List, I am unable to log into a terminal using Winbind service. I have the login file correctly modifyed and nsswitch too. I have the 2.2.5 version of SAMBA with the new winbind. SAMBA shares work great, so I think it is something else. I get this error in the messages log: Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: check pass; user unknown Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=... Jul 9 11:46:01 alblinux pam_winbind[5463]: user 'MCIDOMNT+username' granted acces Jul 9 11:46:09 alblinux sshd(pam_unix)[5463]: check pass; user unknown Here is the login file : #%PAM-1.0 auth required /lib/security/pam_securetty.so auth required /lib/security/pam_stack.so service=system-auth auth sufficient /lib/security/pam_winbind.so auth required /lib/security/pam_nologin.so account sufficient /lib/security/pam_winbind.so account required /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_stack.so service=system-auth session optional /lib/security/pam_console.so Any Help would be great. Also, all the .so files are inplace and correctly linked. Again, SAMBA shars works great using domain access. Joe Giles jgiles@joeman1.com AOL ID: mcigiles
Move: auth sufficient /lib/security/pam_winbind.so to the top of the auth stack and it should work Josh -----Original Message----- From: Joe Giles [mailto:jgiles@joeman1.com] Sent: Tuesday, July 09, 2002 1:00 PM To: samba@lists.samba.org Subject: [Samba] Cant Log Into Terminal Using Winbind List, I am unable to log into a terminal using Winbind service. I have the login file correctly modifyed and nsswitch too. I have the 2.2.5 version of SAMBA with the new winbind. SAMBA shares work great, so I think it is something else. I get this error in the messages log: Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: check pass; user unknown Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=... Jul 9 11:46:01 alblinux pam_winbind[5463]: user 'MCIDOMNT+username' granted acces Jul 9 11:46:09 alblinux sshd(pam_unix)[5463]: check pass; user unknown Here is the login file : #%PAM-1.0 auth required /lib/security/pam_securetty.so auth required /lib/security/pam_stack.so service=system-auth auth sufficient /lib/security/pam_winbind.so auth required /lib/security/pam_nologin.so account sufficient /lib/security/pam_winbind.so account required /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_stack.so service=system-auth session optional /lib/security/pam_console.so Any Help would be great. Also, all the .so files are inplace and correctly linked. Again, SAMBA shars works great using domain access. Joe Giles jgiles@joeman1.com AOL ID: mcigiles -- To unsubscribe from this list go to the following URL and read the instructions: lists.samba.org/mailman/listinfo/samba
Ok, I did that and got the same results... Do I have to stop and restart the smb and winbindd service, or another service for changes? Thanks Joe> Move: > > auth sufficient /lib/security/pam_winbind.so > > to the top of the auth stack and it should work > Josh > > -----Original Message----- > From: Joe Giles [mailto:jgiles@joeman1.com] > Sent: Tuesday, July 09, 2002 1:00 PM > To: samba@lists.samba.org > Subject: [Samba] Cant Log Into Terminal Using Winbind > > > List, > > I am unable to log into a terminal using Winbind service. I have the login > file correctly modifyed and nsswitch too. I have the 2.2.5 version of SAMBA > with the new winbind. SAMBA shares work great, so I think it is something > else. I get this error in the messages log: > > Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: check pass; user unknown > Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: authentication failure; > logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=... > Jul 9 11:46:01 alblinux pam_winbind[5463]: user 'MCIDOMNT+username' granted > acces > Jul 9 11:46:09 alblinux sshd(pam_unix)[5463]: check pass; user unknown > > > Here is the login file : > > #%PAM-1.0 > auth required /lib/security/pam_securetty.so > auth required /lib/security/pam_stack.so service=system-auth > auth sufficient /lib/security/pam_winbind.so > auth required /lib/security/pam_nologin.so > account sufficient /lib/security/pam_winbind.so > account required /lib/security/pam_stack.so service=system-auth > password required /lib/security/pam_stack.so service=system-auth > session required /lib/security/pam_stack.so service=system-auth > session optional /lib/security/pam_console.so > > Any Help would be great. Also, all the .so files are inplace and correctly > linked. Again, SAMBA shars works great using domain access. > > Joe Giles > jgiles@joeman1.com > AOL ID: mcigiles > > -- > To unsubscribe from this list go to the following URL and read the > instructions: lists.samba.org/mailman/listinfo/samba >Joe Giles jgiles@joeman1.com AOL ID: mcigiles
Actually, it is working now.. You are a god :) But, How can I get it to create the template directories. I have it set in the smb.conf file like this: template homedir = /home/winnt/%D/%U template shell = /bin/bash But when I log it it says this: Could not chdir to home directory /home/winnt/MCIDOMNT/username: No such file or directory bash-2.05a$ Thanks Joe> Move: > > auth sufficient /lib/security/pam_winbind.so > > to the top of the auth stack and it should work > Josh > > -----Original Message----- > From: Joe Giles [mailto:jgiles@joeman1.com] > Sent: Tuesday, July 09, 2002 1:00 PM > To: samba@lists.samba.org > Subject: [Samba] Cant Log Into Terminal Using Winbind > > > List, > > I am unable to log into a terminal using Winbind service. I have the login > file correctly modifyed and nsswitch too. I have the 2.2.5 version of SAMBA > with the new winbind. SAMBA shares work great, so I think it is something > else. I get this error in the messages log: > > Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: check pass; user unknown > Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: authentication failure; > logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=... > Jul 9 11:46:01 alblinux pam_winbind[5463]: user 'MCIDOMNT+username' granted > acces > Jul 9 11:46:09 alblinux sshd(pam_unix)[5463]: check pass; user unknown > > > Here is the login file : > > #%PAM-1.0 > auth required /lib/security/pam_securetty.so > auth required /lib/security/pam_stack.so service=system-auth > auth sufficient /lib/security/pam_winbind.so > auth required /lib/security/pam_nologin.so > account sufficient /lib/security/pam_winbind.so > account required /lib/security/pam_stack.so service=system-auth > password required /lib/security/pam_stack.so service=system-auth > session required /lib/security/pam_stack.so service=system-auth > session optional /lib/security/pam_console.so > > Any Help would be great. Also, all the .so files are inplace and correctly > linked. Again, SAMBA shars works great using domain access. > > Joe Giles > jgiles@joeman1.com > AOL ID: mcigiles > > -- > To unsubscribe from this list go to the following URL and read the > instructions: lists.samba.org/mailman/listinfo/samba > > -- > To unsubscribe from this list go to the following URL and read the > instructions: lists.samba.org/mailman/listinfo/samba >Joe Giles jgiles@joeman1.com AOL ID: mcigiles
I don't think the template homedir creates the directory for you. One option is to have to use PAM, I've never done that before but the module name is pam_mkhomedir. You probably add something like: session required /lib/security/pam_mkhomedir.so skel=/path/to/skel/files Let me know if it works. Good Luck, Josh -----Original Message----- From: Joe Giles [mailto:jgiles@joeman1.com] Sent: Tuesday, July 09, 2002 1:42 PM To: Konkol, Josh; 'Joe Giles'; samba@lists.samba.org Subject: RE: [Samba] Cant Log Into Terminal Using Winbind Actually, it is working now.. You are a god :) But, How can I get it to create the template directories. I have it set in the smb.conf file like this: template homedir = /home/winnt/%D/%U template shell = /bin/bash But when I log it it says this: Could not chdir to home directory /home/winnt/MCIDOMNT/username: No such file or directory bash-2.05a$ Thanks Joe> Move: > > auth sufficient /lib/security/pam_winbind.so > > to the top of the auth stack and it should work > Josh > > -----Original Message----- > From: Joe Giles [mailto:jgiles@joeman1.com] > Sent: Tuesday, July 09, 2002 1:00 PM > To: samba@lists.samba.org > Subject: [Samba] Cant Log Into Terminal Using Winbind > > > List, > > I am unable to log into a terminal using Winbind service. I have the login > file correctly modifyed and nsswitch too. I have the 2.2.5 version ofSAMBA> with the new winbind. SAMBA shares work great, so I think it is something > else. I get this error in the messages log: > > Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: check pass; user unknown > Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: authentication failure; > logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=... > Jul 9 11:46:01 alblinux pam_winbind[5463]: user 'MCIDOMNT+username'granted> acces > Jul 9 11:46:09 alblinux sshd(pam_unix)[5463]: check pass; user unknown > > > Here is the login file : > > #%PAM-1.0 > auth required /lib/security/pam_securetty.so > auth required /lib/security/pam_stack.so service=system-auth > auth sufficient /lib/security/pam_winbind.so > auth required /lib/security/pam_nologin.so > account sufficient /lib/security/pam_winbind.so > account required /lib/security/pam_stack.so service=system-auth > password required /lib/security/pam_stack.so service=system-auth > session required /lib/security/pam_stack.so service=system-auth > session optional /lib/security/pam_console.so > > Any Help would be great. Also, all the .so files are inplace and correctly > linked. Again, SAMBA shars works great using domain access. > > Joe Giles > jgiles@joeman1.com > AOL ID: mcigiles > > -- > To unsubscribe from this list go to the following URL and read the > instructions: lists.samba.org/mailman/listinfo/samba > > -- > To unsubscribe from this list go to the following URL and read the > instructions: lists.samba.org/mailman/listinfo/samba >Joe Giles jgiles@joeman1.com AOL ID: mcigiles
Ok, I put it in my sshd and login file like this SSHD: #%PAM-1.0 auth sufficient /lib/security/pam_winbind.so auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so account sufficient /lib/security/pam_winbind.so account required /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_mkhomedir.so skel=/etc/skel umask=0022 session required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_limits.so session optional /lib/security/pam_console.so LOGIN: #%PAM-1.0 auth sufficient /lib/security/pam_winbind.so auth required /lib/security/pam_securetty.so auth required /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so account sufficient /lib/security/pam_winbind.so account required /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_mkhomedir.so skel=/etc/skel umask=0022 session required /lib/security/pam_stack.so service=system-auth session optional /lib/security/pam_console.so (NOTE: There is a Line Wrap. The mkhomedir.so line in ONE line in the cfg file) and Im getting this error in the secure log: Jul 9 15:59:47 alblinux sshd[6580]: Accepted password for ALBDOMNT+username from 166.41.179.82 port 3017 Jul 9 15:59:47 alblinux sshd[6580]: fatal: PAM session setup failed[6]: Permission denied Any Thoughts? Thanks Joe> I don't think the template homedir creates the directory for you. > > One option is to have to use PAM, I've never done that before but the > module name is pam_mkhomedir. > > You probably add something like: > > session required /lib/security/pam_mkhomedir.so > skel=/path/to/skel/files > > Let me know if it works. > > Good Luck, > > Josh > > > -----Original Message----- > From: Joe Giles [mailto:jgiles@joeman1.com] > Sent: Tuesday, July 09, 2002 1:42 PM > To: Konkol, Josh; 'Joe Giles'; samba@lists.samba.org > Subject: RE: [Samba] Cant Log Into Terminal Using Winbind > > > Actually, it is working now.. You are a god :) > > But, How can I get it to create the template directories. I have it set in > the smb.conf file like this: > > template homedir = /home/winnt/%D/%U > template shell = /bin/bash > > But when I log it it says this: > > Could not chdir to home directory /home/winnt/MCIDOMNT/username: No such > file or directory > bash-2.05a$ > > Thanks > > Joe > > > Move: > > > > auth sufficient /lib/security/pam_winbind.so > > > > to the top of the auth stack and it should work > > Josh > > > > -----Original Message----- > > From: Joe Giles [mailto:jgiles@joeman1.com] > > Sent: Tuesday, July 09, 2002 1:00 PM > > To: samba@lists.samba.org > > Subject: [Samba] Cant Log Into Terminal Using Winbind > > > > > > List, > > > > I am unable to log into a terminal using Winbind service. I have the login > > file correctly modifyed and nsswitch too. I have the 2.2.5 version of > SAMBA > > with the new winbind. SAMBA shares work great, so I think it is something > > else. I get this error in the messages log: > > > > Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: check pass; user unknown > > Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: authentication failure; > > logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=... > > Jul 9 11:46:01 alblinux pam_winbind[5463]: user 'MCIDOMNT+username' > granted > > acces > > Jul 9 11:46:09 alblinux sshd(pam_unix)[5463]: check pass; user unknown > > > > > > Here is the login file : > > > > #%PAM-1.0 > > auth required /lib/security/pam_securetty.so > > auth required /lib/security/pam_stack.so service=system-auth > > auth sufficient /lib/security/pam_winbind.so > > auth required /lib/security/pam_nologin.so > > account sufficient /lib/security/pam_winbind.so > > account required /lib/security/pam_stack.so service=system-auth > > password required /lib/security/pam_stack.so service=system-auth > > session required /lib/security/pam_stack.so service=system-auth > > session optional /lib/security/pam_console.so > > > > Any Help would be great. Also, all the .so files are inplace and correctly > > linked. Again, SAMBA shars works great using domain access. > > > > Joe Giles > > jgiles@joeman1.com > > AOL ID: mcigiles > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: lists.samba.org/mailman/listinfo/samba > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: lists.samba.org/mailman/listinfo/samba > > > > > > Joe Giles > jgiles@joeman1.com > AOL ID: mcigiles >Joe Giles jgiles@joeman1.com AOL ID: mcigiles