X server does not start with windows domain users
Hi
I have Fedora Core 4 installation which is joined to Windows 2003 domain using samba with net ads join. Logins for Windows domain users work perfectly, but they can't start X server for some reason. Typing startx just gives the following error:
$ startx
Fatal server error:
PAM authentication failed, cannot start X server.
Perhaps you do not have console ownership?
Please consult the The X.Org Foundation support
at
for help.
giving up.
xinit: Connection refused (errno 111): unable to connect to X server
xinit: No such process (errno 3): Server error.
Local users can start X normally and I can't seem to find any problems with the associated pam files.
xserver:
#%PAM-1.0
auth sufficient pam_rootok.so
auth required pam_console.so
auth required pam_permit.so
account required pam_permit.so
login:
#%PAM-1.0
auth required pam_securetty.so
auth sufficient /lib/security/pam_winbind.so
auth sufficient /lib/security/pam_unix.so use_first_pass
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account sufficient /lib/security/pam_winbind.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_stack.so service=system-auth
session required pam_loginuid.so
session optional pam_console.so
session optional /lib/security/pam_mkhomedir.so skel=/etc/skel/
# pam_selinux.so open should be the last session rule
session required pam_selinux.so multiple open
system-auth:
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
account required /lib/security/$ISA/pam_permit.so
password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
Any help would be appreciated.
Regards
Matti Savolainen
|