By performing the command 


getent passwd


 for testing purposes, all users should 


be listed with their correct uids and gids.


Now it is time to enable the login process to use the mapped users. This is done 


by using two different PAM modules, which is described in detail in 7.3,  How to 


authenticate users against the domain using PAM  on page 139.


As we are using Red Hat Desktop for our pilot migration, all information in 7.3.1, 


 Winbind and PAM on Red Hat Desktop  on page 140, applies.


At first we have to use the pam_winbind and the pam_smb_auth module, which 


allow system authentication with a user of the domain ITSOAUSNT. In order to 


enable this module, we have to edit the /etc/pam.d/system_auth file, as in 


Example 6 4.


Example 6 4   Edit the /etc/pam.d/system_auth file


#%PAM 1.0


# This file is auto generated.


# User changes will be destroyed the next time authconfig is run.


auth        required      /lib/security/$ISA/pam_env.so


auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok


auth        sufficient    /lib/security/$ISA/pam_winbind.so use_first_pass


auth        sufficient    /lib/security/$ISA/pam_smb_auth.so use_first_pass nolocal


auth        required      /lib/security/$ISA/pam_deny.so


account     required      /lib/security/$ISA/pam_unix.so


account     sufficient    /lib/security/$ISA/pam_winbind.so


........................


It is now possible to authenticate both with a local or a domain user account. A 


first test on the console shows that it is working, but at this point logging in on the 


Gnome welcome screen will generate an error.


The reason for this problem is that at the time of the first login, there is still no 


home directory existing for the user ID. So Gnome has a file system path in 


which to create the personalization and settings files during first login. The 


solution arrives with another pam module that is available, pam_mkhomedir. By 


using this module, a home directory will be created at logon time if it does not 


exist yet.


It is necessary to add the following line in the system auth file.


Example 6 5   Addition of pam_mkhomedir entry in /etc/pam.d/system auth


#%PAM 1.0


# This file is auto generated.


# User changes will be destroyed the next time authconfig is run.


120 


Linux Client Migration Cookbook   A Practical Planning and Implementation Guide for Migrating to Desktop








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      spain web hosting

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Cheap Web Hosting
JSP Web Hosting
Ontario Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Java Hosting
Cheapest Hosting



Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved