[Samba] (no subject)

Rowland penny rpenny at samba.org
Thu Jul 2 19:59:20 UTC 2020 

On 02/07/2020 20:32, jmpatagonia via samba wrote:
> Ok, know from desktop logon apparently the user logon right,  look user
> 'policia\gafranchello' granted access on the trace below, but still tel me
> "Invalid password please try again"
>
> Jul  2 16:15:03 samba-cliente polkitd(authority=local): Unregistered
> Authentication Agent for unix-session:c6 (system bus name :1.231, object
> path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
> (disconnected from bus)
> Jul  2 16:15:05 samba-cliente lightdm: pam_unix(lightdm:session): session
> closed for user jmperrote
> Jul  2 16:15:05 samba-cliente lightdm: pam_kwallet(lightdm:session):
> pam_kwallet: pam_sm_close_session
> Jul  2 16:15:05 samba-cliente lightdm: pam_kwallet5(lightdm:session):
> pam_kwallet5: pam_sm_close_session
> Jul  2 16:15:05 samba-cliente systemd-logind[635]: Removed session c6.
> Jul  2 16:15:05 samba-cliente lightdm:
> pam_kwallet(lightdm-greeter:setcred): (null): pam_sm_setcred
> Jul  2 16:15:05 samba-cliente lightdm:
> pam_kwallet5(lightdm-greeter:setcred): (null): pam_sm_setcred
> Jul  2 16:15:05 samba-cliente lightdm: pam_unix(lightdm-greeter:session):
> session opened for user lightdm by (uid=0)
> Jul  2 16:15:05 samba-cliente systemd-logind[635]: New session c7 of user
> lightdm.
> Jul  2 16:15:05 samba-cliente systemd: pam_unix(systemd-user:session):
> session opened for user lightdm by (uid=0)
> Jul  2 16:15:05 samba-cliente lightdm:
> pam_kwallet(lightdm-greeter:session): (null): pam_sm_open_session
> Jul  2 16:15:05 samba-cliente lightdm:
> pam_kwallet(lightdm-greeter:session): pam_kwallet: open_session called
> without kwallet_key
> Jul  2 16:15:05 samba-cliente lightdm:
> pam_kwallet5(lightdm-greeter:session): (null): pam_sm_open_session
> Jul  2 16:15:05 samba-cliente lightdm:
> pam_kwallet5(lightdm-greeter:session): pam_kwallet5: open_session called
> without kwallet5_key
> Jul  2 16:15:25 samba-cliente lightdm: pam_winbind(lightdm:auth): getting
> password (0x00000000)
> Jul  2 16:15:28 samba-cliente lightdm: pam_winbind(lightdm:auth): user
> 'policia\gafranchello' granted access
> Jul  2 16:15:28 samba-cliente lightdm: pam_unix(lightdm:account): could not
> identify user (from getpwnam(gafranchello))
> Jul  2 16:15:31 samba-cliente dbus[653]: [system] Failed to activate
> service 'org.bluez': timed out
>
> And from unix console not work , same error
>
> ul  2 16:20:41 samba-cliente sshd[13844]: Invalid user
> policia\\gafranchello from 172.33.10.1
> Jul  2 16:20:41 samba-cliente sshd[13844]: input_userauth_request: invalid
> user policia\\\\gafranchello [preauth]
> Jul  2 16:20:43 samba-cliente sshd[13844]: pam_winbind(sshd:auth): getting
> password (0x00000000)
> Jul  2 16:20:43 samba-cliente sshd[13844]: pam_winbind(sshd:auth): request
> wbcLogonUser failed: WBC_ERR_AUTH_ERROR, PAM error: PAM_AUTH_ERR (7),
> NTSTATUS: NT_STATUS_WRONG_PASSWORD, Error message was: Wrong Password
> Jul  2 16:20:43 samba-cliente sshd[13844]: pam_winbind(sshd:auth): user
> 'policia\gafranchello' denied access (incorrect password or invalid
> membership)
> Jul  2 16:20:43 samba-cliente sshd[13844]: pam_unix(sshd:auth): check pass;
> user unknown
> Jul  2 16:20:43 samba-cliente sshd[13844]: pam_unix(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=172.33.10.1
> Jul  2 16:20:45 samba-cliente sshd[13844]: Failed password for invalid user
> policia\\gafranchello from 172.33.10.1 port 55002 ssh2
>
> This commands work fine-->
>
> root at samba-cliente:/etc/samba# wbinfo -m
> BUILTIN
> SAMBA-CLIENTE
> POLICIA
>
> root at samba-cliente:/etc/samba# net rpc testjoin -U jmperrote
> Join to 'POLICIA' is OK
>
> root at samba-cliente:/etc/samba# net rpc info -U jmperrote
> Enter jmperrote's password:
> Domain Name: POLICIA
> Domain SID: S-1-5-21-2536628940-703160423-1994053749
> Sequence number: 1593717825
> Num users: 9469
> Num domain groups: 82
> Num local groups: 0
>
>
> root at samba-cliente:/etc/samba# wbinfo -g | grep repar
> fs_dg2_repar
> root at samba-cliente:/etc/samba# getent group fs_dg2_repar
> fs_dg2_repar:x:10000036:
>
> root at samba-cliente:/etc/samba# wbinfo -N samba-cliente
> 10.11.37.149    samba-cliente
>
> root at samba-cliente:/etc/samba# id
> uid=0(root) gid=0(root) groups=0(root),15001(BUILTIN\users)
>
> But 'getent pass' and 'getent group' not work , running for a various
> second and only get users/groups locals.

It doesn't matter if 'getent passwd' and 'getent group' do not work, 
just so long that 'getent passwd a_username' and 'getent group 
a_groupname' do and the latter does, as shown above.

Rowland

More information about the samba mailing list