two problems with pam authentication

31sahibzada at niit.edu.pk 31sahibzada at niit.edu.pk
Tue Jun 22 11:16:40 GMT 2004 

Hi,


   my etc/pam.d/login file is given at the end.

 i am using winbind and single sign on is working now. on the fly
directory creation also works.

 when i check the /var/log/messages  i have this error in there

1.Jun 23 05:40:46 niit158VM pam_winbind[1696]: user 'linwin/zubair'granted
 acces

2.Jun 23 05:40:46 niit158VM pam_winbind[1696]: user 'linwin/zubair'
granted acces

3.Jun 23 05:40:46 niit158VM PAM-mkhomedir[1696]: unknown option; /etc/skel/

4.Jun 23 05:40:46 niit158VM  -- LINWIN/zubair[1696]: LOGIN ON tty1 BY
LINWIN/zubair


now why is winbind being called twice?i have it only once in the
authentication section of the login file. i do have it in others sections
too.

secondly why is it giving this unknown option error. every time a new user
logings the directory is created on the fly.so where is this error coming
from.


ok this was the first problem.

now the second problem is when the root logins.

here is what the /var/log/messages have for us

Jun 23 06:00:37 niit158VM pam_winbind[1834]: request failed: No such user,
PAM error was 10, NT error was NT_STATUS_NO_SUCH_USER
Jun 23 06:00:37 niit158VM pam_winbind[1834]: user 'root' granted acces
Jun 23 06:00:37 niit158VM PAM-mkhomedir[1834]: unknown option; /etc/skel/
Jun 23 06:00:37 niit158VM  -- root[1834]: ROOT LOGIN ON tty1


now look at this. first winbind tries it for user root and fails.

and in the second line again winbind tries and user root is granted
access. there is no user named root in active directory. how is winbind
being able to authenticate root?

here is my login file

#%PAM-1.0
auth       required     pam_env.so
auth       required     pam_securetty.so
auth       sufficient   pam_winbind.so
auth       required     pam_pwdb.so shadow use_first_pass


account    sufficient   pam_winbind.so
account    required     pam_stack.so service=system-auth

password   sufficient   pam_winbind.so
password   required     pam_stack.so service=system-auth


session    sufficient   pam_mkhomedir.so skel= /etc/skel/ umask=0022
session    required     pam_stack.so service=system-auth




Sahibzada Junaid Noor
Ph#(+92) (051) 5950 940
Cell#(+92) (0333) 5223586
Qazi plaza,Third Floor,Commerical Market,
Chaklala Scheme 3,
Rawalpindi
Islamic Republic of Pakistan

More information about the smb-clients mailing list