Blame SOURCES/pam_winbind.conf
|
Anoop C S |
1ef1dd |
#
|
|
Anoop C S |
1ef1dd |
# pam_winbind configuration file
|
|
Anoop C S |
1ef1dd |
#
|
|
Anoop C S |
1ef1dd |
# /etc/security/pam_winbind.conf
|
|
Anoop C S |
1ef1dd |
#
|
|
Anoop C S |
1ef1dd |
|
|
Anoop C S |
1ef1dd |
[global]
|
|
Anoop C S |
1ef1dd |
|
|
Anoop C S |
1ef1dd |
# turn on debugging
|
|
Anoop C S |
1ef1dd |
;debug = no
|
|
Anoop C S |
1ef1dd |
|
|
Anoop C S |
1ef1dd |
# turn on extended PAM state debugging
|
|
Anoop C S |
1ef1dd |
;debug_state = no
|
|
Anoop C S |
1ef1dd |
|
|
Anoop C S |
1ef1dd |
# request a cached login if possible
|
|
Anoop C S |
1ef1dd |
# (needs "winbind offline logon = yes" in smb.conf)
|
|
Anoop C S |
1ef1dd |
;cached_login = no
|
|
Anoop C S |
1ef1dd |
|
|
Anoop C S |
1ef1dd |
# authenticate using kerberos
|
|
Anoop C S |
1ef1dd |
;krb5_auth = no
|
|
Anoop C S |
1ef1dd |
|
|
Anoop C S |
1ef1dd |
# when using kerberos, request a "FILE" krb5 credential cache type
|
|
Anoop C S |
1ef1dd |
# (leave empty to just do krb5 authentication but not have a ticket
|
|
Anoop C S |
1ef1dd |
# afterwards)
|
|
Anoop C S |
1ef1dd |
;krb5_ccache_type =
|
|
Anoop C S |
1ef1dd |
|
|
Anoop C S |
1ef1dd |
# make successful authentication dependend on membership of one SID
|
|
Anoop C S |
1ef1dd |
# (can also take a name)
|
|
Anoop C S |
1ef1dd |
;require_membership_of =
|
|
Anoop C S |
1ef1dd |
|
|
Anoop C S |
1ef1dd |
# password expiry warning period in days
|
|
Anoop C S |
1ef1dd |
;warn_pwd_expire = 14
|
|
Anoop C S |
1ef1dd |
|
|
Anoop C S |
1ef1dd |
# omit pam conversations
|
|
Anoop C S |
1ef1dd |
;silent = no
|
|
Anoop C S |
1ef1dd |
|
|
Anoop C S |
1ef1dd |
# create homedirectory on the fly
|
|
Anoop C S |
1ef1dd |
;mkhomedir = no
|