[Samba] windbind locks out domain account

Glenn Bailey gbailey at terremark.com
Wed May 14 21:02:11 GMT 2008 

Howdy folks,

I'm having a weird issue here. I have winbind running on several other servers
on our domain, and they are working fine. From what I can tell the configuration
is identical, as I custom rolled my own RPM that set's all the config parameters.

What's happening is when I try to ssh to this one specific server, it seems looking
at the logs it's trying to continuously authenticate off the domain with the wrong
password and then locks the account out. Here's some info from the logs (names changed
of course):

May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' OK
May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): request failed: Wrong Password, PAM error was Authentication failure (7), NT error was NT_STATUS_WRONG_PASSWORD
May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' denied access (incorrect password or invalid membership)
May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' OK
May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): request failed: Wrong Password, PAM error was Authentication failure (7), NT error was NT_STATUS_WRONG_PASSWORD
May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' denied access (incorrect password or invalid membership)
May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' OK
May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): request failed: Wrong Password, PAM error was Authentication failure (7), NT error was NT_STATUS_WRONG_PASSWORD
May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' denied access (incorrect password or invalid membership)
May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' OK
May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): request failed: Account locked out, PAM error was Have exhasted maximum number of retries for service. (11), NT error was NT_STATUS_ACCOUNT_LOCKED_OUT

Anyone seen anything like this before? I just type in my password once, and whammmo, account
locked out! ;-)

Glenn E. Bailey III
terremark worldwide

More information about the samba mailing list