Add "my" PAM configuration

etc/pam.d/system-auth-dustin

@@ -0,0 +1,35 @@
+## PAM configuration for Active Directory authentication
+## This file complies with the Gentoo PAM layout; other distributions may
+## requre different blocks in separate files, so adjust accordingly.
+## 
+## UNIX authentication is attempted first, allowing local users to log in even
+## if domain authentication is unavailable. For this to work, 'compat' must be
+## listed before 'winbind' in /etc/nsswitch.conf.
+##
+## Dustin C. Hatch <admiralnemo@gmail.com>
+##
+## This file is public domain. I don't care what you do with/to it. 
+# vim: set ft=pamconf :
+
+auth		required	pam_env.so 
+auth		[success=1 default=ignore]	pam_succeed_if.so uid >= 100000000 quiet
+auth		[success=2 default=ignore]	pam_unix.so try_first_pass likeauth
+auth		[success=1 default=ignore]	pam_winbind.so try_first_pass krb5_auth krb5_ccache_type=FILE cached_login
+auth		requisite	pam_deny.so
+auth		required	pam_permit.so
+ 
+account		sufficient	pam_winbind.so
+account		required	pam_unix.so 
+account		optional	pam_permit.so
+ 
+password	required	pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 
+password	[success=2 default=ignore]	pam_unix.so try_first_pass use_authtok sha512 shadow 
+password	[success=1 default=ignore]	pam_winbind.so use_authtok try_first_pass
+password	requisite	pam_deny.so
+password	required	pam_permit.so
+ 
+session		required	pam_mkhomedir.so skel=/etc/skel umask=0022
+session		required	pam_limits.so 
+session		required	pam_env.so
+session		required	pam_unix.so 
+session		optional	pam_permit.so