HPE Community
Operating System - HP-UX
1833042 Members
2545 Online
110049 Solutions
New Discussion

PAM and NTLM

 
Phil Daws_4
Occasional Advisor

‎11-04-2003 09:16 PM

‎11-04-2003 09:16 PM

PAM and NTLM

Hi ...

I am attempting to get HP-UX to authenticate users against our NT4 domain. I have installed the latest version of CIFS. Samba is working fine and I am able to setup shares etc. When I modify /etc/pam.conf with the following :

login auth sufficient /usr/lib/security/libpam_ntlm.1 debug
login auth required /usr/lib/security/libpam_unix.1 use_first_pass debug
su auth required /usr/lib/security/libpam_unix.1
dtlogin auth required /usr/lib/security/libpam_unix.1
dtaction auth required /usr/lib/security/libpam_unix.1
ftp auth sufficient /usr/lib/security/libpam_ntlm.1 debug
ftp auth required /usr/lib/security/libpam_unix.1 use_first_pass
OTHER auth required /usr/lib/security/libpam_unix.1 debug

If I try and login as a username that also appears in the domain the login hangs and I get the following error message in syslog :

login: pam_ntlm: domain_client_validate: Can't resolve address for BDC2_NAME

Any ideas? I am able to perform a nmblookup against the domain and find the PDC & BDC
0 Kudos
Reply
3 REPLIES 3
Robert Binkhorst
Trusted Contributor

‎11-04-2003 10:01 PM

‎11-04-2003 10:01 PM

Re: PAM and NTLM

Hi,

Can you show the password server line from your smb.conf? The syntax for that line is:

password server = pdc_name bdc1_name bdc2_name

where pdc_name is the Primary Domain Controller and bdc_name is the Backup Domain Controller.

You can check the logs on the PDC to check why it's rejecting your requests, you might need to create your UNIX server in the AD with the correct permissions. I can't help with the Windows bit but hopefully this has pointed you in the right direction.

Cheers,

Rob
linux: the choice of a GNU generation
0 Kudos
Reply
Phil Daws_4
Occasional Advisor

‎11-04-2003 10:09 PM

‎11-04-2003 10:09 PM

Re: PAM and NTLM

I have got a bit further and now I get the message :

pam_ntlm: Incorrect NT password for username

I am using the correct password as it is my logon :) I can logon fine to my Windows workstation.

Ideas?
0 Kudos
Reply
Robert Binkhorst
Trusted Contributor

‎11-04-2003 10:42 PM

‎11-04-2003 10:42 PM

Re: PAM and NTLM

Hi, please supply some more info:

- Can you attach your smb.conf?
- What is the NT version of the PDC?
- What does the NT server log regarding this?

Cheers
linux: the choice of a GNU generation
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.