<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">Hi,<div><br></div><div>Apologies for cross posting, but I'm not sure if this is an Oi issue or a cswsamba issue. I've installed cswsamba (3.6.15) and cswsamba_winbind on an OI box (151a7). I've got it bound to AD fine, and winbind itself seems to be operating perfectly (I've actually got netatalk happily authenticating AD users via winbind). If I run wbinfo -u or getent passwd, I get the expected information back.</div><div><br></div><div>Oddly though Samba itself isn't authenticating users. If I try and login (with a few variations of DOMAIN\username or username@DOMAIN) it just kicks it back as an unknown user (see below). The only thing that I can think of is that the cswsamba is actually still calling the previously installed (but turned off) winbind that I installed with the original OI samba install. With that not running though I wouldn't have thought that would have happened (but if that could be it - how do I make sure that cswsamba uses cswsamba_winbind). I have symlinked the csw nss_winbind libraries into /lib, I just don't know if there's anything else that could cause this.</div><div><br></div><div>Thanks for any help.</div><div><br><div apple-content-edited="true">
<div style="color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; ">James<br><br>Principal Consultant<br><br></span></div><div style="color: rgb(0, 0, 0); font-family: Helvetica; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: -webkit-auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; "><span class="Apple-style-span" style="border-collapse: separate; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; "><br></span></div><div style="orphans: 2; text-align: -webkit-auto; text-indent: 0px; widows: 2;"><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px;"><div style="text-align: -webkit-auto;"> Mapping user [DOMAIN]\[james] from workstation [server03]</div><div style="text-align: -webkit-auto;"> attempting to make a user_info for james (james)</div><div style="text-align: -webkit-auto;"> making strings for james's user_info struct</div><div style="text-align: -webkit-auto;"> making blobs for james's user_info struct</div><div style="text-align: -webkit-auto;"> check_ntlm_password: Checking password for unmapped user [DOMAIN]\[james]@[server03] with the new password interface</div><div style="text-align: -webkit-auto;"> check_ntlm_password: mapped user is: [DOMAIN]\[james]@[server03]</div><div style="text-align: -webkit-auto;"> Finding user DOMAIN\james</div><div style="text-align: -webkit-auto;"> Trying _Get_Pwnam(), username as lowercase is DOMAIN\james</div><div style="text-align: -webkit-auto;"> Trying _Get_Pwnam(), username as given is DOMAIN\james</div><div style="text-align: -webkit-auto;"> Checking combinations of 0 uppercase letters in DOMAIN\james</div><div style="text-align: -webkit-auto;"> Get_Pwnam_internals didn't find user [DOMAIN\james]!</div><div style="text-align: -webkit-auto;"> Finding user james</div><div style="text-align: -webkit-auto;"> Trying _Get_Pwnam(), username as lowercase is james</div><div style="text-align: -webkit-auto;"> Checking combinations of 0 uppercase letters in james</div><div style="text-align: -webkit-auto;"> Get_Pwnam_internals didn't find user [james]!</div><div style="text-align: -webkit-auto;"> Failed to find authenticated user DOMAIN\james via getpwnam(), denying access.</div><div style="text-align: -webkit-auto;"> check_ntlm_password: winbind authentication for user [james] FAILED with error NT_STATUS_NO_SUCH_USER</div><div style="text-align: -webkit-auto;"> check_ntlm_password: Authentication for user [james] -> [james] FAILED with error NT_STATUS_NO_SUCH_USER</div><div style="text-align: -webkit-auto;"> Got user=[<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>] domain=[DOMAIN] workstation=[server03] len1=24 len2=124</div><div style="text-align: -webkit-auto;"> Mapping user [DOMAIN]\[<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>] from workstation [server03]</div><div style="text-align: -webkit-auto;"> attempting to make a user_info for <a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a> (<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>)</div><div style="text-align: -webkit-auto;"> making strings for <a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>'s user_info struct</div><div style="text-align: -webkit-auto;"> making blobs for <a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>'s user_info struct</div><div style="text-align: -webkit-auto;"> check_ntlm_password: Checking password for unmapped user [DOMAIN]\[<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>]@[server03] with the new password interface</div><div style="text-align: -webkit-auto;"> check_ntlm_password: mapped user is: [DOMAIN]\[<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>]@[server03]</div><div style="text-align: -webkit-auto;"> check_ntlm_password: winbind authentication for user [<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>] FAILED with error NT_STATUS_NO_SUCH_USER</div><div style="text-align: -webkit-auto;"> check_ntlm_password: Authentication for user [<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>] -> [<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>] FAILED with error NT_STATUS_NO_SUCH_USER</div><div style="text-align: -webkit-auto;"> Got user=[<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>] domain=[DOMAIN] workstation=[server03] len1=24 len2=124</div><div style="text-align: -webkit-auto;"> Mapping user [DOMAIN]\[<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>] from workstation [server03]</div><div style="text-align: -webkit-auto;"> attempting to make a user_info for <a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a> (<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>)</div><div style="text-align: -webkit-auto;"> making strings for <a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>'s user_info struct</div><div style="text-align: -webkit-auto;"> making blobs for <a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>'s user_info struct</div><div style="text-align: -webkit-auto;"> check_ntlm_password: Checking password for unmapped user [DOMAIN]\[<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>]@[server03] with the new password interface</div><div style="text-align: -webkit-auto;"> check_ntlm_password: mapped user is: [DOMAIN]\[<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>]@[server03]</div><div style="text-align: -webkit-auto;"> check_ntlm_password: winbind authentication for user [<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>] FAILED with error NT_STATUS_NO_SUCH_USER</div><div style="text-align: -webkit-auto;"> check_ntlm_password: Authentication for user [<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>] -> [<a href="mailto:james@DOMAIN.CORP">james@DOMAIN.CORP</a>] FAILED with error NT_STATUS_NO_SUCH_USER</div></span></div></div></div></body></html>