[Samba] HELP - winbind/PAM issues

Theis, Jason (CAG-AP) Jason.Theis at uap.com
Wed Jan 19 21:47:26 GMT 2005


I have a laptop with fedora core 3 installed.  I have an NT domain that I
would like to use for all authentication (Linux and Windows).  As a test I
decided to focus on ssh authentication.  I have completed the following:

Created the smb.conf:
[global]
   workgroup = DOMAIN_NAME
   server string = Linux Workstation
 log file = /var/log/samba/%m.log
   max log size = 50
   security = domain
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
   wins support = no
   wins server = local_wins_server
   dns proxy = no
   idmap uid = 16777216-33554431
   idmap gid = 16777216-33554431
   template homedir = /home/winnt/%D/$U
   template shell = /bin/bash
   winbind separator = \
   winbind use default domain = no
   password server = *
[homes]
   comment = Home Directories
   browseable = no
   writable = yes

Edited /etc/pam.d/sshd to be (assuming no security just to get this thing
running):
#%PAM-1.0
auth       required     pam_nologin.so
auth       sufficient   pam_winbind.so debug

account    sufficient   pam_winbind.so

session    required     pam_stack.so service=system-auth
session    optional     pam_console.so

I have successfully joined the domain.  I get the following information when
running wbinfo:

wbinfo -u

DOMAIN_NAME   winbind use default domain = yestfbradm
DOMAIN_NAME   winbind use default domain = yestfbrenda
DOMAIN_NAME   winbind use default domain = yestfbrett
DOMAIN_NAME   winbind use default domain = yestfcarme
DOMAIN_NAME   winbind use default domain = yestfcarmen
DOMAIN_NAME   winbind use default domain = yestfcdom

wbinfo -g

DOMAIN_NAME   winbind use default domain = yesvpn small office
DOMAIN_NAME   winbind use default domain = yeswebposting
DOMAIN_NAME   winbind use default domain = yeswebsecur01
DOMAIN_NAME   winbind use default domain = yeswinsock users

This is where I am stuck:

wbinfo -a username%password
plaintext password authentication failed
error code was NT_STATUS_NO_SUCH_USER (0xc0000064)
error messsage was: No such user
Could not authenticate user username%password with plaintext password
challenge/response password authentication succeeded

If I try to log in via ssh I get this in the log:

Jan 19 14:21:18 linus pam_winbind[5326]: request failed: No such user, PAM
error was 10, NT error was NT_STATUS_NO_SUCH_USER
Jan 19 14:21:18 linus pam_winbind[5326]: user `username' not found

Why is it not able to find my NT user when wbinfo will print out my user
information just fine?  Am I missing something?  I have read just about
every thread, forum, document, etc.. etc.. I can find.  Please help.

Thanks












More information about the samba mailing list