topic Re: PAM authentication with redhat release 4 in Operating System - Linux

PAM authentication with redhat release 4

Ragni Singh — Tue, 19 Jul 2005 13:08:52 GMT

Hello, I just installed release 4, update 1 and PAM seems to be broken. Frm what I understand, id done correctly, when a user logins using thier windows id and password, he os she should be able to access the Linux system. The same should also work when the person is logging in with thier Unix password. Thats not working.

I am able to login using my windows userid and password but it rejects my windows userid and unix password.

Hope this question is clear to understand and points will be assigned for your time.

Re: PAM authentication with redhat release 4

Ivan Ferreira — Tue, 19 Jul 2005 13:32:27 GMT

Maybe you wanted to say:

I am able to login using my windows userid and password but it rejects my "LINUX" userid and unix password.

So you can login using windows authentication but not using Linux local authentication, isn't it?

If you post the /etc/pam.d/login and /etc/pam.d/system-auth configuration will help to diagnose the problem.

Re: PAM authentication with redhat release 4

Ragni Singh — Wed, 20 Jul 2005 07:41:52 GMT

Thahks for the correction Ivan.

Here are the 2 files for review..

/etc/pam.d/login

#%PAM-1.0
# PCX add pam_limits to allow users to set soft limits as in /etc/security/limits.conf (memlock)
auth required pam_securetty.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session optional pam_console.so

/etc/pam.d/system-auth -- this file is attached.

Re: PAM authentication with redhat release 4

Ivan Ferreira — Wed, 20 Jul 2005 08:58:51 GMT

Seems to be both ok. Now please post your /etc/nsswitch.conf file.

Re: PAM authentication with redhat release 4

Ragni Singh — Wed, 20 Jul 2005 09:35:07 GMT

Here is what the /etc/nsswitch.conf looks like.

# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nisplus or nis+ Use NIS+ (NIS version 3)
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# [NOTFOUND=return] Stop searching if not found so far
#

# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files nisplus nis
#shadow: db files nisplus nis
#group: db files nisplus nis

passwd: files
shadow: files
group: files

#hosts: db files nisplus nis dns
hosts: files dns

# Example - obey only what nisplus tells us...
#services: nisplus [NOTFOUND=return] files
#networks: nisplus [NOTFOUND=return] files
#protocols: nisplus [NOTFOUND=return] files
#rpc: nisplus [NOTFOUND=return] files
#ethers: nisplus [NOTFOUND=return] files
#netmasks: nisplus [NOTFOUND=return] files

bootparams: nisplus [NOTFOUND=return] files

ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files

netgroup: files

publickey: nisplus

automount: files
aliases: files nisplus

[root@admindev1 etc]#

Re: PAM authentication with redhat release 4

Ivan Ferreira — Wed, 20 Jul 2005 12:00:48 GMT

Seems ok too. When you say "login", are you tatlking about an interactive shell or access to samba shares?.

When you try to access using a Linux account, what is the error that you have? What the files /var/log/messages and /var/log/secure says?