Hello,
Does anyone have a working pam configuration that allows gdm logins? My current config works with ssh and bash logins. I'd like gdm to work with usernames like DOMAIN\\USERNAME. MORE DETAIL: ------------------- I'm trying to get a Linux client (Ubuntu 8.04) to authenticate against a Samba domain controller (also Ubuntu8.04). WindowsXP clients work fine with the samba PDC. I have managed to get logins to work for ssh and at the bash prompt, thus: login: ora\\bob This works fine, but logging in at the console does NOT work. When I try to login using gdm, I get a popup that says that "Authentication failed". This is not the normal error message when logging in as a local user with incorrect password. This indicates to me that the user "ORA\\bob" (and all syntactic variations thereof) is being recognized as a domain user, but the password server is rejecting the user. The (relevant portions of) smb.conf on the client system are: #********* workgroup = ORA # this is my domain name security = Domain encrypt passwords = true password server = samba1 # this is my Ubuntu8.04 samba domain controller passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u pam password change = yes idmap uid = 10000-20000 idmap gid = 10000-20000 template shell = /bin/bash template homedir = /home/%D/%U winbind cache time = 5 winbind enum users = yes winbind enum groups = yes ########## My /etc/pam.d/gdm is shown below. Ubuntu separates out certain blocks into common files that are included in the application specific files. I have included the includes: auth requisite pam_nologin.so auth required pam_env.so readenv=1 auth required pam_env.so readenv=1 envfile=/etc/default/locale [EMAIL PROTECTED] common-auth auth sufficient pam_winbind.so auth sufficient pam_unix.so nullok_secure use_first_pass auth optional pam_smbpass.so migrate missingok [EMAIL PROTECTED] common-auth auth optional pam_gnome_keyring.so [EMAIL PROTECTED] common-account account sufficient pam_winbind.so account required pam_unix.so [EMAIL PROTECTED] common-account session required pam_limits.so [EMAIL PROTECTED] common-session session required pam_unix.so session required pam_mkhomedir.so umask=0022 skel=/etc/skel [EMAIL PROTECTED] common-session session optional pam_gnome_keyring.so auto_start [EMAIL PROTECTED] common-password password requisite pam_unix.so nullok obscure md5 password optional pam_smbpass.so nullok use_authtok use_first_pass missingok [EMAIL PROTECTED] common-password -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
