[Samba] winbindd and PAM problem
Bjoern Olausson
spamsuxx at gmail.com
Thu Sep 29 13:38:21 GMT 2005
Hi all,
I am trying to make it possible to log into a Linux client
authenticating against a running Samba PDC (24 Windows XP clients do
so sccessfully) (SuSE Linux 9.1; Samba 3.0.9-2.6-SUSE)
The client is running Gentoo Linux with Samba Samba 3.0.14a
I configured everything like written in the Samba HowTo "23. Winbind:
Use of Domain Accounts"
When I login with "biopool/test" and the correct password, I get a
"Permission denied"
When I use a wrong password I get a
"Login incorrect"
So it seams as if the authentication to the PDC works. But something
goes wrong after that.
I have no clue what, or where to search. Google didn't find an answere.
So here are my configs:
smb.conf (client):
---------------------------------
[global]
workgroup = BIOPOOL
security = DOMAIN
encrypt passwords = No
allow trusted domains = No
password server = 172.30.2.251
passdb backend = tdbsam
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind use default domain = Yes
winbind trusted domains only = Yes
pam_login(client)
------------------------------------
#%PAM-1.0
auth sufficient /lib/security/pam_unix.so use_first_pass
auth sufficient /lib/security/pam_winbind.so
auth required /lib/security/pam_nologin.so
account sufficient /lib/security/pam_winbind.so use_first_pass use_authtok
password sufficient pam_winbind.so use_first_pass use_authtok
session sufficient pam_winbind.so use_first_pass use_authtok
session required /lib/security/pam_mkhomedir.so skel=/etc/skel/ umask=0077
messages for login with wrong PW:
----------------------------------------------------------------------
Sep 29 15:35:49 pool04 login(pam_unix)[11222]: auth could not identify
password for [biopool\test]
Sep 29 15:35:53 pool04 pam_winbind[11222]: request failed: Wrong
Password, PAM error was 7, NT error was NT_STATUS_WRONG_PASSWORD
Sep 29 15:35:53 pool04 pam_winbind[11222]: user `biopool\test' denied
access (incorrect password or invalid membership)
Sep 29 15:35:53 pool04 login[11222]: FAILED LOGIN 1 FROM /dev/tty2 FOR
UNKNOWN, Permission denied
messages for login with correct PW:
------------------------------------------------------------------
Sep 29 15:37:29 pool04 login(pam_unix)[11255]: auth could not identify
password for [biopool\test]
Sep 29 15:37:34 pool04 pam_winbind[11255]: user 'biopool\test' granted access
Sep 29 15:37:34 pool04 login[11255]: Permission denied
So where is my mistake? Could anybody please give me some hints where
I have to start my search?
thanks a lot
Bjoern
More information about the samba
mailing list