[Samba] pam_winbind

Roberto Mason roberto at rmasonfamily.info
Mon Dec 29 17:55:09 GMT 2003

I have an environment at home with the following:

1. Samba PDC 2.27A
2. Windows XP Pro, login in to the domain
3. Fedora Core 1 Workstation (with machine account on the domain)

On the Fedora Workstation, smb.conf is fairly simple

	server string = Samba Server
	security = DOMAIN
	auth methods = winbind
	log file = /var/log/samba/%m.log
	max log size = 50
	socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
	dns proxy = No
	wins server =
	ldap ssl = no
	idmap uid = 10000-20000
	idmap gid = 10000-20000
	template shell = /bin/sh

	comment = Home Directories
	read only = No
	browseable = No

	comment = All Printers
	path = /var/spool/samba
	printable = Yes
	browseable = No

Winbind is running, with I do a getent passwd, among the standard passwd
file entries, I get the following:


I'm not knowedgeable when it comes to PAM configuration, but I configure two
files according to the documentation I read.

login file
auth       required     /lib/security/pam_stack.so service=system-auth
auth       sufficient   /lib/security/pam_winbind.so use_first_pass
account    required     /lib/security/pam_winbind.so
session    required     /lib/security/pam_limits.so
session    required     /lib/security/pam_mkhomedir.so umask=0022
session    optional     /lib/security/pam_console/so


gdm file
auth       required       /lib/security/pam_stack.so service=system-auth
auth       sufficient     /lib/security/pam_winbind.so
account    required     /lib/security/pam_winbind.so
session    required     /lib/security/pam_limits.so
session    optional     /lib/security/pam_console.so
session    required     /lib/security/pam_mkhomedir.so skel=/etc/skel

I still can't log in from my work station, using for example the <roberto>
login from the domain. Is anyone able to see where I may have gone wrong.

Thank You

More information about the samba mailing list