[Samba] pam settings for winbind
Aaron Bennett
aaron.bennett at olin.edu
Fri Feb 21 16:29:20 GMT 2003
This is more of a pam question then a samba question, but I thought I'd
start here and see if I can get an answer.
I've gotten pam_winbind.so working with gdm (on RHAT 8) using the
following /etc/pam.d/gdm file. I've put + signs to show the lines I
added I added to the stock RHAT 8 gdm pam def.:
#%PAM-1.0
+ auth sufficient /lib/security/pam_winbind.so
+ auth sufficient /lib/security/pam_unix.so use_first_pass
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
+ auth sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so
I'd also like to configure sshd to use this winbindd. However, this
/etc/pam.d/sshd file doesn't work and I can't figure out why. I've put
+ signs to show the lines I added I added to the stock RHAT 8 sshd pam def.
#%PAM-1.0
+ auth sufficient /lib/security/pam_winbind.so
+ auth sufficient /lib/security/pam_unix.so use_first_pass
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_stack.so service=system-auth
+ account sufficient /lib/security/pam_winbind.so
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_limits.so
session optional /lib/security/pam_console.so
ideas, solutions, and pointers to a FAQ or some good pam documentation
are all appreciated, as I'll be the first to admit that I don't know my
ass from my elbow with regards to pam.
--
Aaron Bennett
UNIX Administrator
Franklin W. Olin College of Engineering
More information about the samba
mailing list