Line 30: |
Line 30: |
| idmap gid=5000-20000 | | idmap gid=5000-20000 |
| template shell=/bin/bash | | template shell=/bin/bash |
| + | template homedir=/home/%D/%U |
| + | winbind enum user=yes |
| + | winbind enum groups=yes |
| + | winbind cache time=10 |
| | | |
| Edit | | Edit |
Line 42: |
Line 46: |
| | | |
| Using your favourite editor create a new file called acc-sme and enter | | Using your favourite editor create a new file called acc-sme and enter |
− | [sme] | + | [sme-nt4-1] |
− | users: compat winbind | + | nss_group=group: compat winbind |
− | passwd: compat winbind | + | nss_netgroup=netgroup: nis |
− | shadow: compat | + | nss_passwd=passwd: compat winbind |
| + | nss_shadow=shadow: compat winbind |
| + | pam_auth=auth [success=2 default=ignore] pam_winbind.so |
| + | auth [success=1 default=ignore] pam_unix.so nullok use_first_pass use_authtok |
| + | auth requisite pam_deny.so |
| + | auth required pam_permit.so |
| + | auth required pam_securetty.so |
| + | auth optional pam_mount.so enable_pam_password |
| + | pam_account=account [success=2 new_authtok_reqd=done default=ignore] pam_winbind.so |
| + | account [success=1 default=ignore] pam_unix.so use_first_pass use_authtok |
| + | account requisite pam_deny.so |
| + | account required pam_permit.so |
| + | pam_password=password [success=2 default=ignore] pam_unix.so obscure sha512 |
| + | password [success=1 default=ignore] pam_winbind.so use_first_pass md5 use_authtok |
| + | password requisite pam_deny.so |
| + | password required pam_permit.so |
| + | password optional pam_gnome_keyring.so |
| + | pam_session=session [default=1] pam_permit.so |
| + | session requisite pam_deny.so |
| + | session required pam_permit.so |
| + | session optional pam_winbind.so |
| + | session required pam_unix.so |
| + | session optional pam_ck_connector.so nox11 |
| + | session required pam_mkhomedir.so skel=/etc/skel umask=0022 |
| + | session optional pam_mount.so enable_pam_password |
| | | |
| Save and apply the pam authorisation changes | | Save and apply the pam authorisation changes |