Mailinglist Archive: opensuse (770 mails)

< Previous Next >
[opensuse] pam winbind settings problem
Hi everyone

openSUSE seems to have no way to set pam winbind settings unless you join an existing domain as a client.

What if, as in Samba4, we are already the DC? We seem to have no way of setting up pam winbind without specifically joining a domain.
Ubuntu has a module where you can set pam winbind whether or not you join a domain.

The official Samba doco cites this for pam winbind:
/etc/pam.d/common-auth
Add this line before pam_unix.so:
auth sufficient pam_winbind.so
Also add the option use_first_pass to the pam_unix.so line

/etc/pam.d/common-account
Add this line before pam_unix.so:
account sufficient pam_winbind.so

/etc/pam.d/common-session
Add these lines before any other session line:
session required pam_mkhomedir.so
session required pam_winbind.so

However, this does not work with 12.1 nor 12.2 RC2 since then, Kerberos authentication does not work.

Could anyone post their /etc/pam.d config for a working Samba4 DC with Kerberos and winbind? Better still, could we have a pam setup (yast maybe?) which does the same job as Ubuntu's pam-auth-config?

Thanks,
L x
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
Follow Ups