[Samba] Samba3 : windbindd log missing failing user name
Gianluca Culot
gianlucaculot at dmsware.com
Fri Apr 27 13:35:26 GMT 2007
Question : how can I get the name of the user in the winbindd log if user
fails authentication ?
I'm running a FreeBsd 6 server with
Postfix
Dovecot
Cyrus-Sasl
Samba3
The primary task of the server is running a mail server wich autheticates
users against a AD (W2003 server).
Everything works fine.
Users can access authenticated mail services (sending and receiving) with
local or remote (AD) user and password.
Yet I get authentication error in daily log.
mail.dmsware.it login failures:
Apr 22 16:49:49 mail pam_winbind[84300]: request failed: Wrong Password, PAM
error was 9, NT error was NT_STATUS_WRONG_PASSWORD
The error changes in
Apr 22 16:53:11 mail pam_winbind[84315]: request failed: Account locked out,
PAM error was 8, NT error was NT_STATUS_ACCOUNT_LOCKED_OUT
after 5 trials (as AD locks out account according to policy)
Yet no user is asking me for help... so I'm afraid it is not an internal
User, but somebody trying to get an unauthorized access from outside ( yes
this is not an internal mail server only)
so the Question : how can I get the name of the user in the winbindd log if
user fails authentication ? I checked EVERY log from Messages to maillog...
no hint about the user failing authentication !
How could get the same of the user failing authentication on the server ?
Some hint please ?
More information about the samba
mailing list