[Samba] PAM Ok Winbind
Adam Smith
adam.smith at sageautomation.com
Fri May 2 00:11:19 GMT 2003
What should a configuration look like for Red Hat 7.3 when authenticating
users against Winbind, for a telnet session?
I have done the following so far:
Installed Samba
Joined the system to the domain
Loaded Winbind
Edited /etc/pam.d/login
#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth sufficient /lib/security/pam_winbind.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so
Although this doesn't work. The user is prompted for a password twice and
denied a telnet session. The logs show a pam_unix authentication request
but nothing about pam_winbind.
Is pam_stack.so responsible for calling pam_unix through specifying
service=system-auth? I'm assuming so..
Can someone show me a demo file that will get telnet sessions
authenticating against winbind?
Other things are:
When I run 'getent passwd' my local and NT Domain accounts all show up
aswell, however the domain accounts show up in the format of DOMAIN\User.
On a FreeBSD system I am also toying with, I could chown files to a user in
the format of DOMAIN\user. Do they have to login this way? Is there a way
to drop the DOMAIN\ section if this is the case?
--
Adam Smith
Information Technology Officer
SAGE Automation Ltd.
adam.smith at sageautomation.com
http://www.sageautomation.com
"Just a friendly wave each morning.."
- Neighbours
More information about the samba
mailing list