[Samba] Winbind AD authentication problem
Johan.Bergstrom at tieto.com
Johan.Bergstrom at tieto.com
Tue Feb 2 03:13:53 MST 2010
It seems I have the same problem that was discussed briefly earlier on this list in a mail from Kris Kaido. I didn't see any solution, so I'm wondering if it's considered a bug that needs to be fixed or simply a configuration error.
To be more specifc;
I have joined a Win2008R2 Forest/Domain AD with my server running RHEL5.4 - samba-3.0.33-3.14.el5 without problems.
I can view users and groups in the domain with wbinfo -u / wbinfo -g
Getent passwd also works fine, aswell as 'su - <domainuser>'
But I cannot authenticate users with password, ie login.
wbinfo -K domainuser%password works fine.
wbinfo -a domainuser%password fails on both plaintext and challenge/response password. See below for output.
Ex;
# wbinfo -K domainuser%password
plaintext kerberos password authentication for [domainuser%password] succeeded (requesting cctype: FILE)
credentials were put in: FILE:/tmp/krb5cc_0
# wbinfo -a domainuser%password
plaintext password authentication failed
error code was NT code 0x00000721 (0x721)
error messsage was: NT code 0x00000721
Could not authenticate user domainuser%password with plaintext password
challenge/response password authentication failed
error code was NT_STATUS_PIPE_DISCONNECTED (0xc00000b0)
error messsage was: Named pipe dicconnected
Could not authenticate user domainuser with challenge/response
More information about the samba
mailing list