Authenticating FC3 against an ADS Server
Gavin McDonald
gavitron at gmail.com
Wed Apr 27 07:31:03 UTC 2005
When I did this on RHEL, I had to install the ldap tools, for one.
for two, here's a reference:
http://enterprise.linux.com/article.pl?sid=04/12/09/2318244&tid=102&tid=101&
tid=100
Regards,
G
-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com]
On Behalf Of Gavin Young
Sent: Tuesday, April 26, 2005 10:55 PM
To: General Red Hat Linux discussion list
Subject: Authenticating FC3 against an ADS Server
Has anyone managed to successfully authenticate a Fedora Core 3
workstation against a MS Active Directory? We have have had some
moderate success, i.e. we have joined the machine to the domain and can
view users in active directory s but still can't login through the
graphical login.
<!--
[root at machine user]# net ads testjoin
Join is OK
-->
When trying to login...
<!tail messages--
Apr 27 09:33:44 localhost login(pam_unix)[5072]: authentication failure;
logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost= user=DOMAIN
\agent.smith
Apr 27 09:33:45 localhost pam_winbind[5072]: user 'DOMAIN\agent.smith'
granted access
Apr 27 09:33:45 localhost pam_winbind[5072]: user 'DOMAIN\agent.smith'
granted access
Apr 27 09:33:45 localhost login(pam_unix)[5072]: session opened for user
DOMAIN\agent.smith by LOGIN(uid=0)
Apr 27 09:33:45 localhost login[5072]: Permission denied
-->
/etc/pam.d/login
#%PAM-1.0
auth required pam_securetty.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_stack.so service=system-auth
session optional pam_console.so
# pam_selinux.so open should be the last session rule
session required pam_mkhomedir.so skel=/etc/skel/ umask=0077
session required pam_selinux.so multiple open
-->
#%PAM-1.0
auth required pam_securetty.so
auth sufficient pam_winbind.so
auth required pam_nologin.so
account required pam_winbind.so
password required pam_stack.so service=system-auth
session required pam_mkhomedir.so skel=/etc/skel/ umask=0077
Apr 27 10:37:29 localhost pam_winbind[7053]: user 'domain\agent.smith'
granted access
Apr 27 10:37:29 localhost pam_winbind[7053]: user 'domain\agent.smith'
granted access
Apr 27 10:37:29 localhost login[7053]: Permission denied
-->
Any help or pointers towards some good documentation would be greatly
appreciated.
Gavin
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
More information about the redhat-list
mailing list