[Samba] two problems with pam authentication

31sahibzada at niit.edu.pk 31sahibzada at niit.edu.pk
Tue Jun 22 11:16:40 GMT 2004


   my etc/pam.d/login file is given at the end.

 i am using winbind and single sign on is working now. on the fly
directory creation also works.

 when i check the /var/log/messages  i have this error in there

1.Jun 23 05:40:46 niit158VM pam_winbind[1696]: user 'linwin/zubair'granted

2.Jun 23 05:40:46 niit158VM pam_winbind[1696]: user 'linwin/zubair'
granted acces

3.Jun 23 05:40:46 niit158VM PAM-mkhomedir[1696]: unknown option; /etc/skel/

4.Jun 23 05:40:46 niit158VM  -- LINWIN/zubair[1696]: LOGIN ON tty1 BY

now why is winbind being called twice?i have it only once in the
authentication section of the login file. i do have it in others sections

secondly why is it giving this unknown option error. every time a new user
logings the directory is created on the fly.so where is this error coming

ok this was the first problem.

now the second problem is when the root logins.

here is what the /var/log/messages have for us

Jun 23 06:00:37 niit158VM pam_winbind[1834]: request failed: No such user,
PAM error was 10, NT error was NT_STATUS_NO_SUCH_USER
Jun 23 06:00:37 niit158VM pam_winbind[1834]: user 'root' granted acces
Jun 23 06:00:37 niit158VM PAM-mkhomedir[1834]: unknown option; /etc/skel/
Jun 23 06:00:37 niit158VM  -- root[1834]: ROOT LOGIN ON tty1

now look at this. first winbind tries it for user root and fails.

and in the second line again winbind tries and user root is granted
access. there is no user named root in active directory. how is winbind
being able to authenticate root?

here is my login file

auth       required     pam_env.so
auth       required     pam_securetty.so
auth       sufficient   pam_winbind.so
auth       required     pam_pwdb.so shadow use_first_pass

account    sufficient   pam_winbind.so
account    required     pam_stack.so service=system-auth

password   sufficient   pam_winbind.so
password   required     pam_stack.so service=system-auth

session    sufficient   pam_mkhomedir.so skel= /etc/skel/ umask=0022
session    required     pam_stack.so service=system-auth

Sahibzada Junaid Noor
Ph#(+92) (051) 5950 940
Cell#(+92) (0333) 5223586
Qazi plaza,Third Floor,Commerical Market,
Chaklala Scheme 3,
Islamic Republic of Pakistan

More information about the samba mailing list