Hi- I recently upgraded (downgraded?) from RH6.2 to RH7 and have had pretty much nothing but problems with it. PAM just seems to be broken or have changed in some poorly-documented way. I have system users mapped to users on the PDC via matching usernames. I then passwd -d the username to remove the password on the Linux box (I have also tried manually adding stars to the passwd/shadow files as apropos), and have my pam.d files like this: #%PAM-1.0 auth required /lib/security/pam_smb_auth.so debug account required /lib/security/pam_stack.so service=file-auth And pam_stack file-auth as: account sufficient /lib/security/pam_unix.so account required /lib/security/pam_deny.so I have tried various iterations of account using pam_unix, pam_pwdb, and others, all to no avail. I have also tried not using pam_stack and including pam_unix or pam_pwdb directly in the imap file. Either the users can get in without any password, which scares the hell out of me, or they can't get in at all, which is likewise frightening. Any ideas? n
