#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/pam_env.so
auth        requisite     /lib/security/pam_unix.so likeauth nullok
# In case somebody adds a user w/o pam, on successful login, create the smbpass entry.
auth        optional      /lib/security/pam_smbpass.so migrate nullok nodelay debug audit
# auth        sufficient    /lib/security/pam_unix.so likeauth nullok
# auth        required      /lib/security/pam_deny.so

account     required      /lib/security/pam_unix.so

password    required      /lib/security/pam_cracklib.so retry=3
# We must be able to update the user information - having migrate above helps to ensure
# we have a user entry in smbpasswd to modify.
password    required      /lib/security/pam_smbpass.so nullok use_authtok nodelay use_first_pass debug audit
password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5 shadow
password    required      /lib/security/pam_deny.so

session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so