[Samba] Query on Authentication with ADS
Venkatesh Subramaniam
venkat at esysmail.com
Thu Sep 9 03:56:34 GMT 2004
Hi,
I am using Samba 3.0.5 version on Debian. Here is my requirement.
User authentication should happen from my win2k ADS server. I configured
as per help but I am not successful during authentication.
I am able to get wbinfo -u , wbinfo -g & wbinfo -t commands successfully.
Here is my configuration.
[global]
workgroup = SOLUTIAINVENT
server string = %L
security = DOMAIN
obey pam restrictions = Yes
password server = prasaddr
passdb backend = tdbsam, guest
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
log level = 4
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
name resolve order = bcast lmhosts host wins
hostname lookups = Yes
dns proxy = No
panic action = /usr/share/samba/panic-action %d
idmap uid = 15000-20000
idmap gid = 15000-20000
template shell = /bin/bash
winbind cache time = 5
invalid users = root
[homes]
comment = Home Directories
read only = No
create mask = 0700
directory mask = 0700
browseable = No
Error Mesage:
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2004/09/09 11:36:34, 3] smbd/uid.c:push_conn_ctx(351)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2004/09/09 11:36:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2004/09/09 11:36:34, 4] auth/pampass.c:smb_pam_start(459)
smb_pam_start: PAM: Init user: SOLUTIAINVENT\Administrator
[2004/09/09 11:36:34, 1] lib/util_sock.c:get_peer_name(937)
Gethostbyaddr failed for 192.168.2.221
[2004/09/09 11:36:34, 4] auth/pampass.c:smb_pam_start(476)
smb_pam_start: PAM: setting rhost to: 192.168.2.221
[2004/09/09 11:36:34, 4] auth/pampass.c:smb_pam_start(485)
smb_pam_start: PAM: setting tty
[2004/09/09 11:36:34, 4] auth/pampass.c:smb_pam_start(493)
smb_pam_start: PAM: Init passed for user: SOLUTIAINVENT\Administrator
[2004/09/09 11:36:34, 4] auth/pampass.c:smb_pam_account(551)
smb_pam_account: PAM: Account Management for User:
SOLUTIAINVENT\Administrator
[2004/09/09 11:36:34, 0] auth/pampass.c:smb_pam_account(573)
smb_pam_account: PAM: UNKNOWN PAM ERROR (9) during Account Management
for User: SOLUTIAINVENT\Administrator
[2004/09/09 11:36:34, 2] auth/pampass.c:smb_pam_error_handler(73)
smb_pam_error_handler: PAM: Account Check Failed : Authentication
service cannot retrieve authentication info.
[2004/09/09 11:36:34, 0] auth/pampass.c:smb_pam_accountcheck(781)
smb_pam_accountcheck: PAM: Account Validation Failed - Rejecting User
SOLUTIAINVENT\Administrator!
[2004/09/09 11:36:34, 4] auth/pampass.c:smb_pam_end(440)
smb_pam_end: PAM: PAM_END OK.
[2004/09/09 11:36:34, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/09/09 11:36:34, 3] auth/auth.c:check_ntlm_password(295)
check_ntlm_password: PAM Account for user [SOLUTIAINVENT\Administrator]
FAILED with error NT_STATUS_LOGON_FAILURE
[2004/09/09 11:36:34, 2] auth/auth.c:check_ntlm_password(312)
check_ntlm_password: Authentication for user [Administrator] ->
[Administrator] FAILED with error NT_STATUS_LOGON_FAILURE
[2004/09/09 11:36:34, 3] smbd/process.c:timeout_processing(1104)
timeout_processing: End of file from client (client has disconnected).
[2004/09/09 11:36:34, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2004/09/09 11:36:34, 2] smbd/server.c:exit_server(568)
Any help is highly appreciated.
--
Venkat
+65 9855 1209
More information about the samba
mailing list