[Samba] Re: Winbind Password Problem

Linux Addict linuxaddict7 at gmail.com
Wed Jul 8 16:14:14 GMT 2009

On Wed, Jul 8, 2009 at 11:05 AM, Linux Addict <linuxaddict7 at gmail.com>wrote:

> Hello there, I am having weird issue. The problem is when a wrong password
> entered when I login or use sudo as AD user, the system uses the same wrong
> password next three times and exits , and does not prompt for password
> again.
> This is not the case when winbind is not used. I suspect this is something
> to do with PAM for winbind. Please somene look at my PAM config and let me
> know if there is anything worng. Any hint is appreciated.
> auth        required      pam_env.so
> auth        sufficient    pam_unix.so nullok try_first_pass
> auth        requisite     pam_succeed_if.so uid >= 500 quiet
> auth        sufficient    pam_winbind.so cached_login use_first_pass
> auth        required      pam_deny.so
> account     required      pam_access.so
> account     required      pam_unix.so broken_shadow
> account     sufficient    pam_localuser.so
> account     sufficient    pam_succeed_if.so uid < 500 quiet
> account     [default=bad success=ok user_unknown=ignore] pam_winbind.so
> cached_login
> account     required      pam_permit.so
> password    requisite     pam_cracklib.so try_first_pass retry=3
> password    sufficient    pam_unix.so sha512 shadow nullok try_first_pass
> use_authtok
> password    sufficient    pam_winbind.so cached_login use_authtok
> password    required      pam_deny.so
> session     optional      pam_mkhomedir.so skel=/etc/skel/
> session     required      pam_limits.so
> session     required      pam_unix.so

When I enable winbind to debug, I see the following messages on syslog.

pam_winbind(sshd): PAM_REINITIALIZE_CRED not implemented

More information about the samba mailing list