[Samba] winbind authentication fails with STATUS_BUFFER_OVERFLOW

Alex Laslavic (Lenox) Alex.Laslavic at worldtravel.com
Thu Jan 26 18:23:55 GMT 2006 

Using samba-3.0.10-1.4E.2 as supplied by RedHat Enterprise 4.  Using
security=ADS mode, and using winbind and pam_winbind to authenticate.  

I was able to sucessfully join the domain, and can enumerate users and
groups.  

Whenever I try to authenticate, it always fails with the status
STATUS_BUFFER_OVERFLOW.  

-------------------pieces of Winbind Logs---------------
[2006/01/26 13:08:55, 5] rpc_parse/parse_prs.c:prs_ntstatus(672)
      0024 status: STATUS_BUFFER_OVERFLOW
[2006/01/26 13:08:55, 3]
rpc_client/cli_netlogon.c:cli_nt_setup_creds(290)
  cli_nt_setup_creds: auth2 challenge failed STATUS_BUFFER_OVERFLOW

[2006/01/26 13:08:55, 3] nsswitch/winbindd_pam.c:winbindd_pam_auth(289)
  could not open handle to NETLOGON pipe
[2006/01/26 13:08:55, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth(361)
  Plain-text authentication for user alaslavic returned
STATUS_BUFFER_OVERFLOW (PAM: 4)
[2006/01/26 13:08:55, 5] nsswitch/winbindd.c:winbind_client_read(477)
  read failed on sock 23, pid 11620: EOF
[2006/01/26 13:08:55, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(126)
  [11620]: getpwnam alaslavic
[2006/01/26 13:08:55, 3] lib/charcnv.c:convert_string_allocate(567)
  convert_string_allocate: Conversion error: Incomplete multibyte
sequence(°VÜ*U)
[2006/01/26 13:08:55, 3] lib/charcnv.c:convert_string_allocate(576)
  convert_string_allocate: Conversion error: Illegal multibyte
sequence(Ü*U)
[2006/01/26 13:08:59, 5] nsswitch/winbindd.c:winbind_client_read(477)
  read failed on sock 20, pid 11620: EOF
[2006/01/26 13:09:11, 5] lib/smbldap.c:smbldap_close(929)
  The connection to the LDAP server was closed
[2006/01/26 13:09:11, 5] sam/idmap_ldap.c:ldap_idmap_close(765)
  The connection to the LDAP server was closed
[2006/01/26 13:09:11, 5] nsswitch/winbindd.c:winbind_client_read(477)
  read failed on sock 10, pid 11586: EOF



---------------smb.conf--------------------
# Globals
[global]
        workgroup = WORLDTRAVEL
        netbios name = usgalnx1tuxmgmt01
        realm = WORLDTRAVEL.LOCAL
        server string = Linux Management Server
        security = ADS
        log level = 7
        ldap admin dn = cn=xxxx,dc=worldtravel,dc=local
        ldap idmap suffix = ou=Idmap
        ldap suffix = dc=worldtravel,dc=local
        idmap backend = ldap:ldap://usgalnx1tuxmgmt01.worldtravel.local
        idmap uid = 100000-900000
        idmap gid = 100000-900000
        template shell = /bin/bash
        winbind use default domain = Yes
        winbind nested groups = Yes
        use spnego = yes
        socket options = TCP_NODELAY SO_RCVBUF=16384

        include = /etc/samba/smb.include


-- 
***********************************
*  Alex Laslavic                   
*  Linux Engineer                  
*  WorldTravel BTI                 
*  x49511                            
*  gpg/pgp key at                   
*       http://keys.jumpbox.net    
***********************************
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20060126/0cc6d3a4/attachment.bin

More information about the samba mailing list