[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Google
  Web www.spinics.net

Courier-IMAP, winbind & pam_mkhomedir.so

Hi there,
I'm feeling a bit stuck on this, so any suggestions gratefully received. I'm trying to set up a Linux-based IMAP server that will authenticate against users on a Windows 2003 SBS domain controller.
I've installed Samba's winbind & the IMAP server is clearly using it to authenticate against, as there is no user "ned" on the system: 

	# grep ned /etc/passwd
	# wbinfo -u | grep ned
	ned
And when I log in with an IMAP client (Squirrelmail) I see the following in /var/log/messages: 

	Dec 13 11:23:04 baby imapd: Connection, ip=[127.0.0.1]
	Dec 13 11:23:04 baby pam_winbind[4458]: user 'ned' granted access
	Dec 13 11:23:04 baby pam_winbind[4458]: user 'ned' granted access
	Dec 13 11:23:04 baby imapd: ned: chdir(/home/DOMAIN/ned) failed!!
	Dec 13 11:23:04 baby imapd: error: No such file or directory
	Dec 13 11:23:04 baby imapd: LOGIN FAILED, user=ned, ip=[127.0.0.1]
Dec 13 11:23:04 baby imapd: authentication error: No such file or directory
I have set the /etc/pam.d/imap very simply, similar to that discussed at <http://www.flatmtn.com/computer/Linux-Samba.html#Samba-2>: 

	#%PAM-1.0
	auth       required     /lib/security/pam_winbind.so
	account    required     /lib/security/pam_winbind.so
session required /lib/security/pam_mkhomedir.so skel=/etc/skel umask=0022 debug
And I'm a bit unclear as to why similar configurations seem to be working for everyone else & not me. I've tried changing the permissions on /home and /home/DOMAIN liberally, but that doesn't seem to make any difference, so I guess it's not that. All other files in /etc/pam.d/ are unchanged, I believe.
Courier-IMAP seems to use this authdaemon thing for its authentication-management, but I think I've configured that to just pass authentication onto PAM: 

	# grep authmodulelist= /etc/courier/authlib/authdaemonrc
	# authmodulelist="authpam authuserdb authshadow authcustom authpipe"
	authmodulelist="authpam"

Any advice or comments would be appreciated,

Stroller.

_______________________________________________

Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Home]     [Kernel List]     [Red Hat Install]     [Linux for the blind]     [Red Hat Watch List]     [Gimp]     [Kerberos: The Definitive Guide]

&nsp; Powered by Linux