hi nalin, unfortunately not @home, but trying things out asap. Have once again inserted the line in pam.d/system-auth. was wondering, as de manual for winbind says to make one more entry for 'accout' but i left this out to make sure not making inaccessible my server ;-) I did this all now on my server. i'll try to login directly on my server. if this works, i will also implement it on the client. What still confuses me, is that usually i thought winbind should just run on the server having smb up and running, not on the clients. btw. i run FC1 and Samba 3.0 Cheers and many thanks, Roger > On Wed, Dec 10, 2003 at 10:33:34PM +0100, Roger Grosswiler wrote: >> i tried now again, but just entered now in the system-auth the >> following: >> auth sufficient /lib/security/$ISA/pam_smb_auth.so >> use_first_pass nolocal > > The pam_smb_auth module is entirely different from winbind -- its > configuration file is /etc/pam_smb.conf. Its readme file states that > you should place the domain name on the first line of the file, the name > of the PDC on the second line, and the names of another PDC on the third > line. > > The pam_smb_auth module can only perform authentication. It can not > provide needed information about users (UIDs, GIDs, etc.) to programs -- > you'll need something which does this. > > Winbind happens to provide modules which can communicate with winbind to > accomplish both of these. The upside of pam_smb_auth is that you can > point it at just about any SMB server (probably even a Windows for > Workgroups server), and it'll work, but winbind needs something at least > as capable as a PDC. Different tools with different capabilities for > different-but-similar problems. > > Because pam_smb_auth can't provide user information, you need to set up > *something* which will. If not winbind, then NIS, or LDAP, or hesiod. > Each of these requires its own server to be set up, because they use > different protocols which your PDC likely isn't set up to serve. > > HTH, > > Nalin > > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list >
