Help - Search - Members - Calendar
Full Version: Help With Pam
Linuxhelp > Support > Technical Support
kidd
i have windows users logging onto my linux box
i can log domain users in but only from the console. when i try to run startx, it this error:

Fatal Server Error:
PAM authentication failed, cannot start X server.
Perhaps you do not have console ownership?

are there any clues as to fixing this problem?"
hughesjr
It sounds like a "create file" permissions and/or "home directory missing" issue to me...

When the users log in, do they each have a home directory .... and are they the owner of the home directory?

Do a pwd after a domain user logs in ... and then an ls -al of their home directory.
kidd
ran ls -al, the users are the owners of all of the files in their home directories. i think this has something to do with pam and the xserver because if i boot to the gui, the users can't log in at all. any suggestions?
hughesjr
BTW, what GNU/Linux distro are you using .... and what is it's version.

add a test user ... as root issue the following command at a :

adduser test

then assign a password to the test user like this:

passwd test

after assigning a password to test, try to login as test.

Can you login? Can you startx?
kidd
i'm running redhat 9, kernel 2.4.20.20-9
normal users created on the local computer can run startx

the problem only happens AD users.

i was looking through the smb.conf file and saw there is a line

smb passwd file = /etc/samba/smbpasswd

but there isn't any such file there, could the be the problem? there is an

/usr/bin/smbpasswd

should i change the path in the smb.conf to this setting?
hughesjr
The /usr/bin/smbpasswd file is an executeable ... the /etc/samba/smbpasswd would be the password file created if needed.

Are you using the Linux box as the PDC or BDC?

I always create a Linux user with the same username and password as the Windows user when using Samba, but I have Windows domain controllers on the network...and I use my Linux boxes as file / print servers...
kidd
the linux box is just a client. I read "linux for windows administrator" and the author gave a tutorial on using winbind to have AD users logon to linux boxes without creating an additional account. it all works according to what was written. i can usr smbclient and browse all of the shares the only problem is running the gui. the entire book was written to teach the reader how to control linux from just the console and not need the gui.
hughesjr
I haven't done it like that yet! I only have a few users (12) that access the Linux servers right now from windows logins.

I have been looking at winbind very recently (earlier this week), but I didn't try setting it up yet.

There is a good file installed at /usr/share/doc/samba-2.2.7a/docs/htmldocs/winbind.html (substitute your version of samba for 2.2.7a) that explains all the options and setup for winbind.

Here is a slightly newer version of the help file that comes with samba 3.0.0 rc1:

http://us2.samba.org/samba/ftp/cvs_current...cs/winbind.html
kidd
thanks for the link. it pretty much covered everything that i'v done so far. i'm almost positive that it has something to do with the way pam gives access to xserver. it mentioned configuring ftp and other services but all of that is beyond my skill and time. i'm gonna take a break from this for a little. maybe then i'll end up bumping into the answer. Thanks a lot for your help.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.