[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[K12OSN] winbind configurations



Before you use these be sure you know how to use a rescue disk/cd..I invariably
lock myself out 8~). Save your old pam.d scripts where you can find them. One
thing not resolved..can not open a second xterm and login. Maybe someone could
see the problem..but it works. I have the stuff I worked fro m at school.

/etc/nsswitch.conf#
passwd:     files winbind nisplus 
shadow:     files winbind nisplus 
group:      files winbind nisplus 
hosts:      files nisplus dns
bootparams: nisplus [NOTFOUND=return] files
ethers:     files
netmasks:   files
networks:   files
protocols:  files nisplus 
rpc:        files
services:   files nisplus 
netgroup:   files nisplus 
publickey:  nisplus

automount:  files nisplus
aliases:    files nisplus

/etc/samba/smb.conf# 
[global]
	log file = /var/log/samba/%m.log
	passwd chat = *New*password*Dude* %n/n *Retype*new*passord* 5n/n *passwd:*all*authentication*tokens*updated*
	passwd program=/usr/bin/passwd %u
	load printers = yes
	smb passwd file = /etc/samba/smbpasswd
	socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
	wins server = 10.10.0.3
	encrypt passwords = yes
	dns proxy = No
	netbios name = Eagle1
	server string = Samba Server
	writable = no
	#browseable = no
	local master = No
	remote announce = 10.10.255.255
	workgroup = ELLSWORTH
	os level = 33
	security = domain
	######################Winbind
obey pam restrictions = yes
security = domain
#winbind Separator = +
winbind uid = 10000-20000
winbind gid = 10000-20000
	winbind enum users = yes
	winbind enum groups = yes
	winbind use default domain = yes
	template homedir = /home/%U
	template shell = /bin/bash
	smbpasswd file =/etc/samba/smb.conf
	name resolve order = hosts wins lmhosts  bcast
	password server = *
	unix password sync = yes
	create mode=700
	directory mode=700	
##################
	preferred master = False
	max log size = 0
	printer admin = captain root jingalls @root
	addprinter command = /usr/sbin/addprinter
[homes]
	comment=Home Direcorites
	valid users=%D+%S
#valid users=%U	
read only = no
	create mask = 0644
	directory mask=0755
	browseable=yes

[Print$]
	path = /etc/samba/printer
	guest ok = yes
	public = yes
	read only = no	
	writeable = yes
	browseable = yes
	write list = 
[printers]
comment = All Printers
	guest ok = yes
	path = /var/spool/samba
	printable = Yes
	browseable = yes
/etc/pam.d/login
#%PAM-1.0  LOGIN
auth       required      /Iib/security/pam_securetty.so
auth sufficient /lib/security/pam_winbind.so
auth	sufficient	/lib/security/pam_unix.so use_first_pass
auth       required	/lib/security/pam_stack.so service=system-auth
auth       required	/lib/security/pam_nologin.so
##########

account sufficient /lib/security/pam_winbind.so
account   sufficient 	/lib/security/pam_stack.so service=system-auth
password   sufficient	/lib/security/pam_stack.so service=system-auth
session    sufficient	/lib/security/pam_stack.so service=system-auth
session    optional	/lib/security/pam_console.so
#session optional /lib/security/lib/security/pam_mount.so 
#auth required /lib/security/pam_mount.so use_first_pass

/etc/pam.d/system-auth
#%PAM-1.0  system-AUTH
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/pam_env.so
auth sufficient	/lib/security/pam_winbind.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok use_first_pass
#auth        sufficient    /lib/security/pam_ldap.so 
auth        required      /lib/security/pam_deny.so
##################################
#auth required /lib/security/pam_mount.so use_first_pass

#lord help...chgd from required to sufficient
account     required     /lib/security/pam_unix.so
#account     [default=bad success=ok user_unknown=ignore service_err=ignore system_err=ignore] /lib/security/pam_ldap.so

password    required      /lib/security/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5 shadow
#password    sufficient    /lib/security/pam_ldap.so use_authtok
password    required      /lib/security/pam_deny.so
session 	required  /lib/security/pam_mkhomedir.so skel=/etc/skel/ umask=0022
session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so
#session     optional      /lib/security/pam_ldap.so
#session optional /lib/security/lib/security/pam_mount.so 
	
pam.d/gdm
auth       required	pam_env.so
auth       required	pam_stack.so service=system-auth
auth       required	pam_nologin.so
account    required	pam_stack.so service=system-auth
password   required	pam_stack.so service=system-auth
session    required	pam_stack.so service=system-auth
session    optional     pam_console.so

pam.d/samba
#%PAM-1.0  SAMBA
auth       required	pam_nologin.so
auth       required	pam_stack.so service=system-auth
auth required /lib/security/pam_winbind.so
account required /lib/security/pam_winbind.so
account    required	pam_stack.so service=system-auth
session    required	pam_stack.so service=system-auth
session    required     /lib/security/pam_mkhomedir.so skel=/etc/skel umask=0077	
password   required	pam_stack.so service=system-auth

/etc/pam_mount.conf--never did get this to work
debug 1
mkmountpoint 1
lsof /usr/sbin/lsof
options_require	nosuid,nodev
luserconf .pam_mount.conf
smbmount /bin/mount -t smbfs
#ncpmount /bin/mount -t ncpfs
umount   /bin/umount
pmhelper /usr/sbin/pmhelper
lclmount /bin/mount -p0
# volume * smb viper & /home/& uid=&,gid=&,dmask=0750,workgroup=WINDOWS_DOMAIN - -
# volume <user> [smb|ncp|nfs|local] <server> <volume> <mount point> <mount options> <fs key cipher> <fs key path>
volume * smb META1 Students /home/&/META1 uid=&,gid=&,dmask=0750,workgroup=Ellsworth - -
volume * smb META2 Students /home/&/META2 uid=&,gid=&,dmask=0750 workgroup=Ellsworth - -




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]