[Samba] system-auth-winbind

Guillermo Gutierrez ggutierrez at marketscan.com
Thu Mar 9 20:58:37 GMT 2006

I found this file in the /etc/samba directory:
It looks like it has been setup to be used by samba for pam. Does anyone know if that is what it is for?

I tried to copy the contents into the /etc/pam.d/samba file but I still could not get access to the Home directory navigating to it \\Solidus\<userhome>.
This is the only thing that I cannot get working. 

SSH works with pam now, logging in to the console with domain profiles with pam works now.
Navigating to the samba shares only works with the public folder, not the home directory.

Here is my /etc/pam.d/samba contents:

# $Header: /var/cvsroot/gentoo/src/patchsets/samba/configs/system-auth-winbind,v 1.1 2005/08/09 12:56:26 seemant Exp $

auth        required      /lib/security/pam_env.so
auth        sufficient    /lib/security/pam_winbind.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok use_first_pass
auth        required      /lib/security/pam_deny.so

account     sufficient    /lib/security/pam_winbind.so
account     required      /lib/security/pam_unix.so

password    required      /lib/security/pam_cracklib.so retry=3
password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5 shadow
password    required      /lib/security/pam_deny.so

session     required      /lib/security/pam_mkhomedir.so skel=/etc/skel/ umask=0077
session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so

and here is my smb.conf:

# Samba config file created using SWAT
# from (
# Date: 2006/03/08 06:09:01

        workgroup = MARKETSCAN
        realm = MARKETSCAN.COM
        server string = %h, Samba Server %v
        interfaces = lo, eth0
        bind interfaces only = Yes
        security = ADS
        password server = nostradamus, nostradamus_ii
        log level = 5
        log file = /var/log/samba/log.%m
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=32768 SO_SNDBUF=32768
        load printers = No
        disable spoolss = Yes
        os level = 2
        domain master = No
        preferred master = No
        local master = No
        dns proxy = No
        wins proxy = No
        wins server =
        ldap ssl = No
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        template shell = /bin/bash
        template home dir = /home/%D/%U
        winbind use default domain = Yes

        comment = %h Public Share Directory
        path = /home/samba/public
        valid users = "@MARKETSCAN\Domain Users"
        write list = "@MARKETSCAN\Domain Users"
        read only = No
        map readonly = no

        comment = Home directory for %U
        #path = /home/%D/%U
         valid users = %S
        write list = %S
        read only = No
        hide dot files = No
        map readonly = no
        browseable = No

Please let me know what I have misconfigured or not configured.


Guillermo Gutierrez
Development Systems Engineer
Market Scan Information Systems
(818) 575-2000 x2427
ggutierrez at marketscan.com

More information about the samba mailing list