RE: [Samba] winbind on SUSE8.2
>should be /etc/pam.d/login >make sure to make a backup, in case something goes wrong ;) Jipiie!! works like a charme! Especially the "pam_mkhomedir.so" is impressive. Here is my /etc/pam.d/login: #%PAM-1.0 auth required pam_nologin.so auth sufficient pam_winbind.so auth requisite pam_unix2.souse_first_pass shadow #set_secrpc auth required pam_securetty.so #authrequired pam_homecheck.so auth required pam_env.so auth required pam_mail.so account sufficient pam_winbind.so account requiredpam_unix2.so password required pam_pwcheck.so nullok password required pam_unix2.sonullok use_first_pass use_authtok sessionsufficient pam_mkhomedir.so skel=/etc/skel umask=0022 session requiredpam_unix2.sonone # debug or trace session requiredpam_limits.so Thanks everyone for your kind help. Roman -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind on SUSE8.2
should be /etc/pam.d/login make sure to make a backup, in case something goes wrong ;) >-- Origineel Bericht -- >From: "Klesel, Roman" <[EMAIL PROTECTED]> >To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>, >"'Lammersdorf, Lorenz'" <[EMAIL PROTECTED]> >Cc: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> >Date: Thu, 10 Jul 2003 16:46:51 +0200 >Subject: RE: [Samba] winbind on SUSE8.2 > > >Dear Keneth, yes, now I can ssh into my box with the domainusers. I guess I can figure out which file I have to modify to enable the console login. Thanks so far everyone for your kind help. Roman -Original Message- From: kenne >[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Donnerstag, 10. Juli 2003 16:33 To: Klesel, Roman; 'Lammersdorf, Lorenz' Cc: '[EMAIL PROTECTED]' Subject: RE: [Samba] winbind on SUSE8.2 This is my working ssh file in /etc/pa >.d/ #%PAM-1.0 auth required pam_nologin.so auth sufficient pam_winbind.so auth required pam_unix.so use_first_pass shadow auth required pam_env.so # [1] accountsufficient pam_winbind.so account >equired pam_unix.so use_first_pass sessionsufficient pam_mkhomedir.so skel=/etc/skel umask=0022 sessionrequired pam_unix.so sessionoptional pam_lastlog.so # [1] sessionoptional pam_motd.so # [1] sessionoptio >al pam_mail.so standard noenv # [1] sessionrequired pam_limits.so password required pam_unix.so # Alternate strength checking for password. Note that this # requires the libpam-cracklib package to be installed. # You will nee > to comment out the password line above and # uncomment the next two in order to use this. # I think the order is important and you shouldn't add it at "the end" of the file. Solden Tisca >i ADSL : 27,50 euro/maand tot eind 2003. U bent veel betalen niet meer gewoon! Meer info? Klik hier... http://reg.tiscali.be/default.asp?lg=nl Solden Tiscali ADSL : 27,50 euro/maand tot eind 2003. U bent veel betalen niet meer gewoon! Meer info? Klik hier... http://reg.tiscali.be/default.asp?lg=nl -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind on SUSE8.2
Dear Keneth, yes, now I can ssh into my box with the domainusers. I guess I can figure out which file I have to modify to enable the console login. Thanks so far everyone for your kind help. Roman -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Donnerstag, 10. Juli 2003 16:33 To: Klesel, Roman; 'Lammersdorf, Lorenz' Cc: '[EMAIL PROTECTED]' Subject: RE: [Samba] winbind on SUSE8.2 This is my working ssh file in /etc/pam.d/ #%PAM-1.0 auth required pam_nologin.so auth sufficient pam_winbind.so auth required pam_unix.so use_first_pass shadow auth required pam_env.so # [1] accountsufficient pam_winbind.so accountrequired pam_unix.so use_first_pass sessionsufficient pam_mkhomedir.so skel=/etc/skel umask=0022 sessionrequired pam_unix.so sessionoptional pam_lastlog.so # [1] sessionoptional pam_motd.so # [1] sessionoptional pam_mail.so standard noenv # [1] sessionrequired pam_limits.so password required pam_unix.so # Alternate strength checking for password. Note that this # requires the libpam-cracklib package to be installed. # You will need to comment out the password line above and # uncomment the next two in order to use this. # I think the order is important and you shouldn't add it at "the end" of the file. Solden Tiscali ADSL : 27,50 euro/maand tot eind 2003. U bent veel betalen niet meer gewoon! Meer info? Klik hier... http://reg.tiscali.be/default.asp?lg=nl -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind on SUSE8.2
This is my working ssh file in /etc/pam.d/ #%PAM-1.0 auth required pam_nologin.so auth sufficient pam_winbind.so auth required pam_unix.so use_first_pass shadow auth required pam_env.so # [1] accountsufficient pam_winbind.so accountrequired pam_unix.so use_first_pass sessionsufficient pam_mkhomedir.so skel=/etc/skel umask=0022 sessionrequired pam_unix.so sessionoptional pam_lastlog.so # [1] sessionoptional pam_motd.so # [1] sessionoptional pam_mail.so standard noenv # [1] sessionrequired pam_limits.so password required pam_unix.so # Alternate strength checking for password. Note that this # requires the libpam-cracklib package to be installed. # You will need to comment out the password line above and # uncomment the next two in order to use this. # I think the order is important and you shouldn't add it at "the end" of the file. Solden Tiscali ADSL : 27,50 euro/maand tot eind 2003. U bent veel betalen niet meer gewoon! Meer info? Klik hier... http://reg.tiscali.be/default.asp?lg=nl -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind on SUSE8.2
As Mr. Lammersdrof suggested I used webmin to "convet samba users to unixusers".
Now I can su into HBC+Administrator from my local root account. However password
authentication still will not work.
My smb.conf:
[global]
workgroup = HBC
security = domain
password server = *
os level = 2
time server = Yes
unix extensions = Yes
encrypt passwords = Yes
map to guest = Bad User
printing = CUPS
printcap name = CUPS
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
wins support = No
veto files = /*.eml/*.nws/riched20.dll/*.{*}/
winbind separator = +
winbind uid = 1-2
winbind gid = 1-2
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/nt/%D/%U
template shell = /bin/bash
/etc/nsswitch.conf
shadow: files
passwd: files winbind
group: files winbind
hosts: files dns
networks: files dns
services: files
protocols: files
rpc:files
ethers: files
netmasks: files
netgroup: files
publickey: files
bootparams: files
automount: files nis
aliases:files
/etc/pam.d/login
auth requisite pam_unix2.sonullok #set_secrpc
auth required pam_securetty.so
auth required pam_nologin.so
#authrequired pam_homecheck.so
auth required pam_env.so
auth required pam_mail.so
account requiredpam_unix2.so
password required pam_pwcheck.so nullok
password required pam_unix2.sonullok use_first_pass use_authtok
session requiredpam_unix2.sonone # debug or trace
session requiredpam_limits.so
I added the line "auth sufficient pam_winbind.so" to the end of /etc/pam.d/* but the
only result is that I have to enter the password twice before its rejected.
Roman
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind on SUSE8.2
Hi, don't despair !! Am Donnerstag, 10. Juli 2003 14:14 schrieb Klesel, Roman: > Login as domain user: Login incorrect! Logon for some reason seems to go through the /etc/pam.d/other file. At least if you aithenticate from WIN. Also: man winbindd: /etc/pam.d/*: auth sufficient pam_winbind.so auth required pam_unix.so ... I have it working like so. Also do not forget the /etc/nsswitch.conf Regrads Dan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind on SUSE8.2
Welcome to the twilight zone Roman. I have windbind working (partially) on SuSE 8.2, I can get it to authenticate users that have an account on the box, but I have not been able to get it to work for users that do not have an account on the box. Is that the same symptom you are seeing? Or are you having trouble with all authentication? Terry On Thu, 2003-07-10 at 06:14, Klesel, Roman wrote: > Hello Community, > > is there someone who has winbind working on SUSE 8.X? > On my system the authenication of the domain users simply does not work > getent passwd > shows all domain users > gentent group > shows all domain groups > Login as domain user: Login incorrect! > There seems to be no pam_stack.so on SUSE. Can it work without it? > How can I fix ist? How can I trace the cause of the disfunction? > I would appreciate any help on this. > > Roman Klesel > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
