[Samba] pam_winbind Appears to need a Network Connection to Succeed at Offline Authentication

John R. Graham john at graham-family.org
Wed Nov 27 17:36:18 UTC 2024


On 11/27/24 11:52, John R. Graham via samba wrote:
> Ugh. Expanded tabs version of system-auth file:
>
One more time:

system-auth:

     auth required pam_env.so
     auth requisite pam_faillock.so preauth
     auth        [success=2 
default=ignore]                                  pam_winbind.so 
try_first_pass
     auth        [success=1 new_authtok_reqd=1 ignore=ignore 
default=bad]    pam_unix.so nullok try_first_pass
     auth [default=die] pam_faillock.so authfail

     account     [default=bad success=ok 
user_unknown=ignore]                pam_winbind.so
     account required pam_unix.so
     account required pam_faillock.so

     password required pam_passwdqc.so config=/etc/security/passwdqc.conf
     password required pam_unix.so try_first_pass use_authtok nullok 
sha512 shadow
     password sufficient pam_winbind.so use_authtok

     session required pam_limits.so
     session required pam_env.so
     session required pam_unix.so





More information about the samba mailing list