[Samba] Winbind authenticated users - no home directory
John Oliver
joliver at john-oliver.net
Wed Jan 15 21:06:02 GMT 2003
On Wed, Jan 15, 2003 at 08:50:46PM +0000, John H Terpstra wrote:
> On Wed, 15 Jan 2003, John Oliver wrote:
>
> > When I log on with an NT user to a Linux machine via winbind, I get
> > complaints about no home directory and wind up in / The docs don't
> > mention this at all. How to fix?
>
> This is a Linux issue, not a samba issue!
>
> Configure PAM for login so that it has pam_mkhomedir.so in the right
> place. eg:
>
> auth requisite pam_securetty.so
> auth requisite pam_nologin.so
> auth optional pam_env.so
> auth sufficient pam_winbind.so
> auth sufficient pam_pwdb.so shadow nullok use_first_pass
> account required pam_pwdb.so nodelay audit
> account sufficient pam_winbind.so
> session required pam_mkhomedir.so
> session required pam_pwdb.so nodelay
> password required pam_pwdb.so shadow md5
I found a vague reference to that a little while ago, and have been
playing with it. So far, the best result I've been able to obtain is to
get a message saying it's creating the home directory, and then
immediately boot me out. The logs say:
[root at devweb pam.d]# tail -4 /var/log/messages
Jan 15 12:50:32 devweb pam_winbind[30368]: user 'INDY+joliver' granted
acces
Jan 15 12:50:32 devweb pam_winbind[30368]: user 'INDY+joliver' granted
acces
Jan 15 12:50:32 devweb login(pam_unix)[30368]: session opened for user
INDY+joliver by (uid=0)
Jan 15 12:50:32 devweb login[30368]: Permission denied
[root at devweb pam.d]# tail -18 /var/log/samba/log.winbindd
[2003/01/15 12:50:32, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(105)
[30368]: getpwnam INDY+joliver
[2003/01/15 12:50:32, 3]
nsswitch/winbindd_group.c:winbindd_getgroups(791)
[30368]: getgroups INDY+joliver
[2003/01/15 12:50:32, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(105)
[30368]: getpwnam INDY+joliver
[2003/01/15 12:50:32, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(105)
[30368]: getpwnam INDY+joliver
[2003/01/15 12:50:32, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(105)
[30368]: getpwnam INDY+joliver
[2003/01/15 13:00:57, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(105)
[30668]: getpwnam +nobody
[2003/01/15 13:00:57, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(121)
user 'nobody' does not exist
[2003/01/15 13:00:57, 3]
nsswitch/winbindd_group.c:winbindd_getgroups(791)
[30668]: getgroups nobody
[2003/01/15 13:00:57, 3]
nsswitch/winbindd_group.c:winbindd_getgroups(791)
[30668]: getgroups nobody
--
John Oliver, CCNA http://www.john-oliver.net/
Linux/UNIX/network consulting http://www.john-oliver.net/resume/
*** sendmail, Apache, ftp, DNS, spam filtering ***
**** Colocation, T1s, web/email/ftp hosting ****
More information about the samba
mailing list