search for: pam_authtok_get

...pam.conf: # #ident "@(#)pam.conf 1.16 01/01/24 SMI" # # Copyright (c) 1996-2000 by Sun Microsystems, Inc. # All rights reserved. # # PAM configuration # # Authentication management # login auth required /usr/lib/security/pam_winbind.so login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_auth.so.1 try_first_pass login auth required pam_dial_auth.so.1 try_first_pass # rlogin auth sufficient /usr/lib/security/pam_winbind.so rlogin auth sufficient pam_rhosts_auth...

...ne and no difference. Does anyone have all this working on Solaris 9? I had to download/compile latest kerberos (MIT), openldap, etc, and we have everything working great on our linux machines. 'getent group' comes up with just the local groups. pam.conf: login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_auth.so.1 login auth required pam_dial_auth.so.1 login auth optional /usr/lib/security/pam_winbind.so try_first_pass rlogin auth sufficient pam_rhosts_auth.so.1 rlogin au...

...s are defined with relative pathnames, i.e., they are # relative to /usr/lib/security/$ISA. Absolute path names, as # present in this file in previous releases are still acceptable. # # Authentication management # # login service (explicit because of pam_dial_auth) # login auth requisite pam_authtok_get.so.1 login auth sufficient pam_dhkeys.so.1 login auth sufficient pam_unix_auth.so.1 login auth sufficient pam_dial_auth.so.1 login auth sufficient /usr/lib/security/pam_winbind.so.1 try_first_pass # # rlogin service (explicit because of pam_rhost_auth) # rlog...

...y are # relative to /usr/lib/security/$ISA. Absolute path names, as # present in this file in previous releases are still acceptable. # # Authentication management # # login service (explicit because of pam_dial_auth) # login auth required /usr/lib/security/pam_winbind.so.1 login auth requisite pam_authtok_get.so.1 try_first_pass login auth required pam_dhkeys.so.1 try_first_pass login auth required pam_unix_auth.so.1 try_first_pass login auth required pam_dial_auth.so.1 try_first_pass # # rlogin service (explicit because of pam_rhost_auth) # rlogin auth sufficient /usr/lib/security/pam_winbind.so.1...

...elative to /usr/lib/security/$ISA. Absolute path names, as # present in this file in previous releases are still acceptable. # # Authentication management # # login service (explicit because of pam_dial_auth) # login auth required /usr/lib/security/pam_winbind.so login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_auth.so.1 login auth required pam_dial_auth.so.1 # # rlogin service (explicit because of pam_rhost_auth) # rlogin auth sufficient /usr/lib/security/pam_winbind.so rlogin auth sufficient...

...urity/$ISA. Absolute path names, as # present in this file in previous releases are still acceptable. # # Authentication management # # login service (explicit because of pam_dial_auth) # login auth required /usr/lib/security/pam_winbind.so try_first_pass login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_auth.so.1 try_first_pass login auth required pam_dial_auth.so.1 try_first_pass # # rlogin service (explicit because of pam_rhost_auth) # rlogin auth sufficient /usr/lib/security/pam_wi...

Dear list, How do I test whether I have access to my winbind LDAP backend from my Solaris 9 machine? My LDAP database is held on a Redhat 9.0 machine also running Samba 3.0.0. I know winbind works because getent and wbinfo show up my NT users and groups. I would also like to have people log into my Solaris 9 machine with their NT usernames, I have this working on Redhat already but Solaris is

...curity/pam_krb5.so.1 debug other session required /usr/lib/security/pam_unix.so.1 other session optional /usr/lib/security/pam_krb5.so.1 debug other password required /usr/lib/security/pam_unix.so.1 For Solaris 10, it looks like: other auth requisite pam_authtok_get.so.1 debug other auth required pam_dhkeys.so.1 debug other auth required pam_unix_cred.so.1 debug other auth sufficient pam_krb5.so.1 debug other auth required pam_unix_auth.so.1 debug other account requisite pam_roles.so.1 debug other account...

...elative to /usr/lib/security/$ISA. Absolute path names, as # present in this file in previous releases are still acceptable. # # Authentication management # # login service (explicit because of pam_dial_auth) # login auth required /usr/lib/security/pam_winbind.so login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_auth.so.1 login auth required pam_dial_auth.so.1 # # rlogin service (explicit because of pam_rhost_auth) # rlogin auth sufficient /usr/lib/security/pam_winbind.so rlogin auth sufficient...

...# # Modules are defined with relative pathnames, i.e., they are # relative to /usr/lib/security/$ISA. Absolute path names, as # present in this file in previous releases are still acceptable. # # Authentication management # # login service (explicit because of pam_dial_auth) # login auth requisite pam_authtok_get.so.1 login auth sufficient pam_dhkeys.so.1 login auth sufficient pam_unix_auth.so.1 login auth sufficient pam_dial_auth.so.1 login auth sufficient /usr/lib/security/pam_winbind.so.1 debug try_first_pass # # rlogin service (explicit because of pam_rhost_auth) # rlogin auth sufficient pam...

...(477) read failed on sock 20, pid 4658: EOF ------------------------------------------------- /etc/pam.conf # Authentication management # # login service (explicit because of pam_dial_auth) # login auth required /usr/lib/security/pam_winbind.so debug login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_auth.so.1 try_first_pass login auth required pam_dial_auth.so.1 try_first_pass # # rlogin service (explicit because of pam_rhost_auth) # rlogin auth sufficient /usr/lib/security/pam_wi...

Dear list, I'm trying to get a Thumper (Sun Fire X4500) to play nice with AD so that we can offer a nearline storage service. Since many of our users will have multiple group memberships, it's imperative that samba be able to recurse through the groups that a user is a member of to determine if they have access to a resource. What happens instead is that every user who authenticates is

...3p2. OpenSSH uses a configuration from a Linux system where login with password or public key works. Adittionally we have a customized PAM module that grants/revokes access based upon an attribute setting in LDAP. The PAM Configuration for Sun SSH 1.1 is: ==CUT== login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_cred.so.1 login auth required pam_dial_auth.so.1 login auth binding pam_unix_auth.so.1 server_policy login auth required pam_ldap.so.1 sshd-password account required pam...

...blickey for weiler from 128.114.48.86 port 49490 ssh2 debug1: do_cleanup debug1: PAM: cleanup % Again, If I move my public key out of the way and try to log in with a password it works fine. Since it mentions my PAM configuration, here's my /etc/pam.conf file: login auth requisite pam_authtok_get.so.1 login auth required pam_unix_cred.so.1 login auth sufficient pam_unix_auth.so.1 login auth sufficient pam_krb5.so.1 login auth sufficient pam_ldap.so.1 # dtsession auth sufficient pam_unix_auth.so.1 dtsession auth sufficient pam_krb...

...ey are # relative to /usr/lib/security/$ISA. Absolute path names, as # present in this file in previous releases are still acceptable. # # Authentication management # # login service (explicit because of pam_dial_auth) # login auth required pam_winbind.so login auth requisite pam_authtok_get.so.1 debug #login auth sufficient /usr/lib/security/pam_winbind.so.1 try_first_pass debug login auth sufficient pam_dhkeys.so.1 debug login auth sufficient pam_unix_auth.so.1 debug login auth sufficient pam_dial_auth.so.1 debug #login auth sufficient...

...s are defined with relative pathnames, i.e., they are # relative to /usr/lib/security/$ISA. Absolute path names, as # present in this file in previous releases are still acceptable. # # Authentication management # # login service (explicit because of pam_dial_auth) # login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_cred.so.1 login auth required pam_unix_auth.so.1 login auth required pam_dial_auth.so.1 login auth sufficient /usr/lib/security/pam_winbind.so try_first_pass debug # # rlo...

We already have a large complement of Unix users that are also Windows users but we also have non-unix users that need access to some samba shares. How can I setup samba so that Users who already have a Unix account will get that account and home directory when they connect through samba but valid domain users that do not already have a Unix account will authenticate through winbind and get the

....error] request failed: Wrong Password, PAM error was 9, NT error was NT_STATUS_WRONG_PASSWORD Feb 1 14:53:32 hermione pam_winbind[1153]: [ID 678512 auth.warning] user `leeraym' denied access (incorrect password or invalid membership) Feb 1 14:53:32 hermione sshd[1153]: [ID 909140 auth.debug] pam_authtok_get: verifying authtok Feb 1 14:53:36 hermione sshd[1151]: [ID 800047 auth.error] error: PAM: Authentication token manipulation error for leeraym from tuvok /etc/pam.conf (snipped for sshd only): # OpenSSH sshd auth sufficient pam_winbind.so debug sshd auth...

...ind.so -> /opt/local/lib/security/pam_winbind.so lrwxrwxrwx 1 root root 38 Dec 20 13:05 pam_winbind.so.1 -> /opt/local/lib/security/pam_winbind.so My pam.conf: login auth sufficient /opt/local/lib/security/pam_winbind.so try_first_pass login auth requisite pam_authtok_get.so.1 login auth required pam_dhkeys.so.1 login auth required pam_unix_cred.so.1 login auth required pam_unix_auth.so.1 login auth required pam_dial_auth.so.1 other auth sufficient /opt/local/lib/security/pam_winbind.so try_first_pass other auth req...

...PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_F IXED, 3, 0) = 0xFF370000 19080: close(3) = 0 the complete file is under http://www.itl-net.at/download/truss.telnetd the relevant parts for telnet from my /etc/pam.conf are: other auth requisite pam_authtok_get.so.1 other auth sufficient pam_dhkeys.so.1 other auth sufficient pam_unix_auth.so.1 other auth sufficient /usr/local/lib/security/pam_winbind.so.1 try_first_pass debug other account requisite pam_roles.so.1 other account sufficient pam_projects.so.1 othe...