Alexander Seitz Alexander.Seitz at
Fri Nov 30 06:18:13 GMT 2001

sorry to take some of your time again,

I was playing a little bit arround with winbindd today.
I compiled samba-2.2.2 with winbind and pam support.
Everything seems to work fine but:
i can getent passwd and the users resolfe fine, i can finger the user with
FHS-HAGENBERG+user this works fine too.
But I can't chown a file to a domain user, i get illegal user name.

Also I was not able to setup pam correctly
I first tried login: (console)

I got the following errors in log whet i try to log in :

Nov 30 15:04:57 wostok login[7416]: FAILED LOGIN 1 FROM /dev/tty1 FOR as,
Authentication failure
Nov 30 15:05:07 wostok pam_winbind[7416]: user 'FHS-HAGENBERG+as' granted
Nov 30 15:05:07 wostok login[7416]: User not known to the underlying
authentication module
Nov 30 15:05:59 wostok pam_winbind[28292]: user 'FHS-HAGENBERG+as' granted
Nov 30 15:05:59 wostok login[28292]: User not known to the underlying
authentication module

it seems that pam_winbind is working.

my pam login file lokkes like that:

auth       required /lib/security/
auth       required /lib/security/
auth       sufficient    /lib/security/
auth       required     /lib/security/ use_first_pass shadow
account required /lib/security/

I am using instead of  might this be the problem ? I
don't have this on my SuSE system
It is replaced by
I have tried to compile  but it means it canno't be compiuled on
my system.

Or am i missing anything else ?

wbinfo -t  says thet the secret is wrong.
But i don't know how i can make it right.
If i try to join domain with a command like this : smbpasswd -j
FHS-HAGENBERG -r ad3 -U Administrator i get the following error messages
failed session setup
Error connecting to ad3
Unable to join domain FHS-HAGENBERG.

Doesn't matter what useraccount I take, it's the same.
When I use smbpasswd -j FHS-HAGENBERG -r ad3   i get  an success in joining
the domain.

As I said, samba is working fine if I create the user locally (it
autheniticates the user with the domain)

We have W2KSP2 as domain controllers.

my smb.conf  looks like that:

   winbind separator = +
   winbind cache time = 10
   template shell = /bin/bash
   template homedir = /home/%U
   winbind uid = 10000-20000
   winbind gid = 10000-20000
   workgroup = FHS-HAGENBERG
   encrypt passwords = yes
   security = DOMAIN
   password server = ad3
   netbios name = WOSTOK
   socket options = IPTOS_LOWDELAY TCP_NODELAY
   os level = 0
   wins support = no
   preferred master = no
   local master = no
   debug level = 0
   log level = 1
   mangled names = yes
   default case = lower
   case sensitive = no
   preserve case = yes
   short preserve case = yes
   kernel oplocks = no
   oplocks = true
   level2 oplocks = True
    max connections = 0
   max smbd processes = 0
   strict sync = no

Alexander Seitz (Alexander.Seitz at
System Administrator (sysadmin at
FHS Hagenberg (
Hauptstrasse 117
4232 Hagenberg
Tel..: +43 7236 3888 2151
Fax.: +43 7236 3888 62151

Live long and prosper. - Vulcan proverb
And eat well. - Jewish addendum to Vulcan proverb
Feast on your enemies! - Klingon interpertation of Jewish
addendum to Vulcan proverb

jesus saves, but only budda makes incremental backups

More information about the samba mailing list