Easiest way I found was to edit /etc/pam.d/system-auth which will add it
to everything.
Add:
Auth sufficient /lib/security/pam_winbind.so (I had it be the second
one listed after pam_env
Then add "use_first_pass" (no quotes) on the end of the pam_unix line
(otherwise it prompts 3 times for password)
Add:
Account required /lib/security/pam_winbind.so (I added after
pam_unix)
This one is the trick, only need it if you're going to have people
logging into unix with their windows account:
ADD:
Session required /lib/security/pam_mkhomedir.so skel=/etc/skel
umask=022
It still gives a "too many parameters" error when you login, but it
does
work, I just haven't had enough motivation to figure out what causes
that error. Also make sure and make a directory in your /home named the
same as your domain, otherwise it can't create the user directories and
will pop an error when you try to login with a windows account.
-----Original Message-----
From: Bill Town [mailto:bill@kontiki.com]
Sent: Friday, April 05, 2002 6:28 PM
To: Blanchard, Michael
Subject: Samba w/ winbindd
Michael-
I am new to configuring PAM and given that you have some success with
it, can you send me your /etc/pam.d/ conf files (or examples). I am
running RH 7.2 with Samba (and winbind) 2.2.3a. Thanks for any help in
advance.
Cheers,
-Bill
----- Original Message -----
From: "Blanchard, Michael" <MBlanchard@grandaire.com>
To: <samba@lists.samba.org>
Sent: Friday, March 08, 2002 6:47 PM
Subject: [Samba] Samba in a Win2000 / NT Enterprise
> Winbind has been in use here for almost a month and I've had no
> problem. I would suggest first off upgrading to 2.2.3. Just do an rpm
> -e samba-client and samba-common first so you clear up the
> dependencies. Then go to samba.org and read the documentation for
> winbind. It's actually pretty easy to do, and has been working really
> well over here. There isn't anything as cool as sitting in front of a
> linux computer and logging in with "ops+username" :) You have to
add
> about 7 lines of winbind-specific stuff into you smb.conf file, but
> that's all availible on the samba.org webpage.
----
Bill Town
Kontiki, Inc.
Voice: 650.625.3065
Fax: 650.623.0142