Re: problem with command order in auth block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



With the help of Narayana Pattipati I finally found a solution for my
problem below:

My auth block in my pam configuration looks now like:

auth            sufficient      pam_unix.so debug audit
auth            required        pam_winbind.so use_first_pass debug
auth            required        pam_storepw.so
auth            required        pam_nologin.so
auth            required        pam_env.so


The only problem here is that the password is even stored if the
authentication fails... But in this case the username/password combination
is wrong so thats not a real problem.

But my new problem is now (I don´t know if it is a real pam problem) that
when I try to add a local user to my system, the adduser util tries to set
a new password for the user created. Here pam directs him to winbind which
then tries to change the password for a non extistent user on my windows
server.
So this fails with an error and means that I´m also not able to change
passwords for local users.

Would it be possible to

my common-password:

password        sufficient      pam_winbind.so debug
password        required        pam_unix.so use_authtok obscure md5 shadow
password        required        pam_deny.so

Would it be possible to combine the possability to change local and remote
passwords - maybe depending on parameters ?

Thanks for any hints...

Michael




> I´m playing with some pam modules to set up a linux workstation system
integrated in an active directory including the mapping of home and
groupdirectories.
>
> To mount the shares after login I need to save the password temporarily
what I do with a pam modules pam_storepw in the "auth" section.
>
> Almost everything works fine for me except the fact that I can´t combine
winbind and unix authentication plus the pam_storepw module.




_______________________________________________

Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux