Winbind configuration
for openwsman and sfcb for Red Hat Enterprise Linux operating systems
Perform the following to configure openwsman and sfcb:
- Back up these files:
- /etc/pam.d/openwsman
- /etc/pam.d/sfcb
- /etc/pam.d/system-auth
- Replace the content of /etc/pam.d/openwsman and /etc/pam.d/sfcb with the following:
auth required pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account required pam_stack.so service=system-auth
- Replace the content of /etc/pam.d/system-auth with the following:
%PAM-1.0
This file is auto-generated.
User changes will be destroyed the next time authconfig is run.
auth required /lib/security/$ISA/pam_env.so
auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
auth sufficient /lib/security/$ISA/pam_krb5.so use_first_pass
auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so broken_shadow
account sufficient /lib/security/$ISA/pam_succeed_if.so uid 100 quiet
account [default=bad success=ok user_unknown= ignore] /lib/security/$ISA/pam_krb5.so
account [default=bad success=ok user_unknown= ignore] /lib/security/$ISA/pam_winbind.so
account required /lib/security/$ISA/pam_permit.so
password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password sufficient /lib/security/$ISA/pam_krb5.so use_authtok
password sufficient /lib/security/$ISA/pam_winbind.so use_authtok
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
session optional /lib/security/$ISA/pam_krb5.so