Displaying 20 results from an estimated 2000 matches similar to: "samba with pam: ad accounts ok, local ones not"
2003 Feb 21
2
pam settings for winbind
This is more of a pam question then a samba question, but I thought I'd
start here and see if I can get an answer.
I've gotten pam_winbind.so working with gdm (on RHAT 8) using the
following /etc/pam.d/gdm file. I've put + signs to show the lines I
added I added to the stock RHAT 8 gdm pam def.:
#%PAM-1.0
+ auth sufficient /lib/security/pam_winbind.so
+ auth
2002 Nov 18
1
Help with PAM Config
I've installed SAMBA, Winbind etc and everything is working great for users
to login with GDM using DOMAIN+username
Although this is working, now I can no longer login as a generic Linux user
(ex. root). The following is my GDM file from /etc/pam.d/gdm
I wonder if someone might have a suggestion as to what it's missing to allow
Linux users to login?
#%PAM-1.0
auth required
2004 Nov 05
1
Using winbind authentication with Windows 2003 AD - SSH login failures
Hi all,
I have been trying to setup authentication of users on a Linux server
against Windows server 2003 using winbind.
I am at the point where an
su - ADUSERNAME
works, but sshing as that user still doesn't work.
When I try to ssh as an AD user as follows:
ssh -l "RILINUX+testuser" server.domain.com
I get the following output in /var/log/messages:
server pam_winbind[5906]:
2005 Jan 08
1
Obey Pam Restrictions Problem 3.0.10
Hi,
I was using Samba 3.0.9 on Fedora Core 2 and decided to upgrade to 3.0.10.
So I upgrade to Core 3 and installed Samba 3.0.10 and thought I could just
copy my settings over to the new build and everything would run smoothly. I
thought wrong.
Everything seems fine until I enable Obey Pam Restrictions.
If enabled I get a login error from XP stating: " Windows cannot locate
your
2002 Nov 15
1
Winbind and Samba
Hi all, I was wondering if someone could lend a little assistance.
I recently setup SAMBA/Winbind to allow users to login to a Redhat 8 box
using their Windows NT Domain credentials. All is working well in that
regard.
The issue I am having is getting regular UNIX based users to be able to
login. The following is my PAM configuration. For example, if I try to
login as root, it does not work.
2004 Jan 05
2
pam_winbind problems
Hello,
I am have some interesting problems with the pam_winbind portion of samba
3.1. wbinfo -u and getent passwd
works but when I login I get the following messages in /var/log/messages.
Jan 5 11:09:36 hermes pam_winbind[9014]: write to socket failed!
Jan 5 11:09:36 hermes pam_winbind[9014]: internal module error (retval = 3,
user = `CSQ+shane'
Jan 5 11:09:36 hermes PAM_pwdb[9014]: check
2007 Jan 05
2
Kerberos and PAM
I am new to samba. I followed the docs on samba.com to configure samba as
"domain member", security = domain, and to user winbind to authenticate
users against windows 2003 AD. well, my question is the steps mentioned the
use of PAM to do the authentications against the AD but it doesn't work - do
I also need to configure kerberos for this type of installation?
[root@itbox john]#
2009 Sep 16
1
locking down ssh when using winbind
Hi all,
I'm using samba with winbind which has been integrated with Active
Directory.
In the smb.conf file, I have
template shell = /bin/bash
winbind use default domain = yes
to allow ssh but I don't want all the domain users to be able to ssh.
Is there a way to only allow for example) domain\ssh_group which is an
active directory group to be able to ssh into the server?
This is my
2006 Mar 23
1
Samba integration with AD
I know this question has been posed over and over (and over) again, but
I'm at my wit's end. I've dug into the Samba docs, Gentoo specific docs,
and PAM docs, and Googled the heck out of it...
In any event, I'm running Gentoo 2006.0 (just built) running kernel
2.6.15 and Samba 3.0.21b. I'm 'trying' to set up a simple file server
with SSO capabilities to a 2K AD
2004 Mar 01
3
wbinfo -u returns 0xc0000022
Hello,
I am attempting to add a Redhat 9 box to our NT4 domain as a member
server. I want to enumerate user and group info so I don't have to make
two sets of user and group accounts. I've setup samba (version 2.2.7a)
and pamd the way I think I'm supposed to, but wbinfo -u always returns
0xc0000022. I've found this particular error mentioned in a few
articles, but applying the
2001 Feb 21
2
openssh-2.5.1p1 problem on redhat 6.2
Hi,
I built rpm from openssh-2.5.1p1 srpm on redhat 6.2,
then installed it. When trying to ssh from other machine,
sshd gives error:
.....
Feb 20 17:54:24 foo PAM_pwdb[925]: (login) session opened for user doe by LOGIN(uid=0)
Feb 20 17:55:15 foo sshd[1342]: Connection closed by 192.168.0.3
Feb 20 17:55:43 foo sshd[1343]: PAM unable to dlopen(/lib/security/pam_stack.so)
Feb 20 17:55:43 foo
2004 Apr 30
1
pam_winbind succeeds but pam_unix fails !
Hi, I am attempting to authenticate ssh access against users in active directory using winbind + pam . Unfortunately all they receive is "permission denied, please try again". A tail -f of /var/log/messages reveals :
Apr 30 12:32:41 HOST sshd(pam_unix)[3011]: check pass; user unknown
Apr 30 12:32:41 HOST sshd(pam_unix)[3011]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh
2004 May 05
1
Samba ADS Help
I have been having a hard time login into a RH AS 3.0 using my MS AD account
and password. I did successfully setup winbind, krb5 and samba w/out any
major complications. But when it came to login I investigate as to why I am
not able to log into the linux box using my AD account and password. I used
the following URL example to setup winbind and samba.
2007 Jan 04
1
how do i tell winbind to use PAM
quick question how do i tell winbind to use PAM to authenticate user against
03 AD?
vi /etc/pam.d/samba
#%PAM-1.0
auth required pam_nologin.so
auth required pam_stack.so service=system-auth
auth required pam_winbind.so
account required pam_winbind.so
account required pam_stack.so service=system-auth
session required pam_mkhomedir.so
2003 Oct 15
1
FW: Re: domain groups accessing samba share
-----Original Message-----
From: VR-Bug Support
Sent: 15 October 2003 13:42
To: 'Gavin Davenport'
Subject: RE: [Samba] Re: domain groups accessing samba share
Hi Gavin,
This is what I have for my /etc/pam.d/login
#%PAM-1.0
auth required pam_securetty.so
auth sufficient /lib/security/pam_winbind.so
auth sufficient /lib/security/pam_unix.so nodelay
2006 Sep 22
1
ssh login through AD solution
Thanks to Anthony Ciarochi at Centeris for this solution.
I have a Centos (Red Hat-based) server that is now accessible to AD users
AND local users via ssh. I can control which AD groups can login using the
syntax below. Red Hat-based distros use "pam_stack" in pam.d which is quite
different than Debian's "include" based pam.d,
cat /etc/pam.d/sshd
#
2002 Aug 20
1
winbind initgroups problem with 2.2.5 on RH 7.2
Hello,
I am trying to get winbind up and working for logins. Here is my error
message from /var/messages:
Aug 20 20:59:51 aslan pam_winbind[32713]: user 'lisa.snow' granted acces
Aug 20 20:59:51 aslan pam_winbind[32713]: user 'lisa.snow' granted acces
Aug 20 20:59:51 aslan login[32713]: initgroups: Operation not permitted
Here is my pam.d/login file:
#%PAM-1.0
# orginal before
2002 Jul 24
4
Winbind trouble. Wbinfo see's users, "getent passwd" doesn't
I'm trying to set up a new fileshare, to replace an aging NT4 machine we've
been using for far too long.
I'd like to run Linux (RedHat 7.3) on the machine.
Basically, I'm trying to create a fileshare "files" that people can
transparently log in to from NT4 and Windows 2000 workstations. My boss has
approved the use of Linux for the server, but only if I can make it
2002 Jul 09
5
Cant Log Into Terminal Using Winbind
List,
I am unable to log into a terminal using Winbind service. I have the login file correctly modifyed and nsswitch too. I have the 2.2.5 version of SAMBA with the new winbind. SAMBA shares work great, so I think it is something else. I get this error in the messages log:
Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]: check pass; user unknown
Jul 9 11:46:01 alblinux sshd(pam_unix)[5463]:
2002 Dec 05
1
Authenticate Linux Session with NT Domain Acct.
Despite configuring winbind and my /etc/pam.d/<files>, I am still unable
to actually log into a Linux session (ie, at the gdm login screen or
text login prompt) using my NT domain account. Here is my
/etc/pam.d/login file:
auth required /lib/security/pam_securetty.so
auth sufficient /lib/security/pam_winbind.so
auth sufficient /lib/security/pam_unix.so