Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 06-10-2005, 08:59 AM   #1
Registered: Mar 2005
Posts: 135

Rep: Reputation: 17
pam_mount + pam_winbind + pam_krb5. All in one (?)


I have Active Directory's users logging into Linux clients thanks to pam_winbind.
I have Samba Shares mounted at login and unmounted at logoff thanks to pam_mount.
I have Cups printing to a Windows Print Queue WITH user authentication thanks to a patched smbspool and Kerberos ticket.

What I need now is to retrieve kerberos tickets at login time WITHOUT prompting for a password. I know pam_krb5 does that, but I can't manage to fit it into /etc/pam.d/system-auth along with pam_winbind and pam_mount.

Thatś my system-auth file:


auth required
auth sufficient
auth required
auth sufficient likeauth nullok use_first_pass
auth required

account sufficient
account required

password required retry=3 minlen=2 dcredit=0 ucredit=0
password sufficient nullok use_authtok md5 shadow
password sufficient use_authtok
password required

session required skel=/etc/skel/ umask=0022
session required
session required
session optional

Anyone may help me out?

Old 06-14-2005, 07:01 PM   #2
LQ Newbie
Registered: Nov 2001
Location: Virginia
Posts: 20

Rep: Reputation: 0
Isn't pam order sensitive?

I thought that the sufficient tests had to appear before the required in PAM because rules are evaluated in the order they appear. I maybe wrong but logically if you "require" something then it doesn't make sense to have an optional test (sufficient) afterwards.
Old 06-15-2005, 06:49 AM   #3
Registered: Mar 2005
Posts: 135

Original Poster
Rep: Reputation: 17
Actually the current file as it is works perfectly.
The problem is fitting into it so that a kerberos ticket is retrieved when user logs in.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
pam_krb5 won't retrieve a kerberos ticket Thakowbbery Conectiva 1 01-10-2007 05:20 AM fails to retreive ticket nilecirb Linux - Networking 0 07-29-2005 11:06 PM
pam_winbind/NTLM/samba JivnJT Linux - Security 0 01-18-2005 11:29 PM
How to setup pam_mount? mauro_haller Linux - Networking 0 03-08-2004 09:26 PM
pam_krb5 source code mbtoys Linux - Networking 0 08-27-2003 07:54 AM

All times are GMT -5. The time now is 08:18 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration