I've added the pam changes that use winbind to authenticate users against the domain controller. I see all of the domain users in the graphical login, but when a user logs in who hasn't logged in before, the new home directory (/etc/DOMAIN/<userid>) isn't either being created or it's being created with permissions that don't allow files to be written under the user id.
When logging in via telnet, the directories are created as they are supposed to be. Here are my pam configurations for login, samba and xdm: XDM: #%PAM-1.0 auth sufficient pam_winbind.so auth sufficient pam_unix2.so use_first_pass nullok #set_secrpc account sufficient pam_winbind.so account required pam_unix2.so #password required pam_pwcheck.so nullok password required pam_unix2.so #nullok use_first_pass use_authtok strict=no session required pam_unix2.so debug # trace or none session required pam_devperm.so session required pam_resmgr.so LOGIN #%PAM-1.0 #auth requisite pam_unix2.so nullok #set_secrpc auth required pam_securetty.so auth required pam_env.so auth sufficient pam_unix2.so nullok auth sufficient pam_winbind.so use_first_pass auth required pam_deny.so auth required pam_nologin.so account sufficient pam_winbind.so account required pam_unix2.so #auth required pam_homecheck.so #auth required pam_env.so #auth required pam_mail.so #account required pam_unix2.so password required pam_pwcheck.so nullok password required pam_unix2.so nullok use_first_pass use_authtok session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 session sufficient pam_unix2.so none # debug or trace session sufficient pam_limits.so SAMBA #%PAM-1.0 auth required pam_unix.so account required pam_unix.so I'd sure appreciate any help any of you might be able to offer. David Christensen Brokers International, Ltd. 1200 E Main St Panora, IA 50216 (641) 755-2775 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
