Line 91: |
Line 91: |
| :Save and close | | :Save and close |
| *Open and edit the /etc/pam.d/system-auth file, and amend as below | | *Open and edit the /etc/pam.d/system-auth file, and amend as below |
| + | #%PAM-1.0 |
| + | # This file is auto-generated. |
| + | # User changes will be destroyed the next time authconfig is run. |
| + | auth required pam_env.so |
| + | auth sufficient pam_fprintd.so |
| + | auth sufficient pam_unix.so nullok try_first_pass |
| + | auth requisite pam_succeed_if.so uid >= 500 quiet |
| + | auth optional pam_winbind.so use_first_pass |
| + | auth optional pam_mount.so enable_pam_password |
| + | #auth required pam_deny.so |
| | | |
| + | account required pam_unix.so broken_shadow |
| + | account sufficient pam_localuser.so |
| + | account sufficient pam_succeed_if.so uid < 500 quiet |
| + | account [default=bad success=ok user_unknown=ignore] pam_winbind.so use_first_pass |
| + | account required pam_permit.so |
| + | |
| + | password requisite pam_cracklib.so try_first_pass retry=3 |
| + | password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok |
| + | password sufficient pam_winbind.so use_authtok |
| + | password required pam_deny.so |
| + | |
| + | session optional pam_keyinit.so revoke |
| + | session required pam_limits.so |
| + | session optional pam_mkhomedir.so skel=/etc/skel umask=0022 |
| + | session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid |
| + | session required pam_unix.so |
| + | session optional pam_winbind.so |
| + | session optional pam_mount.so enable_pam_password |
| *Open and edit the /etc/pam.d/password-auth file, and amend as below | | *Open and edit the /etc/pam.d/password-auth file, and amend as below |
| + | #%PAM-1.0 |
| + | # This file is auto-generated. |
| + | # User changes will be destroyed the next time authconfig is run. |
| + | auth required pam_env.so |
| + | auth sufficient pam_unix.so nullok try_first_pass |
| + | auth requisite pam_succeed_if.so uid >= 500 quiet |
| + | auth optional pam_winbind.so use_first_pass |
| + | auth optional pam_mount.so enable_pam_password |
| + | #auth required pam_deny.so |
| + | |
| + | account required pam_unix.so broken_shadow |
| + | account sufficient pam_localuser.so |
| + | account sufficient pam_succeed_if.so uid < 500 quiet |
| + | account [default=bad success=ok user_unknown=ignore] pam_winbind.so use_first_pass |
| + | account required pam_permit.so |
| + | |
| + | password requisite pam_cracklib.so try_first_pass retry=3 |
| + | password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok |
| + | password sufficient pam_winbind.so use_authtok |
| + | password required pam_deny.so |
| + | |
| + | session optional pam_keyinit.so revoke |
| + | session required pam_limits.so |
| + | session optional pam_mkhomedir.so skel=/etc/skel umask=0022 |
| + | session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid |
| + | session required pam_unix.so |
| + | session optional pam_winbind.so |
| + | session optional pam_mount.so enable_pam_password |
| | | |
− |
| |
| === Automount User Home Directories at Login=== | | === Automount User Home Directories at Login=== |
| Open and edit /etc/security/pam_mount.conf.xml file. Find the 'Volume Definitions' section. Add a volume line below the header | | Open and edit /etc/security/pam_mount.conf.xml file. Find the 'Volume Definitions' section. Add a volume line below the header |