> Is there a way to set things up so that the root > user is only checked against the local passwd/shadow files?
I don't know about *only* against shadow. But I've got winbind setup, and it authenticates users first against the domain, but if that fails resorts to the local password database. Here are the relavent lines from my /etc/pam.d/system-auth auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_winbind.so auth sufficient /lib/security/pam_unix.so likeauth nullok use_first_pa ss auth required /lib/security/pam_deny.so -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
