Re: redhat 8, winbind, pam and vsftp HELP!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



You might find it instructive to do a "tail -f /var/log/messages",
and then try (from another window) your ftp. This way you can see some of the authentication messages as they happen. You may be surprised at what you observe.


--johnT

T Avery wrote:
I can't get vsftpd to authenticate using winbind and pam on redhat 8. I have successfully used pam_winbind.so. I have used the pam_winbind.so successfully with samba in the /etc/pam.d/samba file, but it also works with the system-auth below. I have had no luck with the system-auth below for vsftpd with the /etc/pam.d/vsftp file and have also tried the pam_winbind.so setup as in vsftpd below without pam_winbind.so in system-auth.

vsftpd works fine with local accounts whether the pam_winbind.so is in the vsftpd pam file or in the system-auth pam file. I have tried logging in with username, DOM+username, and dom+username. All attempts wait for a few seconds on the login and then return a "530 Login incorrect. Error logging on to: server" error. The home folder is present and permissions are set for the winbind authenticated user (dom+username). I even set the folder permissions to 777 just to see if it was that problem.

Please help! This is driving me nuts!

O'Canada

My vsftpd pam file:
auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/vsftpd.ftpusers onerr=succeed
# Added the line below at this location without success.
auth sufficient /lib/security/pam_windbind.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_shells.so
# This line doesn't make any difference for local accounts, so I left it in
account sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth



My system-auth pam file:
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
auth sufficient /lib/security/pam_windbind.so
auth required /lib/security/pam_deny.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so retry=3 type=
password sufficient /lib/security/pam_unix.so nullok use_authtok md5 shadow
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so



_______________________________________________ Pam-list@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/pam-list






_______________________________________________

Pam-list@xxxxxxxxxx
https://listman.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux