passwd calls winbind unneccesarily
31sahibzada at niit.edu.pk
31sahibzada at niit.edu.pk
Thu Jun 24 19:15:08 UTC 2004
Hi,
ok i need help in writing a script which will affect the passwd program.
my problem is that i have implemented the single sign on.
now i wanted my windows users to be able to change there passwords from
linux boxes. so i changed the /etc/pam.d/passwd file. now it works fine
but the problem is that if i try to change the password of a local user it
prompts me twice for changing the NT password.
i want that some how the script should detect that the user is local and
pam_winbind.so doesnt need to be called . only pam_stack.so needs to be
called.
here is my /pam.d/passwd file
auth sufficient pam_winbind.so
auth required pam_stack.so service=system-auth use_first_pass
account sufficient pam_winbind.so
account required pam_stack.so service=system-auth
password sufficient pam_winbind.so
password required pam_stack.so service=system-auth
now what happens is that this works fine for a windows user. this is what
happens
[LINWIN/maryam at niit158VM maryam]$ passwd
Changing password for user LINWIN/maryam
current) NT password:
Enter new NT password:
passwd: all authentication tokens updated successfully
now this is fine for a winodws user. password changed easily
now look at this for a local unix user.
[john at niit158VM root]$ passwd
Changing password for user john.
Changing password for john
[B](current) NT password:[/B]
(current) UNIX password:
[B]Enter new NT password:[/B]
[B]Retype new NT password:[/B]
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
THE BOLD LINES are where the problem is. even if the user is a local unix
user the system still asks to change the NT password? although at the end
the local user's password is changed but still i dont want this extra
messages coming up?
how to get out of this?
Sahibzada Junaid Noor
Ph#(+92) (051) 5950 940
Cell#(+92) (0333) 5223586
Qazi plaza,Third Floor,Commerical Market,
Chaklala Scheme 3,
Rawalpindi
Islamic Republic of Pakistan
More information about the Pam-list
mailing list