================================================================================ Setting up PAM to use LDAP: NOTE: Currently, the user must exist on the Linux system ================================================================================ 1. rpm -F pam-0.72-6.i386.rpm 2. rpm -i pam_ldap-42.16.i386.rpm 3. cp -pR /usr/doc/packages/pam_ldap/ldap.conf 4. vi /etc/ldap.conf - need to change the following two values host 9.53.113.67 base ou=LinuxTeam,o=YCBA,c=US 5. mv /etc/pam.d /etc/pam.d.orig (Preserve original login capabilities) 6. cp -pR /usr/doc/packages/pam_ldap/pam.d /etc 7. vi /etc/pam.d/login #%PAM-1.0 auth required /lib/security/pam_securetty.so auth required /lib/security/pam_nologin.so auth sufficient /lib/security/pam_ldap.so auth sufficient /lib/security/pam_unix_auth.so try_first_pass auth required /lib/security/pam_deny.so account sufficient /lib/security/pam_ldap.so account required /lib/security/pam_permit.so session required /lib/security/pam_env.so session required /lib/security/pam_permit.so ================================================================================ Setting up PAM to use SMB: NOTE: Currently, the user must exist on the Linux system ================================================================================ 1. rpm -i samba-common-2.0.5a-12.i386.rpm 2. rpm -i samba-client-2.0.5a-12.i386.rpm 3. vi /etc/pam_smb.conf DOM.DARTH-MAUL # This is the domain DARTH-MAUL # This is the server DARTH-MAUL2 # This would be the second server 4. cp /etc/pam.d/login /etc/pam.d/login.orig (Preserve original login capabilities) 5. vi /etc/pam.d/login #%PAM-1.0 auth required /lib/security/pam_securetty.so auth required /lib/security/pam_nologin.so auth sufficient /lib/security/pam_smb_auth.so auth sufficient /lib/security/pam_unix_auth.so try_first_pass auth required /lib/security/pam_deny.so account required /lib/security/pam_pwdb.so password required /lib/security/pam_cracklib.so password required /lib/security/pam_pwdb.so shadow nullok use_authtok session required /lib/security/pam_mkhomedir.so skel=/etc/skel umask=0057 session required /lib/security/pam_pwdb.so ================================================================================ Using SMB home directories: ================================================================================ 1. The /etc/skel/.bash_profile has already been modified so all users have the ability to use an SMB home directory. 2. Modify the value for SMBSERVER in /etc/profile 2. Create a file /etc/smbhome (contents of the file do not matter). 3. All users who login from this point will use an SMB based home directory. 4. To stop using SMB based home directories remove /etc/smbhome