OK, here's the samba module:=0A=
=0A=
#%PAM-1.0=0A=
auth =A0 =A0 =A0 required =A0 =A0 pam_nologin.so=0A=
auth =A0 =A0 =A0 required =A0 =A0 pam_stack.so service=3Dsystem-auth=0A=
account =A0 =A0required =A0 =A0 pam_stack.so service=3Dsystem-auth=0A=
session =A0 =A0required =A0 =A0 pam_mkhomedir.so skel=3D/etc/skel umask=3D0=
022=0A=
session =A0 =A0required =A0 =A0 pam_stack.so service=3Dsystem-auth=0A=
password =A0 required =A0 =A0 pam_stack.so service=3Dsystem-auth=0A=
=0A=
and here's system-auth:=0A=
=0A=
#%PAM-1.0=0A=
# This file is auto-generated.=0A=
# User changes will be destroyed the next time authconfig is run.=0A=
auth =A0 =A0 =A0 =A0required =A0 =A0 =A0/lib/security/$ISA/pam_env.so=0A=
auth =A0 =A0 =A0 =A0sufficient =A0 =A0/lib/security/$ISA/pam_unix.so likeau=
th nullok=0A=
auth =A0 =A0 =A0 =A0required =A0 =A0 =A0/lib/security/$ISA/pam_deny.so=0A=
=0A=
account =A0 =A0 required =A0 =A0 =A0/lib/security/$ISA/pam_unix.so=0A=
=0A=
password =A0 =A0required =A0 =A0 =A0/lib/security/$ISA/pam_cracklib.so retr=
y=3D3 type=3D=0A=
password =A0 =A0required =A0 =A0 =A0/usr/lib/security/pam_sso.so.1=0A=
password =A0 =A0sufficient =A0 =A0/lib/security/$ISA/pam_unix.so nullok use=
_authtok=20=0A=
md5 shadow=0A=
#password =A0 =A0required =A0 =A0 =A0/lib/security/$ISA/pam_deny.so=0A=
=0A=
session =A0 =A0 required =A0 =A0 =A0/lib/security/$ISA/pam_limits.so=0A=
session =A0 =A0 required =A0 =A0 =A0/lib/security/$ISA/pam_unix.so=0A=
=0A=
If you need more, please let me know.=0A=
=0A=
Dimitri=0A=
=0A=
=0A=
On Thursday March 30 2006 5:45 pm, Paul Matthews wrote:=0A=
> how about you post your pam module here, you might have it configured to=

=0A=
> require both local and winbind users instead of either or=0A=
>=0A=
> Paul Matthews=0A=
> I.T Trainee | The Cathedral School=0A=
> Ph =A0(07) 47222 194 | =A0Fax (07) 47222 111=0A=
> PO Box 944 Aitkenvale Q 4814=0A=
> E: =A0paul.matthews@cathedral.qld.edu.au=0A=
> W: www.cathedral.qld.edu.au=0A=
>=0A=
> Anglican coeducation | Day and Boarding | Early Childhood to Year 12=0A=
> Educating for life-long success=0A=
>=0A=
> ************************************************** ***********************=

**=0A=
>*=0A=
> ************************************************** ***********************=

**=0A=
>* ***********************************=0A=
>=0A=
> IMPORTANT NOTICE REGARDING CONFIDENTIALITY=0A=
>=0A=
> This electronic email message is intended only for the addressee and may=

=0A=
> contain confidential information. If you are not the addressee, you are=

=0A=
> notified that any transmission, distribution or photocopying of this email=

=0A=
> is strictly prohibited. The confidentiality attached to this email is not=

=0A=
> waived, lost or destroyed by reasons of a mistaken delivery to you.=0A=
>=0A=
> -----Original Message-----=0A=
> From: Dimitri Yioulos [mailto:dyioulos@firstbhph.com]=0A=
> Sent: Friday, 31 March 2006 8:33 AM=0A=
> To: Paul Matthews=0A=
> Subject: Re: [Samba] Winbind and email server=0A=
>=0A=
>=0A=
> top-posting by necessity ...=0A=
>=0A=
> Hi, Paul.=0A=
>=0A=
> Alas, my nsswitch.conf is properly configured. =A0Any other ideas?=0A=
>=0A=
> Dimitri=0A=
>=0A=
> On Thursday March 30 2006 5:12 pm, you wrote:=0A=
> > well the problem i think your having is that you have not edited the=0A=
> > /etc/nsswitch.conf file.=0A=
> >=0A=
> > change from=0A=
> >=0A=
> > passwd: =A0 =A0 files=0A=
> > shadow: =A0 =A0 files=0A=
> > group: =A0 =A0 =A0 files=0A=
> >=0A=
> > to:=0A=
> >=0A=
> > passwd: =A0 =A0 winbind files=0A=
> > shadow: =A0 =A0 winbind files=0A=
> > group: =A0 =A0 =A0winbind files=0A=
> >=0A=
> > or something along those lines, play with the /etc/nsswitch.conf to find=

=0A=
> > the right configuration for you.=0A=
> >=0A=
> > check out the post i've made on my website about how we use have setup =

my=0A=
> > mail system, i think i've done it fairly well=0A=
> >=0A=
> > http://www.yourhowto.org/content/view/25/9/=0A=
> >=0A=
> > Paul Matthews=0A=
> > I.T Trainee | The Cathedral School=0A=
> > Ph =A0(07) 47222 194 | =A0Fax (07) 47222 111=0A=
> > PO Box 944 Aitkenvale Q 4814=0A=
> > E: =A0paul.matthews@cathedral.qld.edu.au=0A=
> > W: www.cathedral.qld.edu.au=0A=
> >=0A=
> > Anglican coeducation | Day and Boarding | Early Childhood to Year 12=0A=
> > Educating for life-long success=0A=

>=0A=
> ************************************************** ***********************=

**=0A=
>=0A=
> >*=0A=

>=0A=
> ************************************************** ***********************=

**=0A=
>=0A=
> >* ***********************************=0A=
> >=0A=
> > IMPORTANT NOTICE REGARDING CONFIDENTIALITY=0A=
> >=0A=
> > This electronic email message is intended only for the addressee and may=

=0A=
> > contain confidential information. If you are not the addressee, you are=

=0A=
> > notified that any transmission, distribution or photocopying of this=0A=
> > email is strictly prohibited. The confidentiality attached to this email=

=0A=
> > is not waived, lost or destroyed by reasons of a mistaken delivery to=

=0A=
> > you.=0A=
> >=0A=
> > -----Original Message-----=0A=
> > From: samba-bounces+paul.matthews=3Dcathedral.qld.edu.au@lists .samba.org=

=0A=
> > [mailto:samba-bounces+paul.matthews=3Dcathedral.qld.edu.au@lists .samba.=

org=0A=
> > ]On Behalf Of Dimitri Yioulos=0A=
> > Sent: Friday, 31 March 2006 1:53 AM=0A=
> > To: samba@lists.samba.org=0A=
> > Subject: [Samba] Winbind and email server=0A=
> >=0A=
> >=0A=
> > Folks,=0A=
> >=0A=
> > Sincere apologies for asking this again, but I'm just not getting this =

to=0A=
> > work, and must be missing something here:=0A=
> >=0A=
> > My company's network is based around a Windows 2003 server AD, with=0A=

>=0A=
> several=0A=
>=0A=
> > RHEL AS 3 boxes connected to it via samba (3.0.21c-1). =A0This scheme w=

orks=0A=
> > very well. =A0I've set up, and have successfully been using a=0A=
> > sendmail-based email system, too.=0A=
> >=0A=
> > My issue is this: =A0When I create a user account in AD, I have to also=

=0A=
> > create it in the mail server. =A0This is inconvenient and inefficient.=

=0A=
> >=0A=
> > I have samba installed on the mail server. I also have the mkhomedir=0A=

>=0A=
> module=0A=
>=0A=
> > installed, and the appropriate line to invoke it is in the samba, pop,=

=0A=
> > and smtp.sendmail config files under /etc/pam.d. =A0My users are using =

the=0A=
> > Outlook 2003 mail client. =A0If I create a user in the email server, th=

en=0A=
> > Outlook has no problem connecting to the mail server using the user's=

=0A=
> > credentials from the email server. =A0But, if the user is only created =

in=0A=
>=0A=
> AD,=0A=
>=0A=
> > then Outlook complains that the incoming pop server won't authenticate=

=0A=
> > the user, despite the fact that winbind is fired up, wbinfo -u shows the=

=0A=
> > user, and getent passwd shows the user's credentials. =A0Arrrgh! =A0IMH=

O,=0A=
> > this is=0A=

>=0A=
> the=0A=
>=0A=
> > one small thing that keeps this from being a really great system.=0A=
> >=0A=
> > Can anybody show me the way to get over the hump?=0A=
> >=0A=
> > Many thanks.=0A=
> >=0A=
> > Dimitri=0A=
> >=0A=
> > --=0A=
> > This message has been scanned for viruses and=0A=
> > dangerous content by MailScanner, and is=0A=
> > believed to be clean.=0A=
> >=0A=
> > --=0A=
> > To unsubscribe from this list go to the following URL and read the=0A=
> > instructions: =A0https://lists.samba.org/mailman/listinfo/samba=0A=

>=0A=
> --=0A=
> This message has been scanned for viruses and=0A=
> dangerous content by MailScanner, and is=0A=
> believed to be clean.=0A=
>=0A=
>=0A=
>=0A=
>=0A=
> --=0A=
> To unsubscribe from this list go to the following URL and read the=0A=
> instructions: =A0https://lists.samba.org/mailman/listinfo/samba=0A=

=0A=
--=20=0A=
This message has been scanned for viruses and=0A=
dangerous content by MailScanner, and is=0A=
believed to be clean.=0A=
=0A=
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba