|
Unable to validate users against Directory Users in RHEL4
Hallo:
I´m trying to validate users against de Directory Active (DA) in RedHat EL 4.
I´ve joined the machine to the DA.
Commands work fine. Ej:
kinit user1#REALM1.RED
kinit user1#REALM2.RED
net ads info
net ads status
wbinfo -g
wbinfo -u
But i´m unable to connect to the machine throught ssh, telnet,samba, .... When try to connect, winbind logs:
sshd[7605]: pam_krb5[7605]: error resolving user name 'user1' to uid/gid pair
pam_krb5[7605]: error getting information about 'user1'
pam_winbind[7605]: request failed: Wrong Password, PAM error was 7, NT error was NT_STATUS_WRONG_PASSWORD
(and I know it´s not a problem of password wrong).
I suppose i´ve a problem with pam´s, but i don´t know where is the problem. What i´ve configured:
system-auth
==============
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_krb5.so use_first_pass
auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100
account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_krb5.so
account sufficient /lib/security/$ISA/pam_winbind.so
password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password sufficient /lib/security/$ISA/pam_krb5.so use_authtok
password sufficient /lib/security/$ISA/pam_winbind.so use_authtok
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
session optional /lib/security/$ISA/pam_mkhomedir.so skel=/etc/skel/ umask=0022
session optional /lib/security/$ISA/pam_krb5.so
sshd
================
#%PAM-1.0
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
login
=====================
#%PAM-1.0
auth sufficient pam_winbind.so
auth required pam_securetty.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account sufficient pam_winbind.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_mkhomedir.so umask=0022
session required pam_stack.so service=system-auth
session optional pam_console.so
session required /lib/security/pam_limits.so
|
