Somehow I can't figure out what's going wrong. I have a Samba server
running as PDC. Workstations can join the domain and users can logon. So
far so good. I need winbind to be able to authorize a radius server to
the PDC. This I cannot achieve. If someone got give me a clue, I spend
already quiet some time Google the net :(
Thanks,
Mark
# wibinfo -u
root
markr
# wbinfo -a markr%zzzzzzzz
plaintext password authentication failed
Could not authenticate user markr%zzzzzzzz with plaintext password
challenge/response password authentication failed
error code was NT_STATUS_INVALID_HANDLE (0xc0000008)
error messsage was: Invalid handle
Could not authenticate user markr with challenge/response
Winbind log shows:
[13916]: request interface version
[13916]: request location of privileged pipe
[13916]: pam auth markr
[13753]: dual pam auth markr
could not open handle to NETLOGON pipe
Plain-text authentication for user markr returned
NT_STATUS_INVALID_HANDLE (PAM: 4)
[13916]: request interface version
[13916]: request misc info
[13916]: request netbios name
[13916]: request domain name
[13916]: domain_info [APPEL]
[13916]: pam auth crap domain: [APPEL] user: markr
[13753]: pam auth crap domain: APPEL user: markr
could not open handle to NETLOGON pipe (error: NT_STATUS_INVALID_HANDLE)
NTLM CRAP authentication for user [APPEL]\[markr] returned
NT_STATUS_INVALID_HANDLE (PAM: 4)
# net rpc join -U Administrator
Enter Administrator's password:
Could not connect to server SANTANA
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE
# cat /etc/samba/smbusers
root = administrator admin
# net rpc join -U root
Enter root's password:
Joined domain APPEL.
# net rpc join -S PDC
Unable to find a suitable server for domain APPEL
Unable to find a suitable server for domain APPEL
This is smb.conf:
[global]
workgroup = APPEL
server string = Samba
interfaces = 127.0.0.1, eth0
bind interfaces only = Yes
time server = Yes
printcap name = cups
add machine script = /usr/sbin/useradd -d /var/lib/nobody -g machines
-s /bin/false -M -l %u
logon script = startup.cmd
logon path =
logon drive = h:
domain logons = Yes
os level = 33
preferred master = Auto
domain master = Yes
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
read only = No
[homes]
read only = No
[Temp]
...
--
Oudenhof 14b, 4191 NW Geldermalsen, The Netherlands
Web site and travel directions: www.in2sports.net
Phone +31.88.0084102 :: Mobile +31.6.51298623
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
