[Samba] Strange SAMBA Winbind behavior - WBC_ERR_AUTH_ERROR - NT_STATUS_WRONG_PASSWORD
Juan Machado
juan at itos.uga.edu
Tue Jan 12 06:53:21 MST 2010
Hello All,
I am having a weird behavior and after 2 days of trying to fix it, I
just decided to ask the experts in this group!
I have a RHEL5 box running SAMBA 3.4.3-41.el5. Users authenticate via
Winbind to a Windows 2008R2 Domain controller.
Authentication is fine, users can log in but ...
1. When user type their login/username, it takes 3 seconds to get
the password prompt.
2. After the user provides the right password, the system let them
log in but a "WRONG PASSWORD" message is displayed.
When I check the logs I can see that BEFORE the user enters the
password, there is a bcLogonUser failed: WBC_ERR_AUTH_ERROR message in
the logs.
Jan 12 08:37:10 myrhelserver sshd[13822]: pam_unix(sshd:auth):
authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
rhost=wve-systems-10.mydomain.com user=juan
Jan 12 08:37:10 myrhelserver sshd[13822]: pam_winbind(sshd:auth):
getting password (0x00000010)
Jan 12 08:37:10 myrhelserver sshd[13822]: pam_winbind(sshd:auth):
pam_get_item returned a password
Jan 12 08:37:10 myrhelserver sshd[13822]: pam_winbind(sshd:auth):
request wbcLogonUser failed: WBC_ERR_AUTH_ERROR, PAM error: PAM_AUTH_ERR
(7), NTSTATUS: NT_STATUS_WRONG_PASSWORD, Error message was: Wrong
Password
Jan 12 08:37:10 myrhelserver sshd[13822]: pam_winbind(sshd:auth): user
'juan' denied access (incorrect password or invalid membership)
Jan 12 08:37:17 myrhelserver sshd[13822]: pam_winbind(sshd:auth):
getting password (0x00000010)
Jan 12 08:37:17 myrhelserver sshd[13822]: pam_winbind(sshd:auth):
pam_get_item returned a password
Jan 12 08:37:17 myrhelserver sshd[13822]: pam_winbind(sshd:auth): user
'juan' granted access
Jan 12 08:37:17 myrhelserver sshd[13822]: pam_winbind(sshd:account):
user 'juan' granted access
Jan 12 08:37:17 myrhelserver sshd[13822]: Accepted password for juan
from 172.16.248.174 port 57858 ssh2
Jan 12 08:37:17 myrhelserver sshd[13822]: pam_unix(sshd:session):
session opened for user juan by (uid=0)
WBC_ERR_AUTH_ERRORJan 12 08:37:35 myrhelserver sshd[13874]: Connection
closed by 172.16.1.62
----------------
This is my /etc/pam.d/system-auth:
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_winbind.so use_first_pass
auth required pam_deny.so
account required pam_unix.so broken_shadow
account sufficient pam_succeed_if.so uid < 500 quiet
account [default=bad success=ok user_unknown=ignore] pam_winbind.so
account required pam_permit.so
password requisite pam_cracklib.so try_first_pass retry=3
password sufficient pam_unix.so md5 shadow nullok try_first_pass
use_authtok
password sufficient pam_winbind.so use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session optional pam_mkhomedir.so skel=/etc/skel umask=0022
session [success=1 default=ignore] pam_succeed_if.so service in
crond quiet use_uid
session required pam_unix.so
This is my /etc/samba/smb.conf:
#======================= Global Settings
=====================================
[global]
workgroup = mydomain
winbind separator = +
server string = Samba Server
security = ads
load printers = yes
winbind enum users = yes
winbind enum groups = yes
cups options = raw
log file = /var/log/samba/%m.log
max log size = 50
local master = no
dns proxy = no
password server = ad1.mydomain.com ad2.mydomain.com
realm = MYDOMAIN.COM
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/bash
winbind use default domain = true
[homes]
comment = Home Directories
browseable = no
writable = yes
So,does anybody have an idea of WHY am I getting the "WRONG PASSWORD"
message when I successfully authenticate?
Thanks.
Juan Machado
More information about the samba
mailing list