| 1 |
On Sun, 29 Jul 2007 13:25:50 +0400 |
| 2 |
"Vladimir Rusinov" <vladimir@×××××××××.info> wrote: |
| 3 |
|
| 4 |
> On 7/27/07, Stroller <stroller@××××××××××××××××××.uk> wrote: |
| 5 |
> > |
| 6 |
> > > I have not done anything with my PAM files yet but I think this |
| 7 |
> > > step should work anyway!(?) |
| 8 |
> > |
| 9 |
> > I have found `getent passwd` and `getent group` not to work entirely |
| 10 |
> > as expected. |
| 11 |
> |
| 12 |
> EG: |
| 13 |
> > $ getent group | grep -i dave |
| 14 |
> > domain users:x: |
| 15 |
> > 10000:administrator,support_399845a0,krbtgt,iusr_bodmin,iwam_bodmin,mobi |
| 16 |
> > le user tmpl,user tmpl,power user tmpl,administrator tmpl,sbs backup |
| 17 |
> > user,ned,usertemplate- |
| 18 |
> > lanesre,evelyn,tim,charlotte,dave,mandi,kim,vebra,deanne,alex,laura,anne |
| 19 |
> > ,anne.h,gillian,maintenance,gail |
| 20 |
> > $ getent passwd | grep -i dave |
| 21 |
> |
| 22 |
> |
| 23 |
> I had the simular problem. |
| 24 |
> I had winbind uid range 1000-10000, and I had real user with uid 1001. |
| 25 |
> Solution was to set uid range to 1010-10000. |
| 26 |
> |
| 27 |
> My advice is to move on to the next step (PAM) & see what happens. I |
| 28 |
> > have always worked off the "Testing Things Out" section of Chapter |
| 29 |
> > 24 of the Samba manual, "Winbind: Use of Domain Accounts" <http:// |
| 30 |
> > www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html> |
| 31 |
> > and have always found following it to work perfectly, but winbind |
| 32 |
> > doesn't seem well-documented elsewhere or by 3rd parties. |
| 33 |
> > |
| 34 |
> |
| 35 |
> Also, try to add winbind everywhere at nsswitch. |
| 36 |
> I can't reach my config now, but I'm sure I have more the 2 winbind |
| 37 |
> lines at nsswitch.conf. |
| 38 |
> |
| 39 |
> PS: sorry for my English. |
| 40 |
> |
| 41 |
|
| 42 |
Hi, |
| 43 |
|
| 44 |
I have the rid set to 10000-20000 and I have no local users in that |
| 45 |
range! |
| 46 |
|
| 47 |
I can chown and chgrp but still getent are not working... |
| 48 |
|
| 49 |
However, I did add the winbind to the system-auth like this: |
| 50 |
auth required pam_env.so |
| 51 |
auth sufficient /lib/security/pam_winbind.so |
| 52 |
auth sufficient pam_unix.so use_first_pass likeauth nullok |
| 53 |
|
| 54 |
account required pam_unix.so |
| 55 |
|
| 56 |
password sufficient pam_winbind.so |
| 57 |
password required pam_cracklib.so difok=2 minlen=8 dcredit=2 |
| 58 |
ocredit=2 retry=3 |
| 59 |
password sufficient pam_unix.so nullok md5 shadow use_authtok |
| 60 |
password required pam_deny.so |
| 61 |
|
| 62 |
session required pam_limits.so |
| 63 |
session required pam_unix.so |
| 64 |
|
| 65 |
|
| 66 |
Now I can ssh to the box but I as soon as I are logged on I'm kicked |
| 67 |
off! |
| 68 |
|
| 69 |
Any ideas? |
| 70 |
|
| 71 |
|
| 72 |
\\anders |
| 73 |
|
| 74 |
|
| 75 |
PS. Don't forget...I'm new to Gentoo:-) |
| 76 |
|
| 77 |
-- |
| 78 |
|
| 79 |
============================================ |
| 80 |
Microsoft is not the answer. |
| 81 |
Microsoft is the question. |
| 82 |
And 'No' is the answer! |
| 83 |
-------------------------------------------- |
| 84 |
Anders Trobäck |
| 85 |
http://www.troback.com |
| 86 |
-- |
| 87 |
gentoo-user@g.o mailing list |
Archives