Users Guide

ManualsBrandsDell ManualsSoftwareOpenManage Server Administrator Version 7.2

用于

Red Hat Enterprise Linux 操作系统 openwsman 和 sfcb 的

Winbind 配置

在

32 位 OMI 安装上，请按照下述说明来配置 openwsman 和 sfcb。对于 64 位安装，请将 .lib 替换为 lib64

。

1. 备份以下文件

：

– /etc/pam.d/openwsman

– /etc/pam.d/sfcb

– /etc/pam.d/system-auth

2. 将

/etc/pam.d/openwsman 和 /etc/pam.d/sfcb 的内容替换为

auth required pam_stack.so service=system-auth auth required /lib/security/

pam_nologin.so account required pam_stack.so service=system-auth

3. 将

/etc/pam.d/system-auth 的内容替换为

%PAM-1.0 This file is auto-generated. User changes will be destroyed the

next time authconfig is run. auth required /lib/security/$ISA/pam_env.so

auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth

sufficient /lib/security/$ISA/pam_krb5.so use_first_pass auth

sufficient /lib/security/$ISA/pam_winbind.so use_first_pass auth

required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/

pam_unix.so broken_shadow account sufficient /lib/security/$ISA/

pam_succeed_if.so uid 100 quiet account [default=bad success=ok

user_unknown= ignore] /lib/security/$ISA/pam_krb5.so account [default=bad

success=ok user_unknown= ignore] /lib/security/$ISA/pam_winbind.so account

required /lib/security/$ISA/pam_permit.so password requisite /lib/security/

$ISA/pam_cracklib.so retry=3 password sufficient /lib/security/$ISA/

pam_unix.so nullok use_authtok md5 shadow password sufficient /lib/security/

$ISA/pam_krb5.so use_authtok password sufficient /lib/security/$ISA/

pam_winbind.so use_authtok password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so session required /lib/

security/$ISA/pam_unix.so session optional /lib/security/$ISA/pam_krb5.so

用于 SUSE Linux Enterprise Server 操作系统 openwsman

和 sfcb

的 Winbind 配置

在

32 位 OMI 安装上，请按照下述说明配置 openwsman 和 sfcb。对于 64 位安装，请将 .lib 替换为 .lib64

。

1. 备份以下文件

：

– /etc/pam.d/openwsman

– /etc/pam.d/sfcb

– /etc/pam.d/system-auth

– /etc/pam.d/common-account

2. 将

/etc/pam.d/openwsman/ 和 /etc/pam.d/sfcb 的内容替换为

%PAM-1.0 auth include common-auth auth required /lib/security/

pam_nologin.so account include common-account

3. 将 /etc/pam.d/common-auth 的内容替换为

auth required pam_env.so auth sufficient pam_unix2.so debug auth sufficient

pam_winbind.so use_first_pass debug

4. 将

/etc/pam.d/common-account 的内容替换为

account sufficient pam_unix2.so account sufficient pam_winbind.so