[K12OSN] System-Auth

Kemp, Levi lnkemp at bolivar.k12.mo.us
Tue Sep 4 13:27:24 UTC 2007 

I put my pam_mount lines in the login and gdm/kdm files. Other then that, I have the exact same system-auth file.

Levi Kemp
Technology Specialist
Bolivar R-1 Schools
417-328-8943
lnkemp at bolivar.k12.mo.us



-----Original Message-----
From: k12osn-bounces at redhat.com on behalf of Mel Wade
Sent: Mon 9/3/2007 11:37 AM
To: Support list for open source software in schools.
Subject: [K12OSN] System-Auth
 
I've got a problem with my system-auth file in an AD integration - the
file is below.  Everything works great until I add the pam_mount lines
to mount the home folders.  I imagine the problem is simple but I'm
just not familiar enough with the details of the system-auth to see
it.

Can someone take a look at this for me?

When I add the pam_mount lines the clients disconnect and I get the
following error messages in the log:

Sep  3 09:18:41 library last message repeated 11 times
Sep  3 09:18:53 library gdm[4188]: nss_ldap: reconnected to LDAP
server ldap://10.0.4.10 after 1 attempt
Sep  3 09:18:55 library gdm[4188]: pam_krb5[4188]: authentication
succeeds for 'try' (try at UCASTUDENT.NET)
Sep  3 09:18:59 library gdm[4188]: Couldn't authenticate user

#%PAM-1.0
#Line above is part of this file
############
#/etc/pam.d/system-auth config file
############
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth optional pam_krb5.so
auth optional pam_mount.so try_first_pass
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth required pam_deny.so

account sufficient pam_krb5.so
account required pam_unix.so
account sufficient pam_succeed_if.so uid < 500 quiet
account required pam_permit.so

password requisite pam_cracklib.so try_first_pass retry=3
password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok
password required pam_deny.so

session optional pam_keyinit.so revoke
session required pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in crond
quiet use_uid
session required pam_unix.so
session required pam_mkhomedir.so umask=0077 skel=/etc/skel quiet
session optional pam_mount.so
## end of system-auth

Here's my mount command from the pam_mount.conf file:

volume * cifs studenta home /home/&/Desktop/SaveHere uid=& - -

-- 
Mel Wade
"The real problem is not whether machines think but whether men do." -
BF Skinner
http://www.melwade.com

_______________________________________________
K12OSN mailing list
K12OSN at redhat.com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 3781 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/k12osn/attachments/20070904/dfcc045a/attachment.bin>

More information about the K12OSN mailing list