[Samba] LDAP, Active Directory, Redhat 9 Clients

Mon, 24 Nov 2003 07:17:19 -0800 

I have configured winbind and pam. I start the samba daemons in the following order : 
smbd, nmbd, winbindd. wbinfo shows users and groups. so does getent. If  I open a 
terminal window and go su THEDOMAIN+user it asks for a password and wont accept 
anything. my smb.conf,nsswitch.conf, /etc/pam.d/samba, /etc/pam.d/login are below. 
Using windows server 2003 for AD, I have two servers, two domains, one for each 
domain. I am only using one domain for now. There is also a seperate LDAP server. Ive 
looked through the documentation and have not found anything that has corrected the 
problem. Does LDAP have to be configured in some way or is there something wrong with 
my configuration?

<<SMB.CONF>>
[global]
        winbind separator = +
        workgroup = <<THEDOMAIN>>
        netbios name = IBPS12
        server string = clients12
        security = DOMAIN
        password server = <<MY PDC>>
        idmap uid = 10000-20000
        idmap gid = 10000-20000


<<NSSWITCH.CONF>>
passwd:     files winbind
shadow:     files
group:      files winbind

hosts:      files dns

bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files

netgroup:   files

publickey:  nisplus

automount:  files
aliases:    files nisplus

<</etc/pam.d/samba>>
#%PAM-1.0
auth       required     pam_nologin.so
auth       required     pam_stack.so service=system-auth
account    required     pam_stack.so service=system-auth
session    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth

<</etc/pam.d/login>>
#%PAM-1.0
auth       required     /lib/security/pam_securetty.so
auth       sufficient   /lib/security/pam_winbind.so
auth       sufficient   /lib/security/pam_UNIX.so use_first_pass
auth       required     /lib/security/pam_stack.so service=system-auth
auth       required     /lib/security/pam_nologin.so
account    sufficient   /lib/security/pam_winbind.so
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth
session    required     /lib/security/pam_stack.so service=system-auth
session    optional     /lib/security/pam_console.so

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Reply via email to