to, 2003-12-11 kello 09:36, Grosswiler Roger kirjoitti: > do i guess right, that i have to put the entry in the following: > > auth required /lib/security/$ISA/pam_env.so > auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok > auth sufficient /lib/security/$ISA/pam_winbind.so > auth required /lib/security/$ISA/pam_deny.so > > so it should work?? > It should but it would ask your password two times. Switch the order of pam_winbind and pam_unix lines and then add use_first_pass to the pam_unix.so-line. In my experience it would still not work, probably. GDM will still not let you in, at least not the way it used to work wit older versions. What I get after that is: Dec 11 09:38:56 humbata pam_winbind[18729]: user 'ntdomain1+mauris' granted acces Dec 11 09:38:56 humbata gdm-binary[18729]: Ei voitu asettaa tunnustietojen hallintaa ntdomain1+mauris:lle Where the latter roughly translates to: Unable to set authentication management to ntdomain1+mauris. As I write this, I notice that ntdomain1+mauris is written all lowercase. Perhaps I should try NTDOMAIN1+Mauris which probably is the correct syntax... > > > On Wed, Dec 10, 2003 at 08:37:13AM +0100, Grosswiler Roger wrote: > >> i sucessfully did my net rpc join from my linux-clients, so they are in > >> the samba-domain. > >> > >> But: how do i login into my domain if i am on the login into linux? i > >> thought must be the form DOMAIN\user nevertheless what you defined in > >> winbind. But, i always get the message "Username or Password wrong". > >> > >> 1) What am i doing false here? > >> > >> If i login as a regular user, i can go into the > >> nautilus-network-browswer, > >> where i can see my domain and (after a login) the machines inside. But i > >> have no mountpoints there. > > > > The 'login' program (or gdm, or kdm, or xdm, or whatever) probably > > doesn't know who the user is. Check that 'winbind' is listed in > > /etc/nsswitch.conf on the lines for 'passwd', 'group'. > > > > You can run 'wbinfo -u' to check that winbind can read information about > > your users from your domain controller, and run 'getent passwd' to check > > if libc (and applications which use it, which is all of them, including > > the application which is trying to authenticate you) can read > > information about those users from the sources listed in > > /etc/nsswitch.conf (which should include 'winbind'). > > > > That done, you'll want to configure login and other applications to > > authenticate users using winbind by adding a line > > auth sufficient pam_winbind.so > > to /etc/pam.d/system-auth, just under the line which reads > > auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok > > > > To finish up, you'll need to make sure that the user has a home > > directory for gdm, kdm, and the like, but logging in at the console > > should work at this point, even if the user doesn't have a home > > directory. > > > > HTH, > > > > Nalin > > > > > > -- > > fedora-list mailing list > > fedora-list@xxxxxxxxxx > > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list > > > > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list -- Mauri "mos" Sahlberg Pretax Systems Oy +358 207 44 2228 Technology Evangelist Pääskylänrinne 8 +358 207 44 2201 Bsc Computer Science FIN-00500 Helsinki www.pretax.net Development Manager Finland
