From owner-freebsd-questions@FreeBSD.ORG Wed Aug 20 13:40:03 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 892921065677 for ; Wed, 20 Aug 2008 13:40:03 +0000 (UTC) (envelope-from DWassman@etgroup.net) Received: from mail3.etgroup.net (mail3.etgroup.net [66.195.99.250]) by mx1.freebsd.org (Postfix) with ESMTP id 5779E8FC21 for ; Wed, 20 Aug 2008 13:40:03 +0000 (UTC) (envelope-from DWassman@etgroup.net) Received: from mail2.etgroup.net (66.195.99.231) by etg6.etg.local (66.195.99.250) with Microsoft SMTP Server id 8.1.240.5; Wed, 20 Aug 2008 08:29:54 -0500 Received: from mail.etgroup.net ([66.195.99.210]) by mail2.etgroup.net with Microsoft SMTPSVC(6.0.3790.3959); Wed, 20 Aug 2008 08:29:54 -0500 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-Class: urn:content-classes:message MIME-Version: 1.0 Date: Wed, 20 Aug 2008 08:27:16 -0500 Message-ID: <4EFE19E52F4F844D997F24D759C4A23B04086377@etg2.etg.local> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Sudo,pam,and winbindd issue Thread-Index: AckCyHbcvdPdUChvTTON9uL7GUqJ2A== From: David Wassman To: X-OriginalArrivalTime: 20 Aug 2008 13:29:54.0137 (UTC) FILETIME=[D4A99C90:01C902C8] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Sudo,pam,and winbindd issue X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Aug 2008 13:40:03 -0000 All, =20 I am having a wierd problem with sudo on a FreeBSD 7 system that is joined to AD domain through Samba. When I sudo a command, when prompted for a password, any password including a blank one works. Obviously a security issue.=20 =20 Here are the config files: =20 /usr/local/etc/sudoers =20 root ALL=3D(ALL) ALL %wheel ALL=3D(ALL) ALL =20 /etc/pam.d/sudo auth sufficient pam_winbind.so =20 /etc/nsswitch.conf group: files winbind passwd: files winbind hosts: dns files =20 Any ideas? =20 David Wassman, MCSA MCP Net+ Security+ IT Network Administrator Davis, Monk & Company (800) 344-5034 (352) 372-6300 (352) 375-1583 FAX The information contained in this electronic message is legally privileged and confidential under applicable law, and is intended only for the use of the individual or entity named above. If you are not the intended recipient, you are hereby notified that any dissemination, copying or disclosure of this communication is strictly prohibited. If you have received this communication in error, please notify Davis, Monk & Company (352) 372-6300 and delete this communication immediately without reading it, making any copies of it or distributing it. =20 =20