Hi, I had a similar problem and rearranging some setting in the pam.d file system-auth helped. This is what I have.....
System-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_winbind.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok use_first_pass auth required /lib/security/$ISA/pam_deny.so account sufficient /lib/security/$ISA/pam_winbind.so account required /lib/security/$ISA/pam_unix.so account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet account required /lib/security/$ISA/pam_permit.so password requisite /lib/security/$ISA/pam_cracklib.so retry=3 password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow password required /lib/security/$ISA/pam_deny.so session required /lib/security/$ISA/pam_limits.so session required /lib/security/$ISA/pam_unix.so Login #%PAM-1.0 auth required pam_securetty.so auth required pam_stack.so service=system-auth auth required pam_nologin.so account sufficient pam_winbind.so account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_stack.so service=system-auth session optional pam_console.so # pam_selinux.so open should be the last session rule session required pam_selinux.so multiple open -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Theis, Jason (CAG-AP) Sent: Wednesday, January 19, 2005 1:47 PM To: '[email protected]' Subject: [Samba] HELP - winbind/PAM issues I have a laptop with fedora core 3 installed. I have an NT domain that I would like to use for all authentication (Linux and Windows). As a test I decided to focus on ssh authentication. I have completed the following: Created the smb.conf: [global] workgroup = DOMAIN_NAME server string = Linux Workstation log file = /var/log/samba/%m.log max log size = 50 security = domain socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 wins support = no wins server = local_wins_server dns proxy = no idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template homedir = /home/winnt/%D/$U template shell = /bin/bash winbind separator = \ winbind use default domain = no password server = * [homes] comment = Home Directories browseable = no writable = yes Edited /etc/pam.d/sshd to be (assuming no security just to get this thing running): #%PAM-1.0 auth required pam_nologin.so auth sufficient pam_winbind.so debug account sufficient pam_winbind.so session required pam_stack.so service=system-auth session optional pam_console.so I have successfully joined the domain. I get the following information when running wbinfo: wbinfo -u DOMAIN_NAME winbind use default domain = yestfbradm DOMAIN_NAME winbind use default domain = yestfbrenda DOMAIN_NAME winbind use default domain = yestfbrett DOMAIN_NAME winbind use default domain = yestfcarme DOMAIN_NAME winbind use default domain = yestfcarmen DOMAIN_NAME winbind use default domain = yestfcdom wbinfo -g DOMAIN_NAME winbind use default domain = yesvpn small office DOMAIN_NAME winbind use default domain = yeswebposting DOMAIN_NAME winbind use default domain = yeswebsecur01 DOMAIN_NAME winbind use default domain = yeswinsock users This is where I am stuck: wbinfo -a username%password plaintext password authentication failed error code was NT_STATUS_NO_SUCH_USER (0xc0000064) error messsage was: No such user Could not authenticate user username%password with plaintext password challenge/response password authentication succeeded If I try to log in via ssh I get this in the log: Jan 19 14:21:18 linus pam_winbind[5326]: request failed: No such user, PAM error was 10, NT error was NT_STATUS_NO_SUCH_USER Jan 19 14:21:18 linus pam_winbind[5326]: user `username' not found Why is it not able to find my NT user when wbinfo will print out my user information just fine? Am I missing something? I have read just about every thread, forum, document, etc.. etc.. I can find. Please help. Thanks -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.7.1 - Release Date: 1/19/2005 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
