[Samba] winbind flaky authentication..

Barry Rowlingson b.rowlingson at lancaster.ac.uk
Wed Jul 14 17:20:26 GMT 2004 

I've got weird things happening with winbind authentication - sometimes 
it works, sometimes it doesn't.

Sometimes it works for one username, and not for the other, sometimes it 
works for both, sometimes neither...

I'm a departmental admin trying to authenticate against our central 
windows domain - so I've no control of the windows side. The client 
machine is a fresh redhat FC2 box with samba as supplied.

If I catch it at the right moment, I can ssh bloggs at localhost and get 
in, where bloggs is my windows username and I enter my windows password. 
Then five mins later it wont work, I'll get 'permission denied'.

  Looking at the winbindd log file, the system seems to suddenly flip 
from looking for user 'bloggs' to 'NOUSER':

2004/07/14 18:11:24, 3] 
nsswitch/winbindd_misc.c:winbindd_interface_version(261)
   [28531]: request interface version
[2004/07/14 18:11:24, 3] 
nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(297)
   [28531]: request location of privileged pipe
[2004/07/14 18:11:24, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(122)
   [28531]: getpwnam bloggs
[2004/07/14 18:11:24, 3] nsswitch/winbindd_rpc.c:query_user(379)
   rpc: query_user rid=S-1-5-21-65601539-726015645-1725909577-9396
[2004/07/14 18:11:24, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(180)
   error getting user info for user '[CENTRAL]\[bloggs]'
[2004/07/14 18:11:25, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(122)
   [28531]: getpwnam NOUSER
[2004/07/14 18:11:25, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(157)
   user 'NOUSER' does not exist

  [and then a bunch more lines about NOUSER, ending with]

[2004/07/14 17:51:25, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth(314)
   Plain-text authentication for user NOUSER returned 
NT_STATUS_NO_SUCH_USER (PAM: 10)

  I'm not sure if its worth tracking this down, since I've almost given 
up with this. The next step was to be mounting windows home directories 
on the Linux box, and this is trick since the path on the windows server 
isn't simple... Plus there's no symlinks on smbfs... So I may have to 
find another way...

Cheers,

Baz

More information about the samba mailing list