only need to edit /etc/pam.d/system-auth to make
> PAM applications work in RedHat 8.  I edited my /etc/nsswitch.conf to look
> at 'ldap' for  passwd,groups,shadow.
> Thank you for any help!
> Peter Shull

More information about the samba mailing list