solution: account expired
Steve Langasek
vorlon at netexpress.net
Mon May 7 22:27:25 GMT 2001
Hi Florian,
On Tue, 8 May 2001, Florian Petri wrote:
> Some of you maybe get "account disabled ... " when they try to login at NT4 or
> W2K workstations and don't know where this comes from, because they can access the samba server eg. with the same accounts without any problem.
> (log.smbd show some unknown errors ...)
> The PAM service at my linux box was wrong configured. I used pam_unix.so in
> /etc/pam.d/samba but it seems to me that I have to install pam_pwdb.so (parameters: md5 shadow) to login at my nt4 box.
> Problably this could be documented somewhere, I spend a couple of hours on
> this and some others posted the same problems, I hope this helps you ...
This is a combination of a bug in Samba 2.2.0, and a bug in some versions of
pam_unix. I believe the most current version of pam_unix should work ok -- if
not, I'd appreciate knowing about it. Samba 2.2.1 (which should be out any
day now, right? :) will solve the problem for previous versions of pam_unix.
For backwards-compatibility with Samba 2.0, which did not do PAM account
authorization checks, use pam_permit instead of pam_unix.
I don't personally have access to document this anywhere official, I'm afraid
:)
Steve Langasek
postmodern programmer
More information about the samba-ntdom
mailing list