pam_winbind change password problem
Stefano Sasso
stesasso at gmail.com
Mon Nov 15 09:11:33 MST 2010
Hi *,
I have a problem in changing user passwords with pam_winbind.
the samba server joined a samba domain (samba+ldap PDC),
user authentication through ldap, getent passwd, wbinfo -u & co. works
perfectly, but when I try to change a password, in my log I find:
Nov 15 17:03:20 ltsp-1 passwd[25438]: pam_winbind(passwd:chauthtok):
[pamh: 0x8d4e170] ENTER: pam_sm_chauthtok (flags: 0x4000)
Nov 15 17:03:20 ltsp-1 passwd[25438]: pam_winbind(passwd:chauthtok):
username [ssasso] obtained
Nov 15 17:03:20 ltsp-1 passwd[25438]: pam_winbind(passwd:chauthtok):
valid_user: wbcGetpwnam gave WBC_ERR_DOMAIN_NOT_FOUND
Nov 15 17:03:20 ltsp-1 passwd[25438]: pam_winbind(passwd:chauthtok):
[pamh: 0x8d4e170] LEAVE: pam_sm_chauthtok returning 4 (PAM_SYSTEM_ERR)
Nov 15 17:03:20 ltsp-1 passwd[25438]: pam_unix(passwd:chauthtok): user
"ssasso" does not exist in /etc/passwd
what's going wrong?
thanks,
stefano
My configuration is the following:
smb.conf
[global]
workgroup = BARBARIGO
unix charset = LOCALE
security = DOMAIN
username map = /etc/samba/smbusers
netbios name = LTSP-1
server string = %h server (Samba, Ubuntu)
local master = no
domain master = no
preferred master = no
dns proxy = no
encrypt passwords = Yes
name resolve order = wins bcast hosts
wins server = 192.168.2.5
password server = 192.168.2.5
ldap suffix = dc=barbarigo,dc=dom
ldap machine suffix = ou=Computers
ldap user suffix = ou=Users
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=Manager,dc=barbarigo,dc=dom
ldap ssl = Off
idmap backend = ldap:ldap://192.168.2.5
idmap uid = 30000-50000
idmap gid = 30000-50000
winbind trusted domains only = Yes
winbind use default domain = yes
pam config:
password sufficient pam_winbind.so use_authtok debug
password required pam_unix.so nullok obscure md5
# here's the fallback if no module succeeds
password requisite pam_deny.so
------------
root at ltsp-1:~# getent passwd | grep ssasso
ssasso:x:1292:513:Stefano Sasso,,,,:/srv/homes/ssasso:/bin/bash
------------
root at ltsp-1:~# wbinfo -u | grep ssasso
LTSP-1\ssasso
ssasso
--
Stefano Sasso
http://stefano.dscnet.org/
More information about the samba-technical
mailing list