gdm and winbind logins
David Brodbeck
DavidB at mail.interclean.com
Thu May 16 06:30:03 GMT 2002
I didn't get any response to this on the samba list, so I thought I'd see if
anyone here has any ideas. I feel like it must be something simple, but I'm
not all that experienced with PAM so I don't know where to look.
Has anyone successfully gotten gdm to authenticate using pam_winbind.so? I
can get text logins to work, but gdm doesn't. I get the following error in
/var/log/messages:
May 9 15:08:02 brodbeck gdm(pam_unix)[30583]: could not identify user (from
getpwnam(INTERCLEAN+davidb))
May 9 15:08:02 brodbeck gdm[30583]: Couldn't set acct. mgmt for
INTERCLEAN+davidb
I feel like the fact that it's trying to look something up using pam_unix
should be a clue, but I'm not sure what I need to change...
/etc/pam.d/gdm is as follows:
auth sufficient /lib/security/pam_winbind.so
auth required /lib/security/pam_stack.so
service=system-auth
auth required /lib/security/pam_nologin.so
account sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so
service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so
/etc/pam.d/system-auth is as follows:
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so use_first_pass
likeauth nullok
auth required /lib/security/pam_deny.so
account sufficient /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so retry=3 type=
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so
More information about the samba-technical
mailing list