search for: likeauth

...; cdevidal@yahoo.com Cc: samba@lists.samba.org Subject: [Samba] domain users in local groups with Winbind/Samba/Redhat It was a long message, so I won't quote it again, but if you read back, you'll find this message. I just decided I'd try his pam setup and it worked after I added the likeauth option. I tend to just do whatever it takes to make it work first and then go back and figure out what consequences I'll run into afterwards... Khanh Tran Network Operations Sarah Lawrence College -----Original Message----- From: Chris de Vidal [mailto:cdevidal@yahoo.com] Sent: Thursday, Fe...

...c/skel umask=0022 /etc/pam.d/samba #%PAM-1.0 auth required pam_nologin.so auth required pam_env.so auth required pam_stack.so service=system-auth auth sufficient pam_ldap.so auth sufficient pam_smb_auth.so use_first_pass auth sufficient pam_unix.so likeauth nullok try_first_pass auth required pam_deny.so account required pam_stack.so service=system-auth session required pam_stack.so service=system-auth password required pam_stack.so service=system-auth /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User change...

...AM, because comparing all files I can think of doesnt point me to any differences except /etc/pam.d/ system-auth The LDAP server 'storage' has WINBIND turned on, as follows: auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so broken_shadow account su...

...thd /etc/pam.d/libvirt: auth requisite pam_listfile.so item=group sense=allow file=/etc/libvirt/allow_group auth required pam_tally2.so onerr=succeed auth required pam_nologin.so auth required pam_unix.so try_first_pass likeauth nullok account requisite pam_listfile.so item=group sense=allow file=/etc/libvirt/allow_group account required pam_nologin.so account required pam_unix.so /etc/pam.d/qemu: auth requisite pam_listfile.so item=group sense=allow fil...

...ealx.org/smbldap-howto.en.html - but I'm stuck - in SuSE there is no /etc/pam.d/system-auth. Should I just add this file (I doubt it), or put these values into another files (which ones)? auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth sufficient /lib/security/pam_ldap.so use_first_pass auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so account sufficient /lib/security/pam_ldap.so password required /lib/security/pam_cracklib.so retry=3 typ...

I have set up winbind successfully, but every time I need to perform any task as root, winbind tries to login via the domain server, which gives an "incorrect password" error. Is there a way to set things up so that the root user is only checked against the local passwd/shadow files? -- Ramon Casha Malta Linux User Group (http://linux.org.mt)

...tc/pam.d/system-auth which is edited to look like the example on http://samba.idealx.org #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth sufficient /lib/security/pam_ldap.so use_first_pass auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so account sufficient /lib/security/pam_ldap.so password required /lib/security/pam_cracklib.so retry=3 typ...

....log max log size = 0 ------------------------------- /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth sufficient /lib/security/$ISA/pam_smb_auth.so use_first_pass nolocal auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so password required /lib/security/$ISA/pam_cracklib.so retry=3 type= password suffi...

...enticate for each group and lock the account out if the password is typed a single time. Putting this in the 'session' section it is flat out ignored. Here's my system-auth: auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass use_first_pass auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet accou...

...files netgroup: files publickey: nisplus automount: files aliases: files nisplus /*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/* /*/*/*/*/* nsswitch.conf /*/*/*/*/*/* #%PAM-1.0 auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so account sufficient /lib/security/$ISA/pam_winbind.so use_first_pass password required...

...ce=system-auth With this samba pam configuration, is no longer successful the login on swat via Webmin. I get the error message, root the wrong password used. pam.d / login #%PAM-1.0 auth required pam_securetty.so auth sufficient pam_winbind.so auth sufficient pam_unix.so likeauth nullok use_first_pass auth required pam_stack.so service=system-auth auth required pam_nologin.so account sufficient pam_winbind.so account required pam_stack.so service=system-auth password required pam_stack.so service=system-auth session required pam_stack.so service...

...asse : Mot de passe : su: incorrect password Here is the content of my system-auth-ac pam module : ]$ cat /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so likeauth nullok auth sufficient pam_krb5.so auth required pam_deny.so account sufficient pam_unix.so account sufficient pam_krb5.so account sufficient pam_succeed_if.so uid < 100 quiet account required pam_deny.so password requisite pam_cracklib.so retry=3 password sufficient pam_unix....

Hello, I have gone through the howto provided but I am not yet able to logon to my linux box using NT4 domain accounts. I can however authenticate to restricted shares and I can obtain groups and users via "getent" and "wbinfo -u". All I really need now is a working /etc/pam.d/login. I've tried examples from the howto as with others from the mailing list but I can not

...assword(792) check_oem_password: incorrect password length (856862671). 3) /etc/pam.d/samba: auth required /lib/security/pam_stack.so service=system-auth account required /lib/security/pam_stack.so service=system-auth 4) /etc/pam.d/system-auth auth sufficient /lib/security/pam_unix.so likeauth nullok md5 shadow auth required /lib/security/pam_deny.so account sufficient /lib/security/pam_unix.so account required /lib/security/pam_deny.so password required /lib/security/pam_cracklib.so retry=3 password sufficient /lib/security/pam_unix.so nullok us...

...N server string = %h server (Samba %v) syslog = 0; guest account = nobody load printers = yes For what it's worth, my /etc/pam.d/samba file is as follows: auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth sufficient /lib/security/pam_winbind.so use_first_pass auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so account sufficient /lib/security/pam_winbind.so use_first_pass password required /lib/security/pam_cr...

...ripts say, and thus I have the following system-auth config in /etc/pam.d/ --- #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so broken_shadow account sufficient /lib/security/$ISA/pam_localuser.so account sufficient /li...

...into my existing RedHat config. This is what the file looks like now: # cat /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so password required /lib/security/pam_cracklib.so retry=3 type= password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow password required /lib/security/pam_deny.so session requi...

...am my system-auth is the following auth [success=done auth_err=die default=ignore] /lib/security/pam_radius_auth.so try_first_pass debug auth [success=ignore auth_err=ignore default=ignore] pam_nologin.so file=/etc/raddb/radiusfailure auth required /lib/security/pam_unix.so likeauth nullok md5 shadow auth required /lib/security/pam_tally.so deny=2 per_user no_magic_root even_deny_root_account account required /lib/security/pam_unix.so account required /lib/security/pam_tally.so reset no_magic_root password required /lib/security/...

...S-SUPPORT] - using guest account [2004/11/25 12:19:59, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 Here's my configuration: My system auth looks like: auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth sufficient /lib/security/pam_ldap.so use_first_pass auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so account sufficient /lib/security/pam_ldap.so password required /lib/security/pam_cracklib.so retry=3 typ...

...s path = /home/%U #user = @"NEWDOMAIN+domain users" browseable = No writeable= yes and here is the pam.d samba file: #%PAM-1.0 auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_winbind.so auth sufficient /lib/security/pam_unix.so likeauth nullok use_first_pass auth required /lib/security/pam_deny.so account sufficient /lib/security/pam_winbind.so account required /lib/security/pam_unix.so password required /lib/security/pam_cracklib.so retry=3 minlen=2 dcredit=0 ucredit=0 password sufficient...