On 21/06/13 15:50, James Relph wrote:
Here: https://www.opencsw.org/mantis/view.php?id=5020
Ah, for nss, yes. That one is not a lib per se, but a module, so it does make sense. I don't thin Jan got over to document it before I took the packaging away from him, so I'll see what can be done.
I'm using the cswwinbind module, so for instance for netatalk I've got: netatalk auth requisite pam_authtok_get.so.1 netatalk auth required pam_dhkeys.so.1 netatalk auth required pam_unix_cred.so.1 netatalk auth sufficient /opt/csw/lib/security/pam_winbind.so use_first_pass netatalk account requisite pam_roles.so.1 netatalk account sufficient /opt/csw/lib/security/pam_winbind.so
I think might be a problem. Those are the 32 bit modules. I don't think you're running the system 32 bit, so apps requesting 64 bit pam will not be happy. I think you should try with $ISA (implicit for the relative names), something like that:
/opt/csw/lib/$ISA/security/pam_winbind.so
Thanks again, output of testparm is below (sanitised a little):
I don't see anything trivially wrong, but it's been a while. My only concern is why are you using the tdb backend instead of something deterministic like rid? But it should not be an issue here. I hope you can get some details from the AD side.
Laurent _______________________________________________ OpenIndiana-discuss mailing list OpenIndiana-discuss@openindiana.org http://openindiana.org/mailman/listinfo/openindiana-discuss