[Samba] winbind and pam and ssh that's pam enabled
David Shapiro
David.Shapiro at bcbsnc.com
Wed Feb 15 19:05:06 GMT 2006
Okay,
winbind works and I can su - DOMAIN+user now. When I try to log in
with ssh (pam enabled), however, I see in the log it accepts my
password, but then the session closes. My pam.conf has;
su auth sufficient
/usr/lib/security/pam_winbind.so
login auth sufficient
/usr/lib/security/pam_winbind.so debug
sshd auth sufficient
/usr/lib/security/pam_winbind.so debug
OTHER auth required /usr/lib/security/pam_aix
su account sufficient
/usr/lib/security/pam_winbind.so
login account sufficient
/usr/lib/security/pam_winbind.so debug
sshd account sufficient
/usr/lib/security/pam_winbind.so debug
OTHER account required /usr/lib/security/pam_aix
su password sufficient
/usr/lib/security/pam_winbind.so
login password sufficient
/usr/lib/security/pam_winbind.so debug
sshd password sufficient
/usr/lib/security/pam_winbind.so debug
OTHER password required /usr/lib/security/pam_aix
sshd session sufficient /usr/lib/security/pam_aix
debug
OTHER session required /usr/lib/security/pam_aix
I read that winbind is providing just auth, ccount, and password
capabilities, so I guess pam_aix is what is dropping the session. Do I
need to do some voodoo to get from auth, account, password to session?
My /usr/lib/security/methods.cfg file has:
NIS:
program = /usr/lib/security/NIS
program_64 = /usr/lib/security/NIS_64
DCE:
program = /usr/lib/security/DCE
NISPLUS:
program = /usr/lib/security/NISPLUS
KRB5:
program = /usr/lib/security/KRB5
KRB5A:
program = /usr/lib/security/KRB5A
WINBIND:
program = /usr/lib/security/WINBIND
David Shapiro
Unix Team Lead
919-765-2011
More information about the samba
mailing list