1 |
On 30 Jul 2007, at 12:07, Anders Trobäck wrote: |
2 |
> ... |
3 |
> However, I did add the winbind to the system-auth like this: |
4 |
> auth required pam_env.so |
5 |
> auth sufficient /lib/security/pam_winbind.so |
6 |
> auth sufficient pam_unix.so use_first_pass likeauth nullok |
7 |
> |
8 |
> account required pam_unix.so |
9 |
> |
10 |
> password sufficient pam_winbind.so |
11 |
> password required pam_cracklib.so difok=2 minlen=8 dcredit=2 |
12 |
> ocredit=2 retry=3 |
13 |
> password sufficient pam_unix.so nullok md5 shadow use_authtok |
14 |
> password required pam_deny.so |
15 |
> |
16 |
> session required pam_limits.so |
17 |
> session required pam_unix.so |
18 |
> |
19 |
> |
20 |
> Now I can ssh to the box but I as soon as I are logged on I'm kicked |
21 |
> off! |
22 |
|
23 |
Do the winbind users have a shell & homedir? |
24 |
|
25 |
I'm afraid I can't recall how the shell is defined for them, but I |
26 |
use pam_mkhomedir for the latter. I have always used courier-imap at |
27 |
home, but it doesn't use a pam session, required for pam_mkhomedir, |
28 |
so chose Dovecot IMAP for this office. I'm pretty sure that ssh works |
29 |
fine with pam_mkhomedir, tho'. |
30 |
|
31 |
Stroller. |
32 |
|
33 |
-- |
34 |
gentoo-user@g.o mailing list |