[Samba] Winbind authenticated users - no home directory

John Oliver joliver at john-oliver.net
Wed Jan 15 21:06:02 GMT 2003 

On Wed, Jan 15, 2003 at 08:50:46PM +0000, John H Terpstra wrote:
> On Wed, 15 Jan 2003, John Oliver wrote:
> 
> > When I log on with an NT user to a Linux machine via winbind, I get
> > complaints about no home directory and wind up in /  The docs don't
> > mention this at all.  How to fix?
> 
> This is a Linux issue, not a samba issue!
> 
> Configure PAM for login so that it has pam_mkhomedir.so in the right
> place. eg:
> 
> auth       requisite    pam_securetty.so
> auth       requisite    pam_nologin.so
> auth       optional     pam_env.so
> auth       sufficient   pam_winbind.so
> auth       sufficient   pam_pwdb.so       shadow nullok use_first_pass
> account    required     pam_pwdb.so       nodelay audit
> account    sufficient   pam_winbind.so
> session    required     pam_mkhomedir.so
> session    required     pam_pwdb.so       nodelay
> password   required     pam_pwdb.so       shadow md5

I found a vague reference to that a little while ago, and have been
playing with it.  So far, the best result I've been able to obtain is to
get a message saying it's creating the home directory, and then
immediately boot me out.  The logs say:

[root at devweb pam.d]# tail -4 /var/log/messages
Jan 15 12:50:32 devweb pam_winbind[30368]: user 'INDY+joliver' granted
acces
Jan 15 12:50:32 devweb pam_winbind[30368]: user 'INDY+joliver' granted
acces
Jan 15 12:50:32 devweb login(pam_unix)[30368]: session opened for user
INDY+joliver by (uid=0)
Jan 15 12:50:32 devweb login[30368]: Permission denied
[root at devweb pam.d]# tail -18 /var/log/samba/log.winbindd
[2003/01/15 12:50:32, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(105)
  [30368]: getpwnam INDY+joliver
[2003/01/15 12:50:32, 3]
nsswitch/winbindd_group.c:winbindd_getgroups(791)
  [30368]: getgroups INDY+joliver
[2003/01/15 12:50:32, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(105)
  [30368]: getpwnam INDY+joliver
[2003/01/15 12:50:32, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(105)
  [30368]: getpwnam INDY+joliver
[2003/01/15 12:50:32, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(105)
  [30368]: getpwnam INDY+joliver
[2003/01/15 13:00:57, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(105)
  [30668]: getpwnam +nobody
[2003/01/15 13:00:57, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(121)
  user 'nobody' does not exist
[2003/01/15 13:00:57, 3]
nsswitch/winbindd_group.c:winbindd_getgroups(791)
  [30668]: getgroups nobody
[2003/01/15 13:00:57, 3]
nsswitch/winbindd_group.c:winbindd_getgroups(791)
  [30668]: getgroups nobody

-- 
John Oliver, CCNA                            http://www.john-oliver.net/
Linux/UNIX/network consulting         http://www.john-oliver.net/resume/
***               sendmail, Apache, ftp, DNS, spam filtering         ***
****                Colocation, T1s, web/email/ftp hosting          ****

More information about the samba mailing list