search for: use_authtok

...t sufficient pam_localuser.so account required pam_sss.so use_first_pass account sufficient pam_localuser.so password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok password sufficient pam_sss.so use_authtok password required pam_deny.so password requisite pam_cracklib.so password optional pam_gnome_keyring.so use_authtok password sufficient pam_unix.so use_authtok nullok shadow try_first_pass passwor...

...schema (v3.0.24) I have unix password sync = yes but it should not come into play as I never plan to reset passwords via smbd. In '/etc/pam.d/system-auth' I was trying to use pam_smbpass.so The original pam script for password had password sufficient pam_ldap.so use_authtok I changed it to: password requisite pam_ldap.so use_authtok password required pam_smbpass.so use_authtok try_first_pass The problem is I get a token manipulation error. Am I using it wrong? What would be even better is if someone knows how...

...pam_ldap.so account [default=bad success=ok user_unknown=ignore] /lib/ security/$ISA/pam_winbind.so account required /lib/security/$ISA/pam_permit.so password requisite /lib/security/$ISA/pam_cracklib.so retry=3 password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow password sufficient /lib/security/$ISA/pam_ldap.so use_authtok password sufficient /lib/security/$ISA/pam_winbind.so use_authtok password required /lib/security/$ISA/pam_deny.so session required /lib/security/$ISA/pam_limits.so session required /lib...

...[default=bad success=ok user_unknown=ignore] pam_sss.so > account required pam_permit.so > > password requisite pam_pwquality.so try_first_pass > local_users_only retry=3 authtok_type= > password sufficient pam_unix.so md5 shadow nullok try_first_pass > use_authtok > password sufficient pam_sss.so use_authtok > password required pam_deny.so > > session optional pam_keyinit.so revoke > session required pam_limits.so > -session optional pam_systemd.so > session [success=1 default=ignore] pam_suc...

...> account required pam_sss.so use_first_pass > account sufficient pam_localuser.so > > password requisite pam_pwquality.so try_first_pass > local_users_only retry=3 authtok_type= > password sufficient pam_unix.so md5 shadow nullok try_first_pass > use_authtok > password sufficient pam_sss.so use_authtok > password required pam_deny.so > password requisite pam_cracklib.so > password optional pam_gnome_keyring.so use_authtok > password sufficient pam_unix.so use_authtok nullok >...

On 05/09/2015 01:24 PM, Jonathan Billings wrote: > Is it normal to have pam_unix and pam_sss twice for each each section? No. See my previous message. I think it's the result of copying portions of SuSE configurations.

Hi all, Is there any way to automatically update the samba password when a user changes his unix account password using the passwd command. I want samba to look in passwd file for authentication. I dont want to create two accounts one for local unix and then for the samba. I am not planning to deploy ldap as a solution. Is there any workaround. Anish

...b/security/pam_securetty.so auth required /lib/security/pam_nologin.so account sufficient /lib/security/pam_winbind.so account required /lib/security/pam_pwdb.so password required /lib/security/pam_cracklib.so password required /lib/security/pam_pwdb.so shadow nullok use_authtok session required /lib/security/pam_pwdb.so session required /lib/security/pam_mkhomedir.so skel=/etc/skel umask=0022 ******************************************************************* /etc/pam.d/system-auth #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed th...

...e_first_pass auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so account sufficient /lib/security/pam_ldap.so password required /lib/security/pam_cracklib.so retry=3 type= password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow password sufficient /lib/security/pam_ldap.so use_authtok password required /lib/security/pam_deny.so session required /lib/security/pam_limits.so session required /lib/security/pam_unix.so session optional /lib/security/pam_ldap.so Tomek

...iases: files winbind ------------/etc/pam.d/login-------------- #%PAM-1.0 auth requisite pam_unix2.so nullok #set_secrpc auth required pam_securetty.so auth required pam_nologin.so auth sufficient pam_winbind.so use_first_pass use_authtok #auth required pam_homecheck.so auth required pam_env.so auth required pam_mail.so account required pam_unix2.so account sufficient pam_winbind.so use_first_pass use_authtok password required pam_pwcheck.so nullok password requ...

...e_first_pass auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so account sufficient /lib/security/pam_ldap.so password required /lib/security/pam_cracklib.so retry=3 type= password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow password sufficient /lib/security/pam_ldap.so use_authtok password required /lib/security/pam_deny.so session required /lib/security/pam_limits.so session required /lib/security/pam_unix.so session optional /lib/security/pam_ldap.so As far as I...

...[default=bad success=ok user_unknown=ignore] pam_winbind.so cached_login account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 minlen=12 dcredit=1 ucredit=1 lcredit=1 ocredit=1 password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok password sufficient pam_krb5.so use_authtok password sufficient pam_winbind.so cached_login use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session optional pam_mkhomedir.so session [...

...t=bad success=ok user_unknown=ignore] pam_winbind.so /etc/pam.d/system-auth-ac:auth sufficient pam_winbind.so use_first_pass /etc/pam.d/system-auth-ac:account [default=bad success=ok user_unknown=ignore] pam_winbind.so /etc/pam.d/system-auth-ac:password sufficient pam_winbind.so use_authtok /etc/pam.d/smartcard-auth-ac:account [default=bad success=ok user_unknown=ignore] pam_winbind.so /etc/pam.d/password-auth-ac:auth sufficient pam_winbind.so use_first_pass /etc/pam.d/password-auth-ac:account [default=bad success=ok user_unknown=ignore] pam_winbind.so /etc/pam.d/pas...

...g password I get: check_ntlm_password: Authentication for user [yans] -> [yans] FAILED with error NT_STATUS_WRONG_PASSWORD Where do I look? pam config: password [success=2 default=ignore] pam_unix.so obscure sha512 password [success=1 default=ignore] pam_winbind.so use_authtok try_first_pass password requisite pam_deny.so password required pam_permit.so password optional pam_smbpass.so nullok use_authtok use_first_pass nsswtich.conf: passwd: compat winbind shadow: compat g...

...sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_krb5.so account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok password sufficient pam_krb5.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session optional pam_mkhomedir.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet...

...authfail ??? account???? [default=bad success=ok user_unknown=ignore]??????????????? pam_winbind.so ??? account required pam_unix.so ??? account required pam_faillock.so ??? password required pam_passwdqc.so config=/etc/security/passwdqc.conf ??? password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow ??? password sufficient pam_winbind.so use_authtok ??? session required pam_limits.so ??? session required pam_env.so ??? session required pam_unix.so All are Gentoo standard except system-auth, which is my own work in progress. - John

...so uid < 2000 quiet account [default=bad success=ok user_unknown=ignore] pam_sss.so account required pam_permit.so password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok password sufficient pam_sss.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet u...

...[default=bad success=ok user_unknown=ignore] pam_sss.so > account required pam_permit.so > > password requisite pam_pwquality.so try_first_pass > local_users_only retry=3 authtok_type= > password sufficient pam_unix.so md5 shadow nullok try_first_pass > use_authtok > password sufficient pam_sss.so use_authtok > password required pam_deny.so > > session optional pam_keyinit.so revoke > session required pam_limits.so > -session optional pam_systemd.so > session [success=1 default=ignore] pam_suc...

...et account [default=bad success=ok user_unknown=ignore] pam_winbind.so account required pam_permit.so password requisite pam_pwquality.so pam_cracklib.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok password sufficient pam_winbind.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so -session optional pam_systemd.so session optional pam_mkhomedir.so skel=/etc/skel/ umask=0077 session...

...pam_winbind.so krb5_auth krb5_ccache_type=KEYRING use_first_pass /etc/pam.d/password-auth:account [default=bad success=ok user_unknown=ignore] pam_winbind.so krb5_auth krb5_ccache_type=KEYRING /etc/pam.d/password-auth:password sufficient pam_winbind.so krb5_auth krb5_ccache_type=KEYRING use_authtok /etc/pam.d/password-auth:session optional pam_winbind.so krb5_auth krb5_ccache_type=KEYRING /etc/pam.d/password-auth-ac:auth sufficient pam_winbind.so krb5_auth krb5_ccache_type=KEYRING use_first_pass /etc/pam.d/password-auth-ac:account [default=bad success=ok user_unknown=ig...