[Samba] two problems with pam authentication
christoph
christoph at scheeder.de
Tue Jun 22 12:55:40 GMT 2004
Hi,
winbindd is irealy called 2 times, and that is normal,
once it is called to verify the user has a correct lpassword,
second to verify he has a vallid account.
and pam_mkhomedir is complaining about the space-caracter between the
strings "skel=" and "/etc/skel/".
this should read "skel=/etc/skel/"
Christoph
31sahibzada at niit.edu.pk schrieb:
> Hi,
>
>
> my etc/pam.d/login file is given at the end.
>
> i am using winbind and single sign on is working now. on the fly
> directory creation also works.
>
> when i check the /var/log/messages i have this error in there
>
> 1.Jun 23 05:40:46 niit158VM pam_winbind[1696]: user 'linwin/zubair'granted
> acces
>
> 2.Jun 23 05:40:46 niit158VM pam_winbind[1696]: user 'linwin/zubair'
> granted acces
>
> 3.Jun 23 05:40:46 niit158VM PAM-mkhomedir[1696]: unknown option; /etc/skel/
>
> 4.Jun 23 05:40:46 niit158VM -- LINWIN/zubair[1696]: LOGIN ON tty1 BY
> LINWIN/zubair
>
>
> now why is winbind being called twice?i have it only once in the
> authentication section of the login file. i do have it in others sections
> too.
>
> secondly why is it giving this unknown option error. every time a new user
> logings the directory is created on the fly.so where is this error coming
> from.
>
>
> ok this was the first problem.
>
> now the second problem is when the root logins.
>
> here is what the /var/log/messages have for us
>
> Jun 23 06:00:37 niit158VM pam_winbind[1834]: request failed: No such user,
> PAM error was 10, NT error was NT_STATUS_NO_SUCH_USER
> Jun 23 06:00:37 niit158VM pam_winbind[1834]: user 'root' granted acces
> Jun 23 06:00:37 niit158VM PAM-mkhomedir[1834]: unknown option; /etc/skel/
> Jun 23 06:00:37 niit158VM -- root[1834]: ROOT LOGIN ON tty1
>
>
> now look at this. first winbind tries it for user root and fails.
>
> and in the second line again winbind tries and user root is granted
> access. there is no user named root in active directory. how is winbind
> being able to authenticate root?
>
> here is my login file
>
> #%PAM-1.0
> auth required pam_env.so
> auth required pam_securetty.so
> auth sufficient pam_winbind.so
> auth required pam_pwdb.so shadow use_first_pass
>
>
> account sufficient pam_winbind.so
> account required pam_stack.so service=system-auth
>
> password sufficient pam_winbind.so
> password required pam_stack.so service=system-auth
>
>
> session sufficient pam_mkhomedir.so skel= /etc/skel/ umask=0022
> session required pam_stack.so service=system-auth
>
>
>
>
> Sahibzada Junaid Noor
> Ph#(+92) (051) 5950 940
> Cell#(+92) (0333) 5223586
> Qazi plaza,Third Floor,Commerical Market,
> Chaklala Scheme 3,
> Rawalpindi
> Islamic Republic of Pakistan
>
More information about the samba
mailing list