similar to: FW: Samba PDC trying rid null logins

> We are trying to have linux authenticate to linux server running samba > 3.0. We have the XP Pro, 6.2 redhat, and 7.3 redhat machines. They all > authenticate to the linux server but we are having problems with blank > passwords or the user can type any password. We are using pam modules for > the authentication on the client machines. > I have included the config files for

Good Morning, I have been a user of winbind and Samba for about a year now. It's been working well for me on Red Hat v. 8.0 and 9.0. Recently I purchased and installed Red Hat Enterprise Linux WS 3.0 and configured winbind and samba the same way I normally do. However when I attempt to authenticate to the Linux workstation before I am even prompted to enter my password, winbind submits a

Anyone have suggestions? Thanks. -----Original Message----- From: Eisenstein, Doug Sent: Monday, January 12, 2004 9:06 AM To: 'samba@lists.samba.org' Subject: [Samba] Winbind & Wrong Password - PAM Issue? Good Morning, I have been a user of winbind and Samba for about a year now. It's been working well for me on Red Hat v. 8.0 and 9.0. Recently I purchased and installed Red

Greets ... I am not getting it. I have samba (old one, 3.0.22-11-SUSE-CODE10) in an ADS-context, winbind works OK ... I am trying to connect vsftpd to winbind via PAM, this works TOO GOOD ;-) currently I am able to login to vsftpd with ANY password, that's bad. I am not understanding that PAM-stuff and I have some pressure to get that ftp-server up, so please would someone help me out? My

Hi, I have tested the current snapshot portable release (dated Jan 9 2004). configuration has: UsePAM yes PasswordAuthentication no ChallengeResponseAuthentication yes UsePrivilegeSeparation yes two problems: first pam_motd does not work anymore. second, I needed a quick way to disable normal user logins without disabling admin accounts (members of group wheel). the best option i could come

Hello Andrew, I'm a little stuck with my login authentication for my Samba 3 box. With the new features in Samba 3 - Should I be able to provide username@domain & password at login that would authenticate me against our W2K ADS PDC and obtain my kerberos ticket? Please advise on the suggested way to authenticate against our Active Directory domain at login if I'm way off base on

Hi, I'm trying to use pam_listfile.so to deny logins from all others but few users (names in /etc/loginusers). With password authentication it works fine, but with public key authentication OpenSSH lets in users whose names arent't in /etc/loginusers. AllowUsers in sshd_config does what one would expect. I'm using OpenSSH-3.0.2p1 on Debian testing (package version 1:3.0.2p1-6)

Hi there I'm running a samba cvs server in a windows domain with a W2K PDC. I want to authenticate windows users through ssh. I'm able to login with a windows user to the server on the server himself but when I want to login via a windows client It doesn't work. The connection is refused. Could it be something mis configured in my ssh pam module. This is my pam ssh module PAM

Hi, I'm trying to config dovecot to enable IMAP protocol only for certain IPs and users. The logical steps I've followed are: 1. If a user is trying to login from an IP that I've authorized ( listed in a file) the request is authorized. 2. If not, if the user is listed in a second file the request is authorized. 3. If also this check fails the request is rejected. I'm using PAM

I'm using libvirt in desktop environment. Single host machine, pair of users, a few guest machines. The first thought was that unix socket restricted to specific group is just enough for authentication. But virsh has the power like sudo: you could define pool on real device and write anything on it. So I decided to authenticate with password for each virsh use. I'm using SASL + saslauthd +

Hello, I'm trying to get Winbind to authenticate users that don't have local accounts on a SAMBA BDC. I have (3) BDCs (1) PDC running OpenLDAP 2.1.23 pass backend and Samba 3.0. These are on RedHat 8.0 systems. 3 BDC are also slave LDAP and 1 master directory server on the PDC. I went through the Samba documentation CH21 and made modifications to the BDCs and PDC as follows:

I just spent some time trying to figure out how to get OpenSSH to work correctly with NIS and PAM. It seems to work fine, apart from one minor worry I still have (see below). Feedback about grave security risks are welcome :) This is using RedHat 6.1 with updates and the OpenSSH 1.2.2p1-1 RPM's on the NIS server as well as the client. In short, my configuration is: /etc/nssswitch.conf:

On May 1st, Chuck Sullivan posted the following: https://listman.redhat.com/pipermail/k12osn/2003-March/007755.html No mention was made of /etc/pam.d/passwd, which is what I think we need to set to enable a user to change their domain password. Our current settings are: /etc/pam.d/passwd: #%PAM-1.0 auth required /lib/security/pam_stack.so service=system-auth auth sufficient

Hello, I have a problem to which I have not been able to find a solution by myself or online. I have Dovecot running together with Qmail on a CentOS server. I need to be able to control which users are allowed IMAP access and at the same time allow IMAP access for all users when the requests are coming from a specific IP. My problem has two parts, detailed below.

Hi Mark and thanks for your soon answer.. I found this excellent guide on internet http://www.puschitz.com/SecuringLinux.shtml... here I could fine all I was looking for about securing my database server running on CentOS.. Regards Israel, >I'm running RHEL 4.6 and am using the features you are looking to >implement. PAM is the direction to look. I have included my

Hello. I have been trying to get Red Hat 9 workstations to authenticate via an NT 4 PDC. here is my /etc/pam.d/login file, auth required /lib/security/pam_securetty.so auth required /lib/security/pam_nologin.so auth sufficient /lib/security/pam_pwdb.so shadow nullok auth required /lib/security/pam_smb_auth.so nolocal account required

Hi, I have an auth module for PAM that I wrote a few years ago called pam_vsd.so. The idea is that a user must have a certain privilege before they can successfully authenticate. Without the privilege the PAM module will return PAM_PERM_DENIED. However I find that in OpenSSH 3.7.1p2, I can easily subvert this check simply by hitting return 3 times on connection i.e. [nick at localhost

Hi, I am attempting to use Samba 3.0.2a on RedHat 9.0 with winbindd to authenticate accounts in an NT 4.0 domain to a samba member server with the below configuration: The samba configuration file is as follows: [global] workgroup = Domainname netbios name = SBX-SMXXXX server string = Samba Server interfaces = 170.164.254.4/26 bind interfaces

Hi all, I was wondering if someone could lend a little assistance. I recently setup SAMBA/Winbind to allow users to login to a Redhat 8 box using their Windows NT Domain credentials. All is working well in that regard. The issue I am having is getting regular UNIX based users to be able to login. The following is my PAM configuration. For example, if I try to login as root, it does not work.

I am appending some documentation by my colleague Bill Eldridge that was actually written for our dial-up service, but should work for you purposes as well. A couple notes. 1.)The user must exist in /etc/passwd on the Samba machine or login to the Samba box will fail. 2.)In the example, we don't set up home directories for the users, we are using it for dial in and they usually want to