similar to: pam_winbind.so and home-directory creation

Configuration: Samba 3.0.14a-1 (on debian 3.1) + winbind 3.0.14a-1 + krb5-user 1.3.6-2 I need help debugging pam_winbind.so in /etc/pam.d/ssh on debian. Samba is a member of an AD domain, authenticating access to shares via winbind+nsswitch.conf. Authentication to shares works great. Now I want winbind to authenticate ssh users as a pam module and it's failing. Below I show the output of

I use the samba-2.2.2-2 debian package and try to set up authentification via winbind. I have use this smb.conf: egrep '^[^;]' /etc/samba/smb.conf [global] printing = cups printcap name = /etc/printcap load printers = yes guest account = nobody invalid users = root security = domain workgroup = TRITECH server string = %h server (Samba %v) syslog only = no

Hi, I'm trying to use pam_listfile.so to deny logins from all others but few users (names in /etc/loginusers). With password authentication it works fine, but with public key authentication OpenSSH lets in users whose names arent't in /etc/loginusers. AllowUsers in sshd_config does what one would expect. I'm using OpenSSH-3.0.2p1 on Debian testing (package version 1:3.0.2p1-6)

Dear Samba-Users, two problems to solve... 1) Trying to authenticate users via pam_winbind against NT-PDC (samba 3.0.4, Debian GNU Linux 3.0). Got shell login and ssh working, but won't be able to login via GDM to gnome or KDE. I do not really understand the difference between login/ssh module stack and gdm module stack. Log auth says something queerish: --- auth.log --- Jul 14 18:34:43

new installation of samba v3.0.21 on debian. Joined the samba box to an ActiveDirectory domain. Can enumerate users/groups with wbinfo run locally on the samba box. Can connect remotely to samba box via smbclient Version 3.0.10-Ubuntu linux. Can create new files via 'put' cmd within smbclient. Can login remotely to samba box with ssh client on linux box. Can _NOT_ map a drive to samba

It looks like I've gotten the majority of things working in regards to Winbind. Users are being authenticated by the NT4 PDC when connecting to shares, but I can't seem to get things set up correctly to allow logging in via SSH(OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090702f). It appears as though I'm successfully authenticated by the PDC, but then the connection is

Hi all, I have a samba 2.2.8a install runing on a debian woody. The samba is working fine and I am able to map shared drives. I want to use a Primary Domain Controller to authenticate users. I have included the necessary options in smb.conf, # separate domain and username with '+', like DOMAIN+username winbind separator = + # use uids from 10000 to 20000 for domain users winbind uid

Hi We recenlty ugraded to openssh-3.7.1p2. Our architecture is ssh daemon uses pam module which sends request to remote radius/tacacs+ servers based on configuration. Now if I create the user in /etc/passwd, then ssh daemon calls pam and everthing works fine. But if the user is not present in /etc/passwd, then ssh daemon is not calling pam. The debug log is given below. All these

Message follows this disclaimer -------------------------------------------------------------------------------------------------- This email and any files transmitted with it is confidential and intended solely for the person or organisation to whom it is addressed. If you are not the intended recipient, you must not read, copy or disseminate the information or take any action in reliance on it

Hi, I have tested the current snapshot portable release (dated Jan 9 2004). configuration has: UsePAM yes PasswordAuthentication no ChallengeResponseAuthentication yes UsePrivilegeSeparation yes two problems: first pam_motd does not work anymore. second, I needed a quick way to disable normal user logins without disabling admin accounts (members of group wheel). the best option i could come

In OpenSSH 3.6.1p2, pam_open_session() ran with a conversation function, do_pam_conversation(), that fed text to the client. In OpenSSH 3.7.1p2, this is no longer the case: session modules run with a conversation function that just returns PAM_CONV_ERR. This means that simple session modules whose job involves printing text on the user's terminal no longer work: pam_lastlog, pam_mail, and

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello: Our scenario: - - Our domain (ABRANTINA) is a Windows 2003R2 AD (RFC2307 enabled) - - Trusted domain (REDE-LC) is a Windows 2003R2 AD - - cafs01tst is a Debian "stable" based SAMBA 3.2.5 file server Our goal: - - Serve home and shares for users of both domains ABRANTINA and REDE-LC Our implementation: (following guidelines from

Hi all, I am trying to join PClinuxOS 2007 to an Active Directory domain, I was able to get it to join following a guide off of Linux Magazine's website. I can't post the URL because you need to be registered to view the article so I have taken the liberty of copying and pasting the article at the end of this message. Anyways what is happening is while I was able to get linux to

I'm trying to trobuleshoot my previuos problem from the basics. I've a box setup with Ubuntu, samba and ldap. I have a lot of problems with user authentications. I'm checking if LDAP and PAM ar working together. I've added an user to ldap with smbldap-useradd command (as posix account) and I'm trying to use it to login via ssh. This user cannot authenticate. Here is the result

Hi all, I am having a problem with pam_winbind.so. Is there any documentation that tells exactly what each module with pam_winbind.so does? In other words, what does the auth section do, what does the account section do??? When I try to authenticate, the auth section in login pam seems to pass successfully, but the account section seems to fail. Here is my login module auth required

Hi, I'm having a little problem with my samba print server. I'm running samba 2.2.1a on a redhat 7.1 distro. I want to use the print$ share, so I can upload print drivers from a windows 2000 machine. I configured the print$ part in the smb.conf, made the directory and the subdir W32X86. They all have the appropriate permissions. When I try to upload drivers for an existing printer,

I have setup openssh with hostbased authentication on linux (redhat). I want to allow/deny users based on a listfile, so i have a PAM module that does that, and it runs in the "account" section (oposed to pam_listfile.so, that uses the "auth" section - it wouldt work because with hostbased authentication openssh ignores the "auth" section). It's working

Dear list members, I am running a small active directory domain for my home network. Everything is working as expected, except for the authentication of active directory users on my machines running debian wheezy. Here is my setup: 1) Active Directory Domain Controller is running on a raspberrypi (raspbian) with samba compiled from source (v4-1-stable from git repository) 2) WIndows 7 machines

For everyone else's reference, John just gave me a call and issued a challenge to put my money where my (big) mouth is. So i'll be doing some work on the documentation in the next little while, specifically to do with adding Samba member servers to an AD infrastructure. If you have troubleshooting tips you picked up, or suggestions of things that need to be included, please let me know.

Hi, I've setup Samba 3.5.6 as a member server in a 2003R2 domain with a single dc, idmapping is by rfc2307 with a tdb backend for builtin accounts etc, I can list users and groups using wbinfo and I can create shares and access them from the windows server, files and folders owned by ad users show the correct user and group names so mapping appears to be working, I can su to ad accounts but I