1 |
On Mon, 30 Jul 2007 15:44:14 +0200 |
2 |
Anders Trobäck <public@×××××××.com> wrote: |
3 |
|
4 |
> On Mon, 30 Jul 2007 14:17:37 +0100 |
5 |
> Stroller <stroller@××××××××××××××××××.uk> wrote: |
6 |
> |
7 |
> > |
8 |
> > On 30 Jul 2007, at 12:07, Anders Trobäck wrote: |
9 |
> > > ... |
10 |
> > > However, I did add the winbind to the system-auth like this: |
11 |
> > > auth required pam_env.so |
12 |
> > > auth sufficient /lib/security/pam_winbind.so |
13 |
> > > auth sufficient pam_unix.so use_first_pass likeauth nullok |
14 |
> > > |
15 |
> > > account required pam_unix.so |
16 |
> > > |
17 |
> > > password sufficient pam_winbind.so |
18 |
> > > password required pam_cracklib.so difok=2 minlen=8 dcredit=2 |
19 |
> > > ocredit=2 retry=3 |
20 |
> > > password sufficient pam_unix.so nullok md5 shadow use_authtok |
21 |
> > > password required pam_deny.so |
22 |
> > > |
23 |
> > > session required pam_limits.so |
24 |
> > > session required pam_unix.so |
25 |
> > > |
26 |
> > > |
27 |
> > > Now I can ssh to the box but I as soon as I are logged on I'm |
28 |
> > > kicked off! |
29 |
> > |
30 |
> > Do the winbind users have a shell & homedir? |
31 |
> > |
32 |
> > I'm afraid I can't recall how the shell is defined for them, but I |
33 |
> > use pam_mkhomedir for the latter. I have always used courier-imap |
34 |
> > at home, but it doesn't use a pam session, required for |
35 |
> > pam_mkhomedir, so chose Dovecot IMAP for this office. I'm pretty |
36 |
> > sure that ssh works fine with pam_mkhomedir, tho'. |
37 |
> > |
38 |
> > Stroller. |
39 |
> > |
40 |
> |
41 |
> Yes the have home folders. I think that you set the shell with |
42 |
> "template shell" in smb.conf!(?) |
43 |
> |
44 |
|
45 |
Now it's working! It was file permissions, the home folder was set to |
46 |
770 but if I chmod to 750 it worked! |
47 |
|
48 |
Thanks for your time!!! |
49 |
|
50 |
|
51 |
\\troback |
52 |
|
53 |
-- |
54 |
|
55 |
============================================ |
56 |
Microsoft is not the answer. |
57 |
Microsoft is the question. |
58 |
And 'No' is the answer! |
59 |
-------------------------------------------- |
60 |
Anders Trobäck |
61 |
http://www.troback.com |
62 |
-- |
63 |
gentoo-user@g.o mailing list |