Hello,
I've very new to linux, so please excuse my ignorance. I am trying to setup a number of servers to authenticate against my Windows Server 2003 active directory. I have successfully done this with one computer (Dell Optiplex 755), but I can’t seem to get it to work with my servers (Dell PowerEdge R710). I am using Fedora 11.
I have setup samba and pam and have successfully joined the network. Everything with winbind seems to be working properly and I can get all the user info, etc.
When I log in with a local account, everything is fine. If I try to log in with an account from my domain through SSH, I see the message
Code:
/usr/bin/xauth: creating new authority file /home/apkelley/.Xauthority
After that, nothing happens and it is as if I haven’t connected to anything. If I try to log into the actual server using the graphical interface, it starts logging me in, shows a blank screen for about a second, and then returns to the login screen as if nothing has happened.
I would greatly appreciate any suggestions for how I might fix this problem or how to find out more information about the error.
Here are my smb.conf and system-auth files:
/etc/samba/smb.conf
Code:
[global]
workgroup = DS
password server = 192.168.111.9 192.168.111.1
realm = DS.MYDOMAIN.EDU
security = ads
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/false
winbind use default domain = true
winbind offline logon = false
log file = /var/log/samba/log.%m
max log size = 50
load printers = yes
cups options = raw
template homedir = /home/%U
[homes]
comment = Home Directories
browseable = no
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
/etc/pam.d/system-auth
Code:
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_fprintd.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_winbind.so use_first_pass
auth required pam_deny.so
account required pam_unix.so broken_shadow
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 500 quiet
account [default=bad success=ok user_unknown=ignore] pam_winbind.so
account required pam_permit.so
password requisite pam_cracklib.so try_first_pass retry=3
password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password sufficient pam_winbind.so use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session optional pam_mkhomedir.so skel=/etc/skel/ umask=0022
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so