[SlugBug] Winbind and PAM

[Andy Davidson]

On 10 Dec 2004, at 10:09, Dawson, Alan wrote:

Sorry for the late reply.

> I have winbindd and samba 3 running on a SUSE 9.1 based PC in the hope 
> of
[...]
> but I'm stuck getting the Windows users able to log on.
> wbinfo -u  wbinfo -g
> list the users and groups in the windows domain quite happily, and I 
> have
> modified pam.d/login to use winbindd.  But must be missing something 
> :-(

I assume you have added 'winbind' to the 'passwd', 'shadow', and 
'group' lines in nsswitch.conf, otherwise presumably you wouldn't get 
the successful line in your syslog.

I'm guessing the permissions error might be caused by the home 
directory not being created for each user who will log on from the 
domain.

Creating a home directory for every user who might log on isn't a very 
nice job to have to keep up to date.

Add the following to /etc/pam/system-auth :

session     required      pam_mkhomedir.so skel=/etc/skel umask=0022


.. and now when a user tries to log in for the first time, they get 
their home directory created (you'll need to mount it from a samba 
fileserver if you want to allow hotdesking, or have all files in one 
place for backup purposes, etc.)


Hope this helps,
Andy D