[Samba] 3.0.21b +pam_winbindd
Batty, Richard
richard.batty at logicacmg.com
Wed Feb 1 09:41:43 GMT 2006
Hi,
When I run
wbinfo --authenticate=AD03+richard.batty%password
I get the following in the logs,
[2006/01/30 11:42:06, 6] nsswitch/winbindd.c:new_connection(638)
accepted socket 16
[2006/01/30 11:42:06, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn INTERFACE_VERSION
[2006/01/30 11:42:06, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(454)
[ 0]: request interface version
[2006/01/30 11:42:06, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2006/01/30 11:42:06, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(487)
[ 0]: request location of privileged pipe
[2006/01/30 11:42:06, 6] nsswitch/winbindd.c:new_connection(638)
accepted socket 17
[2006/01/30 11:42:06, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn PAM_AUTH
[2006/01/30 11:42:06, 3] nsswitch/winbindd_pam.c:winbindd_pam_auth(202)
[ 0]: pam auth AD03+richard.batty
[2006/01/30 11:42:06, 8] lib/util.c:is_myname(1879)
is_myname("AD03") returns 0
[2006/01/30 11:42:06, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1529)
Retrieving response for pid 24308
[2006/01/30 11:42:06, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn INFO
[2006/01/30 11:42:06, 3] nsswitch/winbindd_misc.c:winbindd_info(442)
[ 0]: request misc info
[2006/01/30 11:42:06, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn AUTH_CRAP
[2006/01/30 11:42:06, 3] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(513)
[ 0]: pam auth crap domain: [AD03] user: richard.batty
[2006/01/30 11:42:06, 8] lib/util.c:is_myname(1879)
is_myname("AD03") returns 0
[2006/01/30 11:42:07, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1529)
Retrieving response for pid 24308
When I do the rlogin -l AD03+richard.batty localhost I get prompted for the password and get the following
[2006/01/30 15:11:41, 6] nsswitch/winbindd.c:new_connection(638)
accepted socket 16
[2006/01/30 15:11:41, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn INTERFACE_VERSION
[2006/01/30 15:11:41, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(454)
[ 0]: request interface version
[2006/01/30 15:11:41, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn WINBINDD_PRIV_PIPE_DIR
[2006/01/30 15:11:41, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(487)
[ 0]: request location of privileged pipe
[2006/01/30 15:11:41, 6] nsswitch/winbindd.c:new_connection(638)
accepted socket 17
[2006/01/30 15:11:41, 10] nsswitch/winbindd.c:process_request(324)
process_request: request fn PAM_AUTH
[2006/01/30 15:11:41, 3] nsswitch/winbindd_pam.c:winbindd_pam_auth(202)
[ 0]: pam auth AD03+richard.batty
[2006/01/30 15:11:41, 8] lib/util.c:is_myname(1879)
is_myname("AD03") returns 0
[2006/01/30 15:11:41, 10] nsswitch/winbindd_cache.c:cache_retrieve_response(1529)
Retrieving response for pid 27648
Both seem identical but the wbinfo does more after the "nsswitch/winbindd_cache.c:cache_retrieve_response(1529)"
Richard Batty
Unix, Oracle & AS/400 Team Leader
_________________________________________
LogicaCMG
Fairham House
Green Lane
Clifton
Nottingham
NG11 9LN
Tel: +44 (0) 115 9848926
Mob: +44 (0) 7841 602564
Fax: +44 (0) 115 9848547 (or 541)
Email: Richard.Batty at logicacmg.com
Web: http://www.logicacmg.com
-----Original Message-----
From: Guenther Deschner [mailto:gd at samba.org]
Sent: 31 January 2006 18:09
To: Batty, Richard
Cc: Samba Mailing List (E-mail); Foster, Ian
Subject: Re: [Samba] 3.0.21b +pam_winbindd
Hi,
On Tue, Jan 31, 2006 at 05:43:02PM -0000, Batty, Richard wrote:
>
> Ive installed and configured samba using
>
> cd samba-3.0.21b/source
> ./autogen.sh
> ./configure --with-krb5=/usr/local \
> --with-automount \
> --with-pam \
> --with-utmp \
> --with-winbind \
> --with-libsmbclient \
> --with-ldap \
> --with-netlib='-lresolv'
> make
> make install
> cp nsswitch/pam_winbind.so /usr/lib/security
> cp nsswitch/libnss_winbind.so /lib/nss_winbind.so.1
> ln -s /lib/nss_winbind.so.1 /usr/lib/nss_winbind.so.1
>
> I can browse my samba shares and the active directory 2003 authentication works fine.
>
> Ive modified pam.conf so rlogin should use pam_winbind
>
> rlogin auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1
> rlogin auth sufficient /usr/lib/security/pam_winbind.so try_first_pass
> rlogin auth required /usr/lib/security/$ISA/pam_unix.so.1
What did pam_winbind.so wrote to the syslog ?
> however if I try and login using
>
> rlogin -l AD03+richard.batty localhost
>
> it fails
Does it at least prompt you for a new password?
Thanks,
Guenther
--
Günther Deschner GPG-ID: 8EE11688
Novell / SUSE LINUX gd at suse.de
Samba Team gd at samba.org
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
More information about the samba
mailing list