[SlugBug] Winbind and PAM
Andy Davidson
andy at nosignal.org
Tue Dec 28 08:52:57 GMT 2004
On 10 Dec 2004, at 10:09, Dawson, Alan wrote:
Sorry for the late reply.
> I have winbindd and samba 3 running on a SUSE 9.1 based PC in the hope
> of
[...]
> but I'm stuck getting the Windows users able to log on.
> wbinfo -u wbinfo -g
> list the users and groups in the windows domain quite happily, and I
> have
> modified pam.d/login to use winbindd. But must be missing something
> :-(
I assume you have added 'winbind' to the 'passwd', 'shadow', and
'group' lines in nsswitch.conf, otherwise presumably you wouldn't get
the successful line in your syslog.
I'm guessing the permissions error might be caused by the home
directory not being created for each user who will log on from the
domain.
Creating a home directory for every user who might log on isn't a very
nice job to have to keep up to date.
Add the following to /etc/pam/system-auth :
session required pam_mkhomedir.so skel=/etc/skel umask=0022
.. and now when a user tries to log in for the first time, they get
their home directory created (you'll need to mount it from a samba
fileserver if you want to allow hotdesking, or have all files in one
place for backup purposes, etc.)
Hope this helps,
Andy D
More information about the SlugBug
mailing list