[Samba] ODD PAM ERROR
Brandon Lederer
blederer at cashflowbilling.com
Wed Nov 12 19:54:41 GMT 2003
I Have a "nobody" account. However I didn't have that line in there, or
rather it was commented out. So, I uncommented it, restarted samba and
winbind to no avail. No luck with the magic crystal this time. So that
we have a clear distinct crystal, I will paste my smb.conf file. My bad.
Comments removed.
[global]
workgroup = HMS
server string = %h server (Samba %v)
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = domain
encrypt passwords = true
passdb backend = tdbsam guest
obey pam restrictions = yes
guest account = nobody
invalid users = root
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/false
winbind separator = +
[data]
path = /data
public = yes
John H Terpstra wrote:
>On Fri, 7 Nov 2003, Brandon Lederer wrote:
>
>
>
>>I have set up winbind, made the nsswitch settings, joined the current NT
>>Domain, got back the message that said "Welcome to Domain". When I try
>>to access the PC, it brings up IPC$ and wants a password. The log for
>>that workstation says "PAM: UNKNOWN PAM ERROR (9) during Account
>>Management for User: Domain+USERNAME!" Then it says "PAM: Account
>>Validation Failed - Rejecting User Domain+USERNAME!"
>>
>>Does anyone have any helpful ideas?
>>
>>
>
>Brandon,
>
>You are asking us to exercise our worn-out crystal balls by not providing
>your smb.conf file, so here goes:
>
>My guess is that your UNIX system does NOT have an account called
>"nobody". I guess also that given that your system does not have a nobody
>account, you also do not have the following entry in your smb.conf file
>[globals] section:
>
> guest account = 'a_valid_unix_account'
>
>So let me know, did my crystal ball work this time. Dang, it's been so
>unreliable lately! :)
>
>- John T.
>
>
--
Brandon Lederer
Linux Administrator
Cashflow Billing Solutions
(402) 898-2600 x334
**********CONFIDENTIALITY STATEMENT**********
This e-mail (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may
be legally privileged. It is intended for the use of the individual or
entity to which it is addressed and may contain information that is
privileged, confidential, and exempt from disclosure under applicable
law. If the reader of this email is not the intended recipient, or
agent responsible for delivering or copying of this communication, you
are hereby notified that any retention, dissemination, distribution, or
copying of this communication is strictly prohibited. If you have
received this communication in error, please reply to the sender that
you have received the message in error, then delete it. Thank you.
More information about the samba
mailing list