LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 06-11-2004, 04:43 AM   #1
theowl
LQ Newbie
 
Registered: Jun 2004
Distribution: Debian, UHU
Posts: 1

Rep: Reputation: 0
Question winbind + samba + gdm unable to login with Domain user


I have been trying to set up a linux workstation (local dist. "UHU") to authenticate from a (Samba) NT Domain when I login. I've gone through several tutorials and how-tos (which tend to vary a lot) and I am still not able to log in. The only clue Ive found in the logs is in the sys.log I get:

jan 1 00:50:02 localhost gdm[1366]: gdm_slave_session_start: User not allowed to log in

Ive joined the workstation to the domain
wbinfo -u
wbinfo -g
getent passwd
getent group
all work

Here is my smb.conf:
[global]
dns proxy = No
domain master = No
encrypt passwords = Yes
guest account = nobody
guest ok = No
interfaces = lo, eth*
invalid users = root
log level = 2
map to guest = Bad Password
max log size = 10000
name resolve order = lmhosts host wins bcast
os level = 255
preferred master = No
printing = cups
server string = bagoly
socket options = IPTOS_LOWDELAY TCP_NODELAY
syslog = 0
password server = *
winbind enum groups = yes
winbind gid = 10000-20000
winbind enum users = yes
winbind uid = 10000-20000
winbind use default domain = yes
winbind separator = \
obey pam restrictions = No
security = domain
workgroup = MYDOMAIN

Here is my PAM login:
#%PAM-1.0

auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_winbind.so
auth sufficient /lib/security/pam_unix.so use_first_pass nullok shadow

account required /lib/security/pam_winbind.so

password required /lib/security/pam_cracklib.so retry=3
password required /lib/security/pam_unix.so nullok use_authtok md5 shadow

session required /lib/security/pam_mkhomedir.so skel=/etc/skel/ umask=0022
session required /lib/security/pam_env.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_utmp.so
session optional /lib/security/pam_lastlog.so never
session optional /lib/security/pam_motd.so
session optional /lib/security/pam_mail.so quiet

Here is my PAM gdm:
#%PAM-1.0
auth required pam_env.so
auth sufficient pam_winbind.so
auth sufficient pam_unix.so use_first_pass
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account sufficient pam_winbind.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
session required pam_stack.so service=system-auth
session optional pam_console.so

Here is my nsswitch.conf:
passwd: files winbind
shadow: files winbind
group: files winbind

hosts: files nisplus nis dns

bootparams: nisplus [NOTFOUND=return] files

ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: nisplus
publickey: nisplus
automount: files
aliases: files

Any suggestions? Thanx.
 
Old 06-11-2004, 08:30 AM   #2
LeChat
LQ Newbie
 
Registered: Jun 2004
Location: Cologne, Germany, Europe
Distribution: Debian Sid
Posts: 3

Rep: Reputation: 0
It's just an idea, but I would try to put the winbind entrys in your pam configuration files at the beginning of the file. Perhaps the login fails because you have an "required" entry at first.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba Winbind and 2003 domain carnold Suse/Novell 0 08-26-2005 05:53 PM
Samba 3, Winbind (getent) not returning Domain USers delphiq Linux - Software 1 04-16-2004 05:18 AM
Slackware + SAMBA + WinBind + NT Domain = 3 day headache enkrypter Slackware 4 04-15-2004 10:23 PM
Samba + Winbind + Domain Users group wheeliemonster Linux - Networking 0 01-27-2004 09:56 AM
SAMBA access based on NT Domain groups [using winbind] tisource Linux - Networking 1 11-24-2003 12:34 AM


All times are GMT -5. The time now is 10:20 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration