You are not logged in.
I've followed the Arch wiki (https://wiki.archlinux.org/index.php/Ac … ntegration) to integrate and use my domain login. Currently everything works as expected, I can login with my AD user (thanks to matone and combuster over this thread; https://bbs.archlinux.org/viewtopic.php?pid=1265595).
There is one small problem, annoyance if you will, however; my local user and my AD user (or any other new users I add) can't use networking, the volume mixer or video related when logged in to a KDE session. Maybe some other components, I haven't tested it yet. I'm just stuck on getting my network connections or sound working.
If I add my local (and AD user) to the related groups (for example; audio and network groups), I can manage system sounds and networks as expected.
I'm not sure where to look and I'm out of ideas. Any suggestions?
Thanks.
Last edited by queljin (2013-05-03 15:07:52)
Offline
Well, after a lot of tries and reading, I found out that system-login PAM configuration must include system-auth as the last option. Because of the changes made to system-auth configuration, when pam_winbind or pam_unix module returns success and exits (because they are "sufficient") other modules below them aren't working which in turn causes the pam_loginuid module not working. Below is my new system-login config in case someone needs it.
Please remember this is in no way a recommended configuration, it may be completely wrong and break your existing configuration. It just works for me. YMMV.
/etc/pam.d/system-login :
#%PAM-1.0
auth required pam_tally.so onerr=succeed file=/var/log/faillog
auth required pam_shells.so
auth requisite pam_nologin.so
auth include system-authaccount required pam_access.so
account required pam_nologin.so
account include system-authpassword include system-auth
session optional pam_loginuid.so
session required pam_env.so
session optional pam_motd.so motd=/etc/motd
session optional pam_mail.so dir=/var/spool/mail standard quiet
-session optional pam_systemd.so
session include system-auth
Last edited by queljin (2013-05-14 13:38:16)
Offline