[Samba] PAM Ok Winbind

Adam Smith adam.smith at sageautomation.com
Fri May 2 00:11:19 GMT 2003

What should a configuration look like for Red Hat 7.3 when authenticating
users against Winbind, for a telnet session?

I have done the following so far:

Installed Samba
Joined the system to the domain
Loaded Winbind

Edited /etc/pam.d/login

auth       required     /lib/security/pam_securetty.so
auth       sufficient	/lib/security/pam_winbind.so
auth       required     /lib/security/pam_stack.so service=system-auth
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth
session    optional     /lib/security/pam_console.so

Although this doesn't work.  The user is prompted for a password twice and
denied a telnet session.  The logs show a pam_unix authentication request
but nothing about pam_winbind.

Is pam_stack.so responsible for calling pam_unix through specifying
service=system-auth?  I'm assuming so..
Can someone show me a demo file that will get telnet sessions
authenticating against winbind?

Other things are:

When I run 'getent passwd' my local and NT Domain accounts all show up
aswell, however the domain accounts show up in the format of DOMAIN\User.

On a FreeBSD system I am also toying with, I could chown files to a user in
the format of DOMAIN\user.  Do they have to login this way?  Is there a way
to drop the DOMAIN\ section if this is the case?

Adam Smith
Information Technology Officer
SAGE Automation Ltd.

adam.smith at sageautomation.com

"Just a friendly wave each morning.."
    - Neighbours

More information about the samba mailing list