LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Red Hat
User Name
Password
Red Hat This forum is for the discussion of Red Hat Linux.

Notices



Reply
 
Search this Thread
Old 10-27-2006, 07:39 AM   #1
Felipe
Member
 
Registered: Oct 2006
Posts: 294

Rep: Reputation: 31
Unable to validate users against Directory Users in RHEL4


Hallo:

Im trying to validate users against de Directory Active (DA) in RedHat EL 4.

Ive joined the machine to the DA.

Commands work fine. Ej:
kinit user1#REALM1.RED
kinit user1#REALM2.RED
net ads info
net ads status
wbinfo -g
wbinfo -u


But im unable to connect to the machine throught ssh, telnet,samba, .... When try to connect, winbind logs:

sshd[7605]: pam_krb5[7605]: error resolving user name 'user1' to uid/gid pair
pam_krb5[7605]: error getting information about 'user1'
pam_winbind[7605]: request failed: Wrong Password, PAM error was 7, NT error was NT_STATUS_WRONG_PASSWORD

(and I know its not a problem of password wrong).


I suppose ive a problem with pams, but i dont know where is the problem. What ive configured:

system-auth
==============
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_krb5.so use_first_pass
auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so

account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100
account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_krb5.so
account sufficient /lib/security/$ISA/pam_winbind.so

password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password sufficient /lib/security/$ISA/pam_krb5.so use_authtok
password sufficient /lib/security/$ISA/pam_winbind.so use_authtok
password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
session optional /lib/security/$ISA/pam_mkhomedir.so skel=/etc/skel/ umask=0022
session optional /lib/security/$ISA/pam_krb5.so


sshd
================
#%PAM-1.0
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth

login
=====================
#%PAM-1.0
auth sufficient pam_winbind.so
auth required pam_securetty.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so

account sufficient pam_winbind.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth

session required pam_mkhomedir.so umask=0022
session required pam_stack.so service=system-auth
session optional pam_console.so
session required /lib/security/pam_limits.so
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Validate Samba users on Windows 2003 Server FlyveR Linux - Newbie 3 05-20-2006 06:22 PM
Active directory users to Samba users alexpacio Linux - Networking 0 05-19-2006 09:44 AM
"users.allow" and "users.deny": under what directory, in Mandriva? KWTm Mandriva 0 10-09-2005 03:23 PM
Samba can't validate the users jen209110 Linux - Networking 1 01-12-2004 11:01 AM
unable to pm users? bigcletus LQ Suggestions & Feedback 3 06-24-2003 11:14 PM


All times are GMT -5. The time now is 01:07 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration