Courier-IMAP, winbind & pam_mkhomedir.so
Stroller
linux.luser at myrealbox.com
Mon Jan 9 05:18:51 UTC 2006
On 13 Dec 2005, at 11:52, Stroller wrote:
> ...
> I'm feeling a bit stuck on this, so any suggestions gratefully
> received. I'm trying to set up a Linux-based IMAP server that will
> authenticate against users on a Windows 2003 SBS domain controller.
> ...
> I have set the /etc/pam.d/imap very simply, similar to that
> discussed at <http://www.flatmtn.com/computer/Linux-
> Samba.html#Samba-2>:
>
> #%PAM-1.0
> auth required /lib/security/pam_winbind.so
> account required /lib/security/pam_winbind.so
> session required /lib/security/pam_mkhomedir.so skel=/etc/
> skel umask=0022 debug
>
> And I'm a bit unclear as to why similar configurations seem to be
> working for everyone else & not me...
>
> Courier-IMAP...
For the benefit of Google this is resolved now, my solution being to
use the Dovecot IMAP server (versions later than alpha 1.0) with a
section in the .conf file thus:
passdb pam {
args = "-session *"
}
It seems that Courier doesn't do PAM sessions, which is why
pam_mkhomedir.so wasn't being called. My understanding is that
Dovecot doesn't really use sessions ether, but for the benefit of PAM
modules like pam_mkhomedir.so the configuration option above causes
it to open and close a session upon successful auth.
Stroller.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pam-list/attachments/20060109/bdd48739/attachment.htm>
More information about the Pam-list
mailing list