[Samba] Unknown PAM failiure in WIN2003/ Active Directory + samba
Felipe Augusto van de Wiel
felipe at paranacidade.org.br
Mon Oct 17 13:22:18 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Philippe Dhont (Sea-ro) escreveu:
> Hello,
> I have an existing windows 2003 network and now try to add a
> new linux server with samba/kerberos support for unified
> logon authentication. Normally, everything is installed & this
> is the configuration:
> - Debian with 2.6.16.4 kernel
Are you sure about this kernel version? :-)
[...]
> In my /etc/pam.d/samba file i have:
> @include common-auth
> @include common-account
> @include common-session
> auth required /lib/security/pam_winbind.so
> account required /lib/security/pam_winbind.so
I'm not sure, but I believe you should put auth
options together, same for account, AFAIK, pam check the
options line by line, after the auth area ends, there is
no chance to "another auth area", you should put auth
parameters all together, like this:
@include common-auth
auth required /lib/security/pam_winbind.so
@include common-account
account required /lib/security/pam_winbind.so
[...]
> In my loggings i get after trying:
[...]
> In the new added logfile from the windows pc i tried to connect:
> [2005/10/17 11:26:59, 0] auth/pampass.c:smb_pam_account(573)
> smb_pam_account: PAM: UNKNOWN PAM ERROR (9) during Account Management
> for User: TEST\phil
> [2005/10/17 11:26:59, 0] auth/pampass.c:smb_pam_accountcheck(781)
> smb_pam_accountcheck: PAM: Account Validation Failed - Rejecting User
> TEST\phil!
[...]
Yep, looks like pam stack problem. :-)
> On the windowsXP pc, i am logged in as phil and when i connect and i get
> a logon, i tried TEST\Administrator
> I don't find alot of good information about this error, but i hope that
> someone can help me out.
Hope it helps, cheers,
- --
//////////
// Felipe Augusto van de Wiel <felipe at paranacidade.org.br>
// CTI/Suporte - SEDU/PARANACIDADE
// http://www.paranacidade.org.br/
//////////
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
iD8DBQFDU6WKCj65ZxU4gPQRAtf2AJ9ScMX108VQIa8UGFvK8PwV1snmjgCeINPM
qhLYUmS7CAf4UbvU0xemRQE=
=g45U
-----END PGP SIGNATURE-----
More information about the samba
mailing list