[csw-users] Odd Samba/winbind issue
James Relph
james at themacplace.co.uk
Fri Jun 21 07:15:37 CEST 2013
Hi,
Apologies for cross posting, but I'm not sure if this is an Oi issue or a cswsamba issue. I've installed cswsamba (3.6.15) and cswsamba_winbind on an OI box (151a7). I've got it bound to AD fine, and winbind itself seems to be operating perfectly (I've actually got netatalk happily authenticating AD users via winbind). If I run wbinfo -u or getent passwd, I get the expected information back.
Oddly though Samba itself isn't authenticating users. If I try and login (with a few variations of DOMAIN\username or username at DOMAIN) it just kicks it back as an unknown user (see below). The only thing that I can think of is that the cswsamba is actually still calling the previously installed (but turned off) winbind that I installed with the original OI samba install. With that not running though I wouldn't have thought that would have happened (but if that could be it - how do I make sure that cswsamba uses cswsamba_winbind). I have symlinked the csw nss_winbind libraries into /lib, I just don't know if there's anything else that could cause this.
Thanks for any help.
James
Principal Consultant
Mapping user [DOMAIN]\[james] from workstation [server03]
attempting to make a user_info for james (james)
making strings for james's user_info struct
making blobs for james's user_info struct
check_ntlm_password: Checking password for unmapped user [DOMAIN]\[james]@[server03] with the new password interface
check_ntlm_password: mapped user is: [DOMAIN]\[james]@[server03]
Finding user DOMAIN\james
Trying _Get_Pwnam(), username as lowercase is DOMAIN\james
Trying _Get_Pwnam(), username as given is DOMAIN\james
Checking combinations of 0 uppercase letters in DOMAIN\james
Get_Pwnam_internals didn't find user [DOMAIN\james]!
Finding user james
Trying _Get_Pwnam(), username as lowercase is james
Checking combinations of 0 uppercase letters in james
Get_Pwnam_internals didn't find user [james]!
Failed to find authenticated user DOMAIN\james via getpwnam(), denying access.
check_ntlm_password: winbind authentication for user [james] FAILED with error NT_STATUS_NO_SUCH_USER
check_ntlm_password: Authentication for user [james] -> [james] FAILED with error NT_STATUS_NO_SUCH_USER
Got user=[james at DOMAIN.CORP] domain=[DOMAIN] workstation=[server03] len1=24 len2=124
Mapping user [DOMAIN]\[james at DOMAIN.CORP] from workstation [server03]
attempting to make a user_info for james at DOMAIN.CORP (james at DOMAIN.CORP)
making strings for james at DOMAIN.CORP's user_info struct
making blobs for james at DOMAIN.CORP's user_info struct
check_ntlm_password: Checking password for unmapped user [DOMAIN]\[james at DOMAIN.CORP]@[server03] with the new password interface
check_ntlm_password: mapped user is: [DOMAIN]\[james at DOMAIN.CORP]@[server03]
check_ntlm_password: winbind authentication for user [james at DOMAIN.CORP] FAILED with error NT_STATUS_NO_SUCH_USER
check_ntlm_password: Authentication for user [james at DOMAIN.CORP] -> [james at DOMAIN.CORP] FAILED with error NT_STATUS_NO_SUCH_USER
Got user=[james at DOMAIN.CORP] domain=[DOMAIN] workstation=[server03] len1=24 len2=124
Mapping user [DOMAIN]\[james at DOMAIN.CORP] from workstation [server03]
attempting to make a user_info for james at DOMAIN.CORP (james at DOMAIN.CORP)
making strings for james at DOMAIN.CORP's user_info struct
making blobs for james at DOMAIN.CORP's user_info struct
check_ntlm_password: Checking password for unmapped user [DOMAIN]\[james at DOMAIN.CORP]@[server03] with the new password interface
check_ntlm_password: mapped user is: [DOMAIN]\[james at DOMAIN.CORP]@[server03]
check_ntlm_password: winbind authentication for user [james at DOMAIN.CORP] FAILED with error NT_STATUS_NO_SUCH_USER
check_ntlm_password: Authentication for user [james at DOMAIN.CORP] -> [james at DOMAIN.CORP] FAILED with error NT_STATUS_NO_SUCH_USER
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opencsw.org/pipermail/users/attachments/20130621/0ec02866/attachment-0001.html>
More information about the users
mailing list