[ILUG] Winbind/Authentication

[Kevin Schoenfeld]

Hi...

Quick question...
I have an NT 4 PDC, a RedHat 7.1 workstation with Samba 2.2.3

	-wbinfo -t is succesful
	-getent passwd and group is succesful
	-I can connect from Linux to Windows shares and visa versa using the NT 4
Domain User/passwords

But I cannot log into my Linux Box with the NT4 Domain User/Passwords.

Any Ideas?
Below are my smb.conf, and /etc/pam.d/login, samba ans system-auth....

Here's /etc/pam.d/samba:
#%PAM-1.0
auth       required	/lib/security/pam_securetty.so
auth       required	/lib/security/pam_nologin.so
auth 	   sufficient	/lib/security/pam_winbind.so
auth	   required	/lib/security/pam_pwdb.so use_first_pass shadow nullok
account	   required	/lib/security/pam_winbind.so
session    required	pam_stack.so service=system-auth
password   required	pam_stack.so service=system-auth

Here's /etc/pam.d/login:
#%PAM-1.0
auth       required	/lib/security/pam_securetty.so
auth       required	/lib/security/pam_nologin.so
auth 	   sufficient	/lib/security/pam_winbind.so
auth	   required	/lib/security/pam_pwdb.so use_first_pass shadow nullok
account	   required	/lib/security/pam_winbind.so
password   required	/lib/security/pam_stack.so service=system-auth
session    required	/lib/security/pam_stack.so service=system-auth
session    optional	/lib/security/pam_console.so

Here's /etc/pam.d/system-auth:
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/pam_env.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok
auth        required      /lib/security/pam_deny.so
auth       required	/lib/security/pam_securetty.so
auth       required	/lib/security/pam_nologin.so
auth 	   sufficient	/lib/security/pam_winbind.so
auth	   required	/lib/security/pam_pwdb.so use_first_pass shadow nullok
account	   required	/lib/security/pam_winbind.so
account     required      /lib/security/pam_unix.so
password    required      /lib/security/pam_cracklib.so retry=3
password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5
shadow
password    required      /lib/security/pam_deny.so
session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so

Here's my smb.conf:
[global]
   workgroup = CIAS_NTLAB
   server string = Linux Kevin - Samba Server
   log file = /var/log/samba/log.%m
   max log size = 50
   security = domain
   password server = MIRACLEMAX
   ;domain logons = yes
   encrypt passwords = yes
   smb passwd file = /etc/smbpasswd
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   local master = no
   dns proxy = no
   winbind uid = 10000-20000
   winbind gid = 10000-20000
   template homedir = /home/%D%U
   template shell = /bin/bash
[homes]
   comment = Home Directories
   browseable = yes
   writable = yes
[printers]
   comment = All Printers
   path = /var/spool/samba
   browseable = no
   guest ok = no
   writable = no
   printable = yes
[tmp]
   comment = Temporary file space
   path = /tmp
   read only = no
   public = yes

Kevin Schoenfeld
(716) 475-4688
PC Systems Administrator
College of Imaging Arts and Science (7a-1320)
Rochester Institute of Technology