PAM and NSS Winbind Options
Getting the Winbind daemon up and running is only part of the configuration required on the domain member server. Once Winbind is functioning, you must configure PAM and NSS to use Winbind to authenticate users and return additional account information to programs that need it. These tasks are handled by special modules and configuration of these two subsystems. You may also want to configure Linux to create home directories automatically when they don’t exist.
NSS and PAM Winbind Modules
PAM and NSS both rely on modules to interface with Winbind. These
module files,
pam_winbind.so
and
libnss_winbind.so
,
are usually installed as part of a Samba package, such as
samba-common. The
pam_winbind.so file usually appears in
/lib/security or
/usr/lib/security. The
libnss_winbind.so file usually resides in
/lib and is linked to another file,
libnss_winbind.so.2 (either file may be a
symbolic link to the other).
If you’ve installed Samba from source code, you may
need to install these libraries independently. The source code
appears in the source/nsswitch subdirectory of
the Samba source code package, and the compiled libraries should
appear there after you build the main Samba package. (These files
appear only if you select the --with-pam configure
option.) Copy the files to appropriate directories, and create an
appropriate link for the libnss_winbind.so file.
You can then type ldconfig to force Linux to reexamine the library directories and register the new ...
Get Linux in a Windows World now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
