Please post a comprehensive description of what you're trying to do together with the configuration files you use.
I thought I did that sorry. I am trying to get Postgres to authenticate through Pam so I can authenticate to Active
Directory on our network. All the steps I took are posted below. If you notice the messages I pasted from my logs
you will see that winbind is authenticating ok but for some reason Postgres still denies access.
How do you manage to get any pam_winbind messages into that if pam_stack is the only referenced module in your configuration? The stuff you quoted below is cut and pasted from the mail I sent to you. I suspect your actual config files look different.
I suggest you follow the below description "to the point" until you have pam authentication using the "local unix" passwords (including the group membership for the postgresql user to read /etc/shadow). That is what worked for me on first try just by following that example. From that point on you know that postgres is using pam and you can muck about with the Active Directory link, because from there everything happens in the /etc/pam.d/postgresql file only.
Jan
<snip><snip> postgresql/linux/pam setup.
here is the messages I have is the log from trying to log in
Nov 26 08:55:16 localhost postgresql(pam_unix)[22693]: authentication failure; logname= uid=26 euid=26 tty= ruser= rhost= user=cherring Nov 26 08:55:16 localhost pam_winbind[22693]: user 'cherring' granted acces
as you can see winbind is actually granting access but fro some reason poasgres still denies it.
weird. any ideas.
0) configure postgresql for pam, for example
[root ( at ) omega tmp]# grep pam /usr/local/pgsql/data/pg_hba.conf host all all 137.75.0.0 255.255.0.0 pam
1) create a /etc/pam.d/postgresql entry, here's how i did mine
[root ( at ) omega tmp]# cp /etc/pam.d/passwd /etc/pam.d/postgresql
i don't know if it's the best setup, but it works! mine looks like this
[root ( at ) omega tmp]# cat /etc/pam.d/postgresql #%PAM-1.0 auth required /lib/security/pam_stack.so service=system-auth account required /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth
---------------------------(end of broadcast)--------------------------- TIP 5: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faqs/FAQ.html
-- #======================================================================# # It's easier to get forgiveness for being wrong than for being right. # # Let's break this rule - forgive me. # #================================================== [EMAIL PROTECTED] #
---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster
