okay, im far from a pam expert, but i don't see any mention of winbind there?
It's my weekend at the moment so i can't get to my test box at work to show you my pam module using winbind, but maybe you should check out this page on my website, it's using ldap try and use this and replace any mention of ldap with winbind http://www.yourhowto.org/content/view/35/9/ or i have a how-to for authenticating against Active directories using LDAP http://www.yourhowto.org/content/view/34/9/ check it out, i'm sure that that wont need a local users as well, i'll be back at work on monday and can probably help you more, but give those two a go, see if anything comes from them > OK, here's the samba module: > > #%PAM-1.0 > auth required pam_nologin.so > auth required pam_stack.so service=system-auth > account required pam_stack.so service=system-auth > session required pam_mkhomedir.so skel=/etc/skel umask=0022 session required pam_stack.so service=system-auth > password required pam_stack.so service=system-auth > > and here's system-auth: > > #%PAM-1.0 > # This file is auto-generated. > # User changes will be destroyed the next time authconfig is run. auth required /lib/security/$ISA/pam_env.so > auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth required /lib/security/$ISA/pam_deny.so > > account required /lib/security/$ISA/pam_unix.so > > password required /lib/security/$ISA/pam_cracklib.so retry=3 typepassword required /usr/lib/security/pam_sso.so.1 > password sufficient /lib/security/$ISA/pam_unix.so nullok > use_authtok > md5 shadow > #password required /lib/security/$ISA/pam_deny.so > > session required /lib/security/$ISA/pam_limits.so > session required /lib/security/$ISA/pam_unix.so > > If you need more, please let me know. > > Dimitri > > > On Thursday March 30 2006 5:45 pm, Paul Matthews wrote: >> how about you post your pam module here, you might have it configured to require both local and winbind users instead of either or >> >> Paul Matthews >> I.T Trainee | The Cathedral School >> Ph (07) 47222 194 | Fax (07) 47222 111 >> PO Box 944 Aitkenvale Q 4814 >> E: [EMAIL PROTECTED] >> W: www.cathedral.qld.edu.au >> >> Anglican coeducation | Day and Boarding | Early Childhood to Year 12 Educating for life-long success >> >> *************************************************************************** >>* >> *************************************************************************** >>* *********************************** >> >> IMPORTANT NOTICE REGARDING CONFIDENTIALITY >> >> This electronic email message is intended only for the addressee and may contain confidential information. If you are not the addressee, you are notified that any transmission, distribution or photocopying of this email >> is strictly prohibited. The confidentiality attached to this email is not >> waived, lost or destroyed by reasons of a mistaken delivery to you. >> >> -----Original Message----- >> From: Dimitri Yioulos [mailto:[EMAIL PROTECTED] >> Sent: Friday, 31 March 2006 8:33 AM >> To: Paul Matthews >> Subject: Re: [Samba] Winbind and email server >> >> >> top-posting by necessity ... >> >> Hi, Paul. >> >> Alas, my nsswitch.conf is properly configured. Any other ideas? >> >> Dimitri >> >> On Thursday March 30 2006 5:12 pm, you wrote: >> > well the problem i think your having is that you have not edited the /etc/nsswitch.conf file. >> > >> > change from >> > >> > passwd: files >> > shadow: files >> > group: files >> > >> > to: >> > >> > passwd: winbind files >> > shadow: winbind files >> > group: winbind files >> > >> > or something along those lines, play with the /etc/nsswitch.conf to >> find >> > the right configuration for you. >> > >> > check out the post i've made on my website about how we use have setup >> my >> > mail system, i think i've done it fairly well >> > >> > http://www.yourhowto.org/content/view/25/9/ >> > >> > Paul Matthews >> > I.T Trainee | The Cathedral School >> > Ph (07) 47222 194 | Fax (07) 47222 111 >> > PO Box 944 Aitkenvale Q 4814 >> > E: [EMAIL PROTECTED] >> > W: www.cathedral.qld.edu.au >> > >> > Anglican coeducation | Day and Boarding | Early Childhood to Year 12 Educating for life-long success >> >> *************************************************************************** >> >> >* >> >> *************************************************************************** >> >> >* *********************************** >> > >> > IMPORTANT NOTICE REGARDING CONFIDENTIALITY >> > >> > This electronic email message is intended only for the addressee and >> may >> > contain confidential information. If you are not the addressee, you >> are >> > notified that any transmission, distribution or photocopying of this email is strictly prohibited. The confidentiality attached to this >> email >> > is not waived, lost or destroyed by reasons of a mistaken delivery to you. >> > >> > -----Original Message----- >> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] ]On Behalf Of Dimitri Yioulos >> > Sent: Friday, 31 March 2006 1:53 AM >> > To: samba@lists.samba.org >> > Subject: [Samba] Winbind and email server >> > >> > >> > Folks, >> > >> > Sincere apologies for asking this again, but I'm just not getting this >> to >> > work, and must be missing something here: >> > >> > My company's network is based around a Windows 2003 server AD, with >> >> several >> >> > RHEL AS 3 boxes connected to it via samba (3.0.21c-1). This scheme >> works >> > very well. I've set up, and have successfully been using a >> > sendmail-based email system, too. >> > >> > My issue is this: When I create a user account in AD, I have to also create it in the mail server. This is inconvenient and inefficient. >> > >> > I have samba installed on the mail server. I also have the mkhomedir >> >> module >> >> > installed, and the appropriate line to invoke it is in the samba, pop, and smtp.sendmail config files under /etc/pam.d. My users are using >> the >> > Outlook 2003 mail client. If I create a user in the email server, >> then >> > Outlook has no problem connecting to the mail server using the user's credentials from the email server. But, if the user is only created >> in >> >> AD, >> >> > then Outlook complains that the incoming pop server won't authenticate the user, despite the fact that winbind is fired up, wbinfo -u shows >> the >> > user, and getent passwd shows the user's credentials. Arrrgh! IMHO, this is >> >> the >> >> > one small thing that keeps this from being a really great system. >> > >> > Can anybody show me the way to get over the hump? >> > >> > Many thanks. >> > >> > Dimitri >> > >> > -- >> > This message has been scanned for viruses and >> > dangerous content by MailScanner, and is >> > believed to be clean. >> > >> > -- >> > To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba >> >> -- >> This message has been scanned for viruses and >> dangerous content by MailScanner, and is >> believed to be clean. >> >> >> >> >> -- >> To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > -- > To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba > > -- Paul Matthews I.T Trainee | The Cathedral School Ph (07) 47222 194 | Fax (07) 47222 111 PO Box 944 Aitkenvale Q 4814 E: [EMAIL PROTECTED] W: www.cathedral.qld.edu.au Anglican coeducation | Day and Boarding | Early Childhood to Year 12 Educating for life-long success **************************************************************************** **************************************************************************** *********************************** IMPORTANT NOTICE REGARDING CONFIDENTIALITY This electronic email message is intended only for the addressee and may contain confidential information. If you are not the addressee, you are notified that any transmission, distribution or photocopying of this email is strictly prohibited. The confidentiality attached to this email is not waived, lost or destroyed by reasons of a mistaken delivery to you. -- Paul Matthews I.T Trainee | The Cathedral School Ph (07) 47222 194 | Fax (07) 47222 111 PO Box 944 Aitkenvale Q 4814 E: [EMAIL PROTECTED] W: www.cathedral.qld.edu.au Anglican coeducation | Day and Boarding | Early Childhood to Year 12 Educating for life-long success **************************************************************************** **************************************************************************** *********************************** IMPORTANT NOTICE REGARDING CONFIDENTIALITY This electronic email message is intended only for the addressee and may contain confidential information. If you are not the addressee, you are notified that any transmission, distribution or photocopying of this email is strictly prohibited. The confidentiality attached to this email is not waived, lost or destroyed by reasons of a mistaken delivery to you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba