[Freeipa-users] FreeIPA 3.3 AD<-> Solaris is working but solaris local users cannot able to login

Ben .T.George bentech4you at gmail.com
Mon Mar 23 11:29:30 UTC 2015 

HI

i created the home directory manually and copied the profile.

i tried to access the solaris box from putty and still it's not accepting
password.



On Mon, Mar 23, 2015 at 11:03 AM, Ben .T.George <bentech4you at gmail.com>
wrote:

> HI List
>
> finally after soo much struggling now i can able to login solaris box as
> AD user.
>
> but auto home directory creation still have issue. for that i need to
> compile some modules.
>
>
> The issue i am facing is i cannot able to login to solaris box after
> editing pam.conf file.here is the conf file
>
> bash-3.2# cat /etc/pam.conf
> #
> #ident  "@(#)pam.conf   1.32    11/04/08 SMI"
> #
> #
> login   auth requisite          pam_authtok_get.so.1
> login   auth required           pam_dhkeys.so.1
> login   auth sufficient         pam_ldap.so.1 debug
> login   auth sufficient         pam_krb5.so.1
> login   auth required           pam_unix_cred.so.1
> login   auth required           pam_unix_auth.so.1
> #login  auth required           pam_dial_auth.so.1
> #
> # rlogin service (explicit because of pam_rhost_auth)
> #
> rlogin  auth sufficient         pam_rhosts_auth.so.1
> rlogin  auth requisite          pam_authtok_get.so.1
> rlogin  auth required           pam_dhkeys.so.1
> rlogin  auth required           pam_unix_cred.so.1
> rlogin  auth required           pam_unix_auth.so.1
> #
> # Kerberized rlogin service
> #
> krlogin auth required           pam_unix_cred.so.1
> krlogin auth required           pam_krb5.so.1
> #
> # rsh service (explicit because of pam_rhost_auth,
> # and pam_unix_auth for meaningful pam_setcred)
> #
> rsh     auth sufficient         pam_rhosts_auth.so.1
> rsh     auth required           pam_unix_cred.so.1
> #
> # Kerberized rsh service
> #
> krsh    auth required           pam_unix_cred.so.1
> krsh    auth required           pam_krb5.so.1
> #
> # Kerberized telnet service
> #
> ktelnet auth required           pam_unix_cred.so.1
> ktelnet auth required           pam_krb5.so.1
> #
> # PPP service (explicit because of pam_dial_auth)
> #
> ppp     auth requisite          pam_authtok_get.so.1
> ppp     auth required           pam_dhkeys.so.1
> ppp     auth required           pam_unix_cred.so.1
> ppp     auth required           pam_unix_auth.so.1
> ppp     auth required           pam_dial_auth.so.1
> #
> # Default definitions for Authentication management
> # Used when service name is not explicitly mentioned for authentication
> #
> other   auth requisite          pam_authtok_get.so.1
> other   auth required           pam_dhkeys.so.1
> other   auth sufficient         pam_krb5.so.1
> other   auth sufficient         pam_ldap.so.1
> other   auth required           pam_unix_cred.so.1
> other   auth required           pam_unix_auth.so.1
> #
> # passwd command (explicit because of a different authentication module)
> #
> passwd  auth required           pam_passwd_auth.so.1
> #
> # cron service (explicit because of non-usage of pam_roles.so.1)
> #
> cron    account required        pam_unix_account.so.1
> #
> # Default definition for Account management
> # Used when service name is not explicitly mentioned for account management
> #
> other   account requisite       pam_roles.so.1
> other   account required        pam_unix_account.so.1
> other   account sufficient      pam_krb5.so.1
> other   account sufficient      pam_ldap.so.1
> #
> # Default definition for Session management
> # Used when service name is not explicitly mentioned for session management
> #
> #other   session required        pam_mkhomedir.so.1 skel=/etc/skel/
> umask=0027
> #other   session required        pam_unix_session.so.1
> #
> # Default definition for Password management
> # Used when service name is not explicitly mentioned for password
> management
> #
> other   password required       pam_dhkeys.so.1
> other   password requisite      pam_authtok_get.so.1
> # Password construction requirements apply to all users.
> # Remove force_check to have the traditional authorized administrator
> # bypass of construction requirements.
> other   password requisite      pam_authtok_check.so.1 force_check
> other   password required       pam_authtok_store.so.1
> #
> # Support for Kerberos V5 authentication and example configurations can
> # be found in the pam_krb5(5) man page under the "EXAMPLES" section.
> #
>
>
> please anyone help me to fix this issue.
>
>
> Thanks & Regards,
> Ben
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20150323/c770c678/attachment.htm>

More information about the Freeipa-users mailing list