Anoop C S 1ef1dd
#
Anoop C S 1ef1dd
# pam_winbind configuration file
Anoop C S 1ef1dd
#
Anoop C S 1ef1dd
# /etc/security/pam_winbind.conf
Anoop C S 1ef1dd
#
Anoop C S 1ef1dd
Anoop C S 1ef1dd
[global]
Anoop C S 1ef1dd
Anoop C S 1ef1dd
# turn on debugging
Anoop C S 1ef1dd
;debug = no
Anoop C S 1ef1dd
Anoop C S 1ef1dd
# turn on extended PAM state debugging
Anoop C S 1ef1dd
;debug_state = no
Anoop C S 1ef1dd
Anoop C S 1ef1dd
# request a cached login if possible
Anoop C S 1ef1dd
# (needs "winbind offline logon = yes" in smb.conf)
Anoop C S 1ef1dd
;cached_login = no
Anoop C S 1ef1dd
Anoop C S 1ef1dd
# authenticate using kerberos
Anoop C S 1ef1dd
;krb5_auth = no
Anoop C S 1ef1dd
Anoop C S 1ef1dd
# when using kerberos, request a "FILE" krb5 credential cache type
Anoop C S 1ef1dd
# (leave empty to just do krb5 authentication but not have a ticket
Anoop C S 1ef1dd
# afterwards)
Anoop C S 1ef1dd
;krb5_ccache_type =
Anoop C S 1ef1dd
Anoop C S 1ef1dd
# make successful authentication dependend on membership of one SID
Anoop C S 1ef1dd
# (can also take a name)
Anoop C S 1ef1dd
;require_membership_of =
Anoop C S 1ef1dd
Anoop C S 1ef1dd
# password expiry warning period in days
Anoop C S 1ef1dd
;warn_pwd_expire = 14
Anoop C S 1ef1dd
Anoop C S 1ef1dd
# omit pam conversations
Anoop C S 1ef1dd
;silent = no
Anoop C S 1ef1dd
Anoop C S 1ef1dd
# create homedirectory on the fly
Anoop C S 1ef1dd
;mkhomedir = no