LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page pam/winbind user not found problem
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-15-2009, 10:55 AM   #1
td3201
Member
Contributing Member
 
Registered: Jan 2002
Location: Omaha, NE US
Distribution: Red Hat/CentOS
Posts: 226

Rep: Reputation: 30
Question pam/winbind user not found problem

Hello,

Sorry for the generic subject. I am not sure how to classify the
problem more accurately.

I am running pam-0.99.6.2-4.el5 on RHEL 5.3. I have an application
that uses pam. Out of the box, it has this configuration file in
/etc/pam.d:
#%PAM-1.0
auth include system-auth
account include system-auth
password include system-auth

My system auth contains this:
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_winbind.so use_first_pass
auth required pam_deny.so
account required pam_unix.so broken_shadow
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 500 quiet
account [default=bad success=ok user_unknown=ignore] pam_winbind.so
account required pam_permit.so
password requisite pam_cracklib.so try_first_pass retry=3
password sufficient pam_unix.so md5 shadow nullok try_first_pass
use_authtok
password sufficient pam_winbind.so use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in
crond quiet use_uid
session required pam_unix.so
session required pam_mkhomedir.so skel=/etc/skel umask=077

SSH authentication with active directory accounts works just fine.
The usernames are formatted as DOMAIN+username. However, they do not
work with this application for some reason. The developer claims that
the formatting shouldn't be a problem with their app so I am double
checking here. When I try to auth with the application, I get this
in /var/log/secure:

Jul 15 10:40:59 foo Application[6827]: pam_unix(app:auth):
check pass; user unknown
Jul 15 10:40:59 foo Application[6827]: pam_unix(app:auth):
authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
Jul 15 10:40:59 foo Application[6827]:
pam_succeed_if(app:auth): error retrieving information about user
DOMAIN+username

Just to prove I can see that user, here is a 'getent passwd':
DOMAIN+username:*:15000:15019:User Name:/home/DOMAIN/username:/bin/bash

Any ideas?
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Dovecot / Winbind / Pam problem nighthawk17 Linux - Networking 1 07-23-2007 06:33 AM
Apache auth_pam / pam winbind deny failed user auth collen Linux - Security 3 04-10-2006 02:20 AM
winbind pam module paul_mat Linux - Networking 0 12-21-2005 11:22 PM
winbind without PAM Gort32 Slackware 0 12-16-2005 10:00 AM
Problem with Winbind+PAM zcorpio Linux - Networking 1 06-25-2004 07:53 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:25 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration