Users Guide

l /etc/pam.d/sfcb

l /etc/pam.d/system-auth



2. 将 /etc/pam.d/openwsman 和 /etc/pam.d/sfcb 的内容替换为：

auth required pam_stack.so service=system-auth

auth required /lib/security/pam_nologin.so

account required pam_stack.so service=system-auth



3. 将 /etc/pam.d/system-auth 的内容替换为：

%PAM-1.0

This file is auto-generated.

User changes will be destroyed the next time authconfig is run.

auth required /lib/security/$ISA/pam_env.so

auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok

auth sufficient /lib/security/$ISA/pam_krb5.so use_first_pass

auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass

auth required /lib/security/$ISA/pam_deny.so

account required /lib/security/$ISA/pam_unix.so broken_shadow

account sufficient /lib/security/$ISA/pam_succeed_if.so uid 100 quiet

account [default=bad success=ok user_unknown=ignore] /lib/security/$ISA/pam_krb5.so

account [default=bad success=ok user_unknown=ignore] /lib/security/$ISA/pam_winbind.so

account required /lib/security/$ISA/pam_permit.so

password requisite /lib/security/$ISA/pam_cracklib.so retry=3

password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow

password sufficient /lib/security/$ISA/pam_krb5.so use_authtok

password sufficient /lib/security/$ISA/pam_winbind.so use_authtok

password required /lib/security/$ISA/pam_deny.so

session required /lib/security/$ISA/pam_limits.so

session required /lib/security/$ISA/pam_unix.so

session optional /lib/security/$ISA/pam_krb5.so



用于 SUSE Linux Enterprise Server 操作系统 openwsman 和 sfcb 的 Winbind 配置



1. 备份以下文件：

l /etc/pam.d/openwsman

l /etc/pam.d/sfcb

l /etc/pam.d/system-auth

l /etc/pam.d/common-account



2. 将 /etc/pam.d/openwsman/ 和 /etc/pam.d/sfcb 的内容替换为：

%PAM-1.0

auth include common-auth

auth required /lib/security/pam_nologin.so

account include common-account

