Common-auth

From InteropWiki

My /etc/pam.d/common-auth file:

# Winbind is the preferred ADS authentication method
#
auth    sufficient      pam_winbind.so krb5_auth krb5_ccache_type=FILE debug

# Use plain old Unix auth
# NOTE: Use try_first_pass NOT use_first_pass to make sure root can login
#
auth    sufficient      pam_unix.so nullok_secure try_first_pass debug

# Deny if all "sufficient" modules fail
auth    required        pam_deny.so

My old /etc/pam.d/common-auth file:

# Winbind is supposed to get a Kerberos ticket, but didn't for me.
#
auth    optional        pam_krb5.so ignore_root debug

# Winbind is the preferred ADS authentication method
#
auth    sufficient      pam_winbind.so use_first_pass krb5_auth krb5_ccache_type=FILE debug

# Use plain old Unix auth
# NOTE: Use try_first_pass NOT use_first_pass to make sure root can login
#
auth    sufficient      pam_unix.so nullok_secure try_first_pass debug

# Deny if all "sufficient" modules fail
auth    required        pam_deny.so

Retrieved from "http://michael.susens-schurter.com/interop/Common-auth"

Category: PAM

Common-auth

From InteropWiki

Views

Personal tools

Navigation

Search

Toolbox