K12 LTSP 4.4.1: problems w winbind authentication
I just installed K12 LTSP with samba and I have a problem with the winbind authentication. The records in the messages log file are:
Dec 17 12:59:09 sv7 pam_winbind[3443]: user 'edu\bla' granted access
Dec 17 12:59:09 sv7 pam_winbind[3443]: user 'edu\bla' granted access
Dec 17 12:59:09 sv7 sshd(pam_unix)[3445]: session opened for user edu\bla by (uid=0)
Dec 17 12:59:10 sv7 sshd(pam_unix)[3445]: session closed for user edu\bla
The system-auth file content is:
#%PAM-1.0
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so broken_shadow
#account sufficient /lib/security/$ISA/pam_localuser.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account [default=bad success=ok user_unknown=ignore] /lib/security/$ISA/pam_winbind.so
account required /lib/security/$ISA/pam_permit.so
password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password sufficient /lib/security/$ISA/pam_winbind.so use_authtok
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
wbinfo shows the link with the Windows domain contrller works.
I cannot figure out why although the windind authentication is accepted and if the user is missing the home directory, then this directory is automatically generate, in the end the session is closed right after the authentication succeeded.
Any ideas?
Thanks,
Alexandru
|