Dell EMC OpenManage Installation Guide — Linux Version 9.4

Winbind configuration for openwsman and sfcb for Red Hat Enterprise Linux operating systems

1. Back up these files:
   • /etc/pam.d/openwsman
   • /etc/pam.d/sfcb
   • /etc/pam.d/system-auth
2. Replace the content of /etc/pam.d/openwsman and /etc/pam.d/sfcb with the following:

   auth required pam_stack.so service=system-auth
   auth required /lib/security/pam_nologin.so
   account required pam_stack.so service=system-auth

3. Replace the content of /etc/pam.d/system-auth with the following:

   %PAM-1.0
   This file is auto-generated.
   User changes will be destroyed the next time authconfig is run.
   auth required /lib/security/$ISA/pam_env.so
   auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
   auth sufficient /lib/security/$ISA/pam_krb5.so use_first_pass
   auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
   auth required /lib/security/$ISA/pam_deny.so
   account required /lib/security/$ISA/pam_unix.so broken_shadow
   account sufficient /lib/security/$ISA/pam_succeed_if.so uid 100 quiet
   account [default=bad success=ok user_unknown= ignore] /lib/security/$ISA/pam_krb5.so
   account [default=bad success=ok user_unknown= ignore] /lib/security/$ISA/pam_winbind.so
   account required /lib/security/$ISA/pam_permit.so
   password requisite /lib/security/$ISA/pam_cracklib.so retry=3
   password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
   password sufficient /lib/security/$ISA/pam_krb5.so use_authtok
   password sufficient /lib/security/$ISA/pam_winbind.so use_authtok
   password required /lib/security/$ISA/pam_deny.so
   session required /lib/security/$ISA/pam_limits.so
   session required /lib/security/$ISA/pam_unix.so
   session optional /lib/security/$ISA/pam_krb5.so