Samba - how to put into domain and authenticate (once again)
Grosswiler Roger
roger at gwch.net
Thu Dec 11 07:36:29 UTC 2003
do i guess right, that i have to put the entry in the following:
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_winbind.so
auth required /lib/security/$ISA/pam_deny.so
so it should work??
> On Wed, Dec 10, 2003 at 08:37:13AM +0100, Grosswiler Roger wrote:
>> i sucessfully did my net rpc join from my linux-clients, so they are in
>> the samba-domain.
>>
>> But: how do i login into my domain if i am on the login into linux? i
>> thought must be the form DOMAIN\user nevertheless what you defined in
>> winbind. But, i always get the message "Username or Password wrong".
>>
>> 1) What am i doing false here?
>>
>> If i login as a regular user, i can go into the
>> nautilus-network-browswer,
>> where i can see my domain and (after a login) the machines inside. But i
>> have no mountpoints there.
>
> The 'login' program (or gdm, or kdm, or xdm, or whatever) probably
> doesn't know who the user is. Check that 'winbind' is listed in
> /etc/nsswitch.conf on the lines for 'passwd', 'group'.
>
> You can run 'wbinfo -u' to check that winbind can read information about
> your users from your domain controller, and run 'getent passwd' to check
> if libc (and applications which use it, which is all of them, including
> the application which is trying to authenticate you) can read
> information about those users from the sources listed in
> /etc/nsswitch.conf (which should include 'winbind').
>
> That done, you'll want to configure login and other applications to
> authenticate users using winbind by adding a line
> auth sufficient pam_winbind.so
> to /etc/pam.d/system-auth, just under the line which reads
> auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
>
> To finish up, you'll need to make sure that the user has a home
> directory for gdm, kdm, and the like, but logging in at the console
> should work at this point, even if the user doesn't have a home
> directory.
>
> HTH,
>
> Nalin
>
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
More information about the fedora-list
mailing list