[Samba] using pam_winbind to authenticate against AD/krb
Greg Albrecht
gba at undef.net
Thu Jul 28 16:58:21 GMT 2005
hey all,
after following the directions in the
"FreeBSD Active Directory Domain Member Mini-HOWTO"
http://web.irtnog.org/howtos/freebsd/winbind
i am able to get my machine to the point where i can query users with
'wbinfo':
$ wbinfo -u|grep galbrecht
galbrecht
i am unable, however, to login to my machine using any service, telnet
for example:
$ telnet -K localhost
Connected to localhost
FreeBSD/i386 (albany.undef.net) (ttyp7)
login: galbrecht
Password: ******
login:
my /var/log/messages shows:
... albany pam_winbind[15753]: user 'galbrecht' granted access
... albany login[15753]: pam_acct_mgmt(): error in service module
if i attempt to login with a username that does not exist, in either ad
or local pwd, /var/log/messages shows:
... albany pam_winbind[15825]: request failed: No such user, PAM error
was 13, NT error was NT_STATUS_NO_SUCH_USER
... albany pam_winbind[15825]: user `greg' not found
i've attempted to enable debugging with pam_winbind in my
/etc/pam.d/system configuration, which doesn't seem to have an effect,
but i've done a -d10 dump, if that would be useful to anyone.
save for my domain, my configuration matches that of the webpage sited
above.
any ideas?
-g
--
Greg Albrecht (gba at undef.net) * -0700 GMT/UTC
http://undef.net * +1 213 447 3089
More information about the samba
mailing list