[Samba] pam_winbind.so

bryantac67 at yahoo.com bryantac67 at yahoo.com
Tue Jul 22 20:56:36 GMT 2003


I think I've gotten a step closer. The entry in pam
'account sufficient pam_winbind.so' performs a
getpwnam() on the username. For some reason, it
doesn't seem to be going out the PDC to do this. 

Is there a way to change this or get it to recognize
the PDC?


--- "bryantac67 at yahoo.com" <bryantac67 at yahoo.com>
wrote:
> Hi all,
> 
> I am having a problem with pam_winbind.so.  Is there
> any documentation that tells exactly what each
> module
> with pam_winbind.so does?  In other words, what does
> the auth section do, what does the account section
> do???  When I try to authenticate, the auth section
> in
> login pam seems to pass successfully, but the
> account
> section seems to fail.  Here is my login module
> 
> auth     required       pam_securetty.so       
> debug
> auth     required       pam_winbind.so         
> debug
> auth     requisite     pam_unix2.so           
> debug,nullok #set_secrpc
> auth     required       pam_nologin.so         debug
> auth     required       pam_homecheck.so       
> debug
> auth     required       pam_env.so             debug
> auth     required       pam_mail.so            
> debug
> account  sufficient     pam_winbind.so         
> debug
> account  required       pam_unix2.so           
> debug
> password required       pam_pwcheck.so         
> debug,nullok
> password required       pam_unix2.so           
> debug,nullok use_first_pass use\
> _authtok
> session  required       pam_unix2.so           
> debug,none # debug or trace
> session  required       pam_limits.so          
> debug
> 
> -------------------and here is the log snippet------
> 
> Jul 18 16:29:24 pam_winbind[20827]: Verify user
> `xxxx+xxxx'
> Jul 18 16:29:25 pam_winbind[20827]: user 'xxxx+xxxx'
> granted acces
> Jul 18 16:15:36 pam_winbind[20781]: user `xxxx+xxxx'
> not found
> Jul 18 16:29:25 login[20827]: pam_unix2:
> pam_sm_acct_mgmt() called
> Jul 18 16:29:27 login[20827]: pam_unix2: pam_ldap
> returned 10
> Jul 18 16:29:27 login[20827]: User not known to the
> underlying authentication module
> 
> I know the second pam_winbind.so error above is from
> the account section because when I comment it out
> and
> retry, it disappears.
> 
> Any ideas??
> 
> Thanks,
> Aaron
> 
> __________________________________
> Do you Yahoo!?
> SBC Yahoo! DSL - Now only $29.95 per month!
> http://sbc.yahoo.com
> -- 
> To unsubscribe from this list go to the following
> URL and read the
> instructions: 
http://lists.samba.org/mailman/listinfo/samba


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com



More information about the samba mailing list