It seems, if i look my log....i tried this morning to log in on the localserver itself as a domain-user. see results below. i'll insert what you said again on the server, and try afterwards, if i can also connect via a remote client. Dec 11 06:11:52 morpheus gdm(pam_unix)[4802]: check pass; user unknown Dec 11 06:11:52 morpheus gdm(pam_unix)[4802]: authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= Dec 11 06:11:53 morpheus gdm-binary[4802]: Benutzer konnte nicht legitimiert werden Dec 11 06:12:04 morpheus gdm(pam_unix)[4802]: check pass; user unknown Dec 11 06:12:04 morpheus gdm(pam_unix)[4802]: authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= Dec 11 06:12:05 morpheus gdm-binary[4802]: Benutzer konnte nicht legitimiert werden Dec 11 06:12:13 morpheus gdm(pam_unix)[4802]: check pass; user unknown Dec 11 06:12:13 morpheus gdm(pam_unix)[4802]: authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= Dec 11 06:12:15 morpheus gdm-binary[4802]: Benutzer konnte nicht legitimiert werden Dec 11 06:12:22 morpheus gdm(pam_unix)[4802]: check pass; user unknown Dec 11 06:12:22 morpheus gdm(pam_unix)[4802]: authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= Dec 11 06:12:24 morpheus gdm-binary[4802]: Benutzer konnte nicht legitimiert werden ...while "Benutzer konnte nicht legitimiert werden" means a kind of "User could not be legitimated" or "authenticated" > On Wed, Dec 10, 2003 at 10:33:34PM +0100, Roger Grosswiler wrote: >> i tried now again, but just entered now in the system-auth the >> following: >> auth sufficient /lib/security/$ISA/pam_smb_auth.so >> use_first_pass nolocal > > The pam_smb_auth module is entirely different from winbind -- its > configuration file is /etc/pam_smb.conf. Its readme file states that > you should place the domain name on the first line of the file, the name > of the PDC on the second line, and the names of another PDC on the third > line. > > The pam_smb_auth module can only perform authentication. It can not > provide needed information about users (UIDs, GIDs, etc.) to programs -- > you'll need something which does this. > > Winbind happens to provide modules which can communicate with winbind to > accomplish both of these. The upside of pam_smb_auth is that you can > point it at just about any SMB server (probably even a Windows for > Workgroups server), and it'll work, but winbind needs something at least > as capable as a PDC. Different tools with different capabilities for > different-but-similar problems. > > Because pam_smb_auth can't provide user information, you need to set up > *something* which will. If not winbind, then NIS, or LDAP, or hesiod. > Each of these requires its own server to be set up, because they use > different protocols which your PDC likely isn't set up to serve. > > HTH, > > Nalin > > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list >
