-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 09/12/2006 06:50 PM, Matt Herzog escreveu:> I have the winbind login working on FC5 but now logins to local accounts
> cannot authenticate.
>
> My config files are here:
>
> http://www.pigeonnier.org/nsswitch.conf
> http://www.pigeonnier.org/pam.d/
> http://www.pigeonnier.org/krb.conf
>
> Again, if I try to ssh in as a user that exists only as a local account on
the remote
> host, I am rejected. User msh is -not- a AD account and only exists on the
> FC5 server "province"
>
>>From the /var/log/secure file:
>
> Sep 12 16:58:29 province sshd[11521]: reverse mapping checking getaddrinfo
> for zogness.cinteractive.com failed - POSSIBLE BREAK-IN ATTEMPT!
> Sep 12 16:58:33 province sshd[11521]: pam_unix(sshd:auth): authentication
> failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.76.121.62 user=msh
> Sep 12 16:58:35 province sshd[11521]: Failed password for msh from
> 198.76.121.62 port 58069 ssh2
> Sep 12 16:58:39 province sshd[11521]: pam_succeed_if(sshd:account):
> requirement "uid < 100" not met by user "msh"
> Sep 12 16:58:39 province sshd[11521]: fatal: Access denied for user msh by
> PAM account configuration
Well, for some reason your pam requires that your user has
an uid less than 100, I don't know why, but it doesn't looks like
to be related with Samba.
Kind regards,
- --
Felipe Augusto van de Wiel <felipe@paranacidade.org.br>
Coordenadoria de Tecnologia da Informa??o (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
iD8DBQFFCrvECj65ZxU4gPQRAuiQAJ9f6kbvBFaZw8RQ/4WdQEHdMQvHYwCeLGHC
96WqOsJkCUNBjpbax4FV7K0=EsSt
-----END PGP SIGNATURE-----