W2K Domain Login Problem with 2.2.0
PeRcY YuEn
percy at py.dhs.org
Sat Apr 21 19:24:48 GMT 2001
Andrew,
I've got a similar problem with Solaris 2.6. The debug message shows the
PAM cause a PAM_USER_UNKNOWN at passdb/pampass.c:262. I have not modified
the orignal PAM configuration that comes with solaris and the Samba220
alpha 3 seems working fine with it. I guess there may be some problems
with the recent modifications to the PAM code.
Regards,
Percy
Andrew Bartlett wrote:
> Gerald Carter wrote:
> >
> > Well actually that was my gut feeling. Just hadn't had time to
> > verify it.
> >
> > John T. or Andrew B.,
> >
> > Has either or you looked at the PAM code and Domain logons?
> > Can you comment here?
> >
> > jerry
>
> That will be one of the little changes I fired off just before 2.2.0
> came out.
>
> If PAM is working correctly (ie /etc/pam.d/samba is present and sensibly
> configured) then it should work fine. If there is ANY pam error, it
> gets sent back as 'NT_STATUS_ACCOUNT_DISABLED'.
>
> John T did a lot of work putting in VERY good debug messages for PAM.
> What is in the log files?
>
> I'd like to get to the bottom of this...
>
> Andrew Bartlett
> abartlet at pcug.org.au
>
>>
>> On Wed, 18 Apr 2001 22:06:47 Chen Shiyuan wrote:
>> >
>> > I think I have found the solution to the problem even though I don't
>> > know what/why it caused such a problem.
>> >
>> > Someone posted on the Samba mailing list that Samba-2.2.0 makes sure
>> > that PAM is used when it is compiled in but earlier versions didn't .
>> >
>> > So I recompiled 2.2.0 WITHOUT PAM support and voila, the account is no
>> >
>> > longer "disabled" when logging in via W2K.
>> >
>> > HTH & Thanks!
>> >
>> > On Wed, 18 Apr 2001 22:29:34 +0800 (SGT), Chen Shiyuan
>> > <csy at hjc.edu.sg>
>> > wrote :
>> >
>> > > Hello!
>> > >
>> > > Just to add on to my previous email, samba-2.2.0-alpha3 and
>> > > samba-2.2.0
>> > > are compiled using :-
>> > >
>> > > ./configure --prefix=/usr --libdir=/etc
>> > > --with-lockdir=/var/lock/samba --
> > > > with-swatdir=/usr/share/swat --localstatedir=/var/log/samba
> > > > --with-
> > > > smbmount --with-pam
> > > >
> > > > And I am running RedHat 6.2 with kernel 2.2.19 .
> > > >
> > > > Thanks!
> > > >
> > > > On Wed, 18 Apr 2001 08:32:13 -0500, Gerald Carter
> > > > <gcarter at valinux.com>
> > > > wrote :
> > > >
> > > > > On Wed, 18 Apr 2001 03:49:25 Chen Shiyuan wrote:
> > > > > >
> > > > > > However, after upgrading to samba-2.2.0, when W2K users
> > > > > > tried to login using their username/password, W2K pops
> > > > > > up a small dialog box in the middle of the screen that
> > > > > > says - Your account has been disabled, please
> > > > > > contact your System Administrator.
> > > > >
> > > > > Send me a level 10 debug log offline of the Win2k domain
> > > > > logon attempt.
> > > > >
>
> --
> Andrew Bartlett
> abartlet at pcug.org.au
More information about the samba-technical
mailing list