7.3.1  Winbind and PAM on Red Hat Desktop


Red Hat has implemented the pam_stack module. This means that configuration 


files in /etc/pam.d/ can use settings from other files, essentially stacking settings. 


For this purpose Red Hat has implemented most of the settings in the 


/etc/pam.d/system auth configuration file. This means that we only have to add 


winbind PAM modules to this file and all applications using PAM will be winbind 


aware.


Since the file /etc/pam.d/system auth is generated by 


authconfig


, care has to be 


taken in running this command after making changes by hand.


A sample system auth file contains the lines in Example 7 8.


Example 7 8   Example of part of /etc/pam.d/system auth file


#%PAM 1.0


# This file is auto generated.


# User changes will be destroyed the next time authconfig is run.


auth        required      /lib/security/$ISA/pam_env.so


auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok


auth        sufficient    /lib/security/$ISA/pam_winbind.so use_first_pass


auth        sufficient    /lib/security/$ISA/pam_krb5.so use_first_pass


auth        sufficient    /lib/security/$ISA/pam_smb_auth.so use_first_pass nolocal


auth        required      /lib/security/$ISA/pam_deny.so


account     required      /lib/security/$ISA/pam_unix.so


account     sufficient    /lib/security/$ISA/pam_winbind.so


........................


Once pam_winbind.so has been incorporated into the system auth file all 


applications using the file through pam_stack.so are now winbind aware. This 


means that we can log onto the Linux client using a domain account, 


remembering to use: 




So an example in our test domain would be AD6380+Administrator.


If it is problematic that winbind enabled users are available for all applications 


using the pam_stack module, then pam_winbind.so calls could be placed only in 


the configuration files for those applications that need it.


7.3.2  Winbind and PAM on Novell Linux Desktop


The Novell Linux Desktop (NLD) does not use a pam_stack module to get 


settings from a central file. This means that for each application that needs to use 


140 


Linux Client Migration Cookbook   A Practical Planning and Implementation Guide for Migrating to Desktop








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      spain web hosting

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Cheap Web Hosting
JSP Web Hosting
Ontario Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Java Hosting
Cheapest Hosting



Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved