Re: redhat 8, winbind, pam and vsftp HELP!

"John M. Taylor Jr." <johnt@xxxxxxxxxxx> · Wed, 09 Apr 2003 14:44:57 -0400

You might find it instructive to do a "tail -f /var/log/messages",

and then try (from another window) your ftp. This way you can see some 
of the authentication messages as they happen. You may be surprised at 
what you observe.

--johnT

T Avery wrote:
I can't get vsftpd to authenticate using winbind and pam on redhat 8. I 
have successfully used pam_winbind.so. I have used the pam_winbind.so 
successfully with samba in the /etc/pam.d/samba file, but it also works 
with the system-auth below. I have had no luck with the system-auth 
below for vsftpd with the /etc/pam.d/vsftp file and have also tried the 
pam_winbind.so setup as in vsftpd below without pam_winbind.so in 
system-auth.

vsftpd works fine with local accounts whether the pam_winbind.so is in 
the vsftpd pam file or in the system-auth pam file. I have tried logging 
in with username, DOM+username, and dom+username. All attempts wait for 
a few seconds on the login and then return a "530 Login incorrect. Error 
logging on to: server" error. The home folder is present and permissions 
are set for the winbind authenticated user (dom+username). I even set 
the folder permissions to 777 just to see if it was that problem.

Please help! This is driving me nuts!

O'Canada

My vsftpd pam file:

auth       required    /lib/security/pam_listfile.so item=user 
sense=deny file=/etc/vsftpd.ftpusers onerr=succeed

# Added the line below at this location without success.

auth       sufficient   /lib/security/pam_windbind.so

auth       required    /lib/security/pam_stack.so service=system-auth

auth       required    /lib/security/pam_shells.so

# This line doesn't make any difference for local accounts, so I left it in

account    sufficient  /lib/security/pam_winbind.so

account    required    /lib/security/pam_stack.so service=system-auth

session    required    /lib/security/pam_stack.so service=system-auth

My system-auth pam file:

auth        required      /lib/security/pam_env.so

auth        sufficient    /lib/security/pam_unix.so likeauth nullok

auth       sufficient   /lib/security/pam_windbind.so

auth        required      /lib/security/pam_deny.so

account     required      /lib/security/pam_unix.so

password    required      /lib/security/pam_cracklib.so retry=3 type=

password    sufficient    /lib/security/pam_unix.so nullok use_authtok 
md5 shadow

password    required      /lib/security/pam_deny.so

session     required      /lib/security/pam_limits.so

session     required      /lib/security/pam_unix.so

_______________________________________________

Pam-list@xxxxxxxxxx
https://listman.redhat.com/mailman/listinfo/pam-list

_______________________________________________

Pam-list@xxxxxxxxxx
https://listman.redhat.com/mailman/listinfo/pam-list