Hello there, I am having weird issue. The problem is when a wrong password entered when I login or use sudo as AD user, the system uses the same wrong password next three times and exits , and does not prompt for password again.
This is not the case when winbind is not used. I suspect this is something to do with PAM for winbind. Please somene look at my PAM config and let me know if there is anything worng. Any hint is appreciated. auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_winbind.so cached_login use_first_pass auth required pam_deny.so account required pam_access.so account required pam_unix.so broken_shadow account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_winbind.so cached_login account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok password sufficient pam_winbind.so cached_login use_authtok password required pam_deny.so session optional pam_mkhomedir.so skel=/etc/skel/ session required pam_limits.so session required pam_unix.so -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba