Add note about PAM configuration for pam_winbind (thanks to Jon Bendtsen)

SVN Revision: 2337

2 files changed, 4 insertions, 0 deletions

diff --git a/doc/guide.html b/doc/guide.html
index e47bca9a4..4c0cddb3d 100644
--- a/doc/guide.html
+++ b/doc/guide.html
@@ -1071,6 +1071,8 @@ to this file, so a malicious user can’t use your configuration to perform
 attacks.
 </LI><LI CLASS="li-itemize">You may want to allow login access only for certain users. <TT>pam_listfile.so</TT>
 module provides such functionality.
+</LI><LI CLASS="li-itemize">If you use <TT>pam_winbind</TT> to authorise against a Windows Active Directory,
+then <TT>/etc/nssswitch.conf</TT> must be configured to use <TT>winbind</TT> as well.
 </LI></UL><P> <A NAME="accessrules"></A> </P><!--TOC subsection Access Rules-->
 <H3 CLASS="subsection"><!--SEC ANCHOR --><A NAME="htoc25">3.1.5</A>&#XA0;&#XA0;<A HREF="#accessrules">Access Rules</A></H3><!--SEC END --><P> <A NAME="accessrules"></A> 
 </P><P> <A NAME="ACLDefinition"></A> </P><!--TOC subsubsection ACL Definition-->
diff --git a/doc/guide.tex b/doc/guide.tex
index b1357f3e4..b0dd921ec 100644
--- a/doc/guide.tex
+++ b/doc/guide.tex
@@ -1279,6 +1279,8 @@ to this file, so a malicious user can't use your configuration to perform brute-
 attacks.
 \item You may want to allow login access only for certain users. \term{pam\_listfile.so}
 module provides such functionality.
+\item If you use \term{pam\_winbind} to authorise against a Windows Active Directory,
+then \term{/etc/nssswitch.conf} must be configured to use \term{winbind} as well.
 \end{itemize}
 
 \makesubsection{accessrules}{Access Rules}