<snip> >The users of the NT domain are not in the local password file, and they >should not have to be. [/marin] That's correct. Authentication is done against your NT-PDC. >However, I am not sure how to write the >/etc/pam.d/httpd file to make sure that users and passwords only get >authenticated through the NT domain. > >The only two things I have in my /etc/pam.d/httpd file are: > >auth sufficient /lib/security/pam_smb_auth.so nolocal >password required /lib/security/pam_smb_auth.so nolocal > [/marin] Change your /etc/pam.d/httpd as following : -------------------------------------------------------------------- auth required /lib/security/pam_smb_auth.so nolocal debug account required /lib/security/pam_permit.so -------------------------------------------------------------------- Note that debug is optional. If enabled output is written to /var/log/secure Also have you specified your NT-PDC, NT-BDC and domain name into /etc/pam_smb.conf ? If you still have troubles let me know. /marin
