--- /dev/null
+;
+; pam_winbind configuration file
+;
+; /etc/security/pam_winbind.conf
+;
+
+[global]
+
+; turn on debugging
+;debug = no
+
+; request a cached login if possible
+; (needs "winbind offline logon = yes" in smb.conf)
+;cached_login = no
+
+; authenticate using kerberos
+;krb5_auth = no
+
+; when using kerberos, request a "FILE" krb5 credential cache type
+; (leave empty to just do krb5 authentication but not have a ticket
+; afterwards)
+;krb5_ccache_type =
+
+; make successful authentication dependend on membership of one SID
+; (can also take a name)
+;require_membership_of =