search for: nullok

...t don't allow files to be written under the user id. When logging in via telnet, the directories are created as they are supposed to be. Here are my pam configurations for login, samba and xdm: XDM: #%PAM-1.0 auth sufficient pam_winbind.so auth sufficient pam_unix2.so use_first_pass nullok #set_secrpc account sufficient pam_winbind.so account required pam_unix2.so #password required pam_pwcheck.so nullok password required pam_unix2.so #nullok use_first_pass use_authtok strict=no session required pam_unix2.so debug # trace or none session required...

Hi all, Is there any way to automatically update the samba password when a user changes his unix account password using the passwd command. I want samba to look in passwd file for authentication. I dont want to create two accounts one for local unix and then for the samba. I am not planning to deploy ldap as a solution. Is there any workaround. Anish

...@include system-auth @include system-password auth required pam_smbpass.so nodelay account include system-auth session include system-auth password required pam_smbpass.so nodelay smbconf=/etc/samba/smb.conf system-auth auth required pam_env.so auth required pam_unix.so try_first_pass likeauth nullok auth optional pam_permit.so auth optional pam_smbpass.so migrate account required pam_unix.so account optional pam_permit.so password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow password option...

...ssion required pam_mkhomedir.so skel=/etc/skel/ umask=0077 /etc/pam.d/system-auth: ----------------------- #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 200 quiet_success auth sufficient pam_sss.so use_first_pass auth required pam_deny.so auth required pam_env.so auth optional pam_gnome_keyring.so account required pam_unix.so bro...

...o the underlying authentication module. my login in /etc/pam.d is auth required pam_securetty.so #auth required pam_stack.so service=system-auth auth required pam_nologin.so auth sufficient pam_winbind.so auth required pam_pwdb.so use_first_pass shadow nullok #account required pam_stack.so service=system-auth account sufficient pam_winbind.so #password required pam_stack.so service=system-auth password required pam_pwdb.so use_first_pass shadow nullok #password required pam_winbind.so session required pam_stack.so serv...

...o authenticate, the auth section in login pam seems to pass successfully, but the account section seems to fail. Here is my login module auth required pam_securetty.so debug auth required pam_winbind.so debug auth requisite pam_unix2.so debug,nullok #set_secrpc auth required pam_nologin.so debug auth required pam_homecheck.so debug auth required pam_env.so debug auth required pam_mail.so debug account sufficient pam_winbind.so debug account required...

...[sudo] > > [autofs] > > [ssh] > > > > My /etc/pam.d/system-auth > #%PAM-1.0 > # This file is auto-generated. > # User changes will be destroyed the next time authconfig is run. > auth required pam_env.so > auth sufficient pam_unix.so nullok try_first_pass > auth requisite pam_succeed_if.so uid >= 200 quiet_success > auth sufficient pam_sss.so use_first_pass > auth required pam_deny.so > > account required pam_unix.so broken_shadow > account sufficient pam_succeed_i...

...pam_login_attribute uid pam_crypt local pam_password crypt ldap_version 3 /etc/openldap/slap.conf suffix "dc=tdm-consult,dc=com" rootdn "cn=tdm,dc=tdm-consult,dc=com" rootpw {crypt}... /etc/pam.d/passwd auth required pam_unix2.so nullok account required pam_unix2.so password required pam_pwcheck.so nullok password required pam_unix2.so nullok use_first_pass use_authtok session required pam_unix2.so /etc/security/pam_unix2 auth: use_ldap nullok account: use_ldap password: use_ldap nullo...

...re Jan 14 15:58:21 Snow dovecot: auth(default): client out: FAIL 2 user=ed and so on and so forth. Any idea what could be causing this or how to debug this further ? Thanks in advance, Erik PS: my pam setup for dovecot is: Snow:~ ed$ more /etc/pam.d/dovecot auth required pam_unix.so nullok account required pam_unix.so

...passwords works. Scenario: I create a new user: useradd -m testuser passwd testuser When I log in with the user pam_smbpass should create a corresponding samba user. I modified system-auth which is included in sshd: #### /etc/pam.d/system-auth auth requisite pam_unix.so try_first_pass nullok auth optional pam_permit.so auth required pam_env.so auth optional pam_smbpass.so migrate account required pam_unix.so account optional pam_permit.so account required pam_time.so password requisite pam_unix.so try_first_pass nullok sha512 shadow password optional...

On 05/09/2015 01:24 PM, Jonathan Billings wrote: > Is it normal to have pam_unix and pam_sss twice for each each section? No. See my previous message. I think it's the result of copying portions of SuSE configurations.

Hi, I'm using 2-factor authentication (pubkey+googe_authenticator) and have an issue with rsync. It's configured to use pubkey to authenticate to server so when google_authentication is bypassed by not creating .google_authenticator file for particular user (thanks to nullok option in PAM) it still sends to stderr "Authenticated with partial success." message although it succeeded. So idea is simple: disable 2-factor authentication for particular user/network. Regards, Alexander

...ction is refused. Could it be something mis configured in my ssh pam module. This is my pam ssh module PAM configuration file for sshd auth required /lib/security/pam_nologin.so auth sufficient /lib/security/pam_winbind.so auth required /lib/security/pam_pwdb.so shadow nullok account sufficient /lib/security/pam_winbind.so account required /lib/security/pam_pwdb.so session required /lib/security/pam_pwdb.so session optional /lib/security/pam_console.so password required /lib/security/pam_cracklib.so password required /lib/securit...

...se comparing all files I can think of doesnt point me to any differences except /etc/pam.d/ system-auth The LDAP server 'storage' has WINBIND turned on, as follows: auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so broken_shadow account sufficien...

...k with encrypted password? obey pam restrictions parameter doesn't seems to make difference. Anyone who can help? Thanks Peter ==> Samba-3.0.2a (compiled with pam support) SuSE Linux 7.2 Kernel 2.4.4-4GB ==> /etc/pam.d/passwd file auth required /lib/security/pam_unix.so nullok account required /lib/security/pam_unix.so password required /lib/security/pam_pwcheck.so nullok use_cracklib password required /lib/security/pam_unix.so nullok use_first_pass use_authtok password required /lib/security/pam_smbpass.so nullok use_authtok try_first_pass session re...

...smbldap-howto.en.html - but I'm stuck - in SuSE there is no /etc/pam.d/system-auth. Should I just add this file (I doubt it), or put these values into another files (which ones)? auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth sufficient /lib/security/pam_ldap.so use_first_pass auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so account sufficient /lib/security/pam_ldap.so password required /lib/security/pam_cracklib.so retry=3 type= pass...

...Installed libpam-cracklib, compiled examples/auth/crackcheck and copied the binary to /usr/local/sbin. I added the following line to my smb.conf file: check password script = /usr/local/sbin/crackcheck Edited /etc/pam.d/common-password to look like this: password required pam_unix.so nullok obscure min=4 max=8 md5 password required pam_cracklib.so retry=3 minlen=6 difok=3 password required pam_unix.so use_authtok nullok md5 Restarted Samba and tried to change my password from a Windows box and smbpasswd. I get this error when using smbpasswd: machine 127.0.0.1 reje...

http://bugzilla.mindrot.org/show_bug.cgi?id=732 ------- Additional Comments From dtucker at zip.com.au 2003-12-22 21:40 ------- Which PAM modules do you have in your sshd PAM stack? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

...system-auth which is edited to look like the example on http://samba.idealx.org #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth sufficient /lib/security/pam_ldap.so use_first_pass auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so account sufficient /lib/security/pam_ldap.so password required /lib/security/pam_cracklib.so retry=3 type= pass...

Hi Rowland, This is a CentOS 6.7 server. I was able to make some progress. I have edited /etc/pam.d/system-auth, and now it looks like: auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_ldap.so use_first_pass auth required pam_deny.so account required pam_unix.so account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid...