Daniel Müller <mueller <at> tropenklinik.de> writes: > > You system was trying to authenticate with winbind!? > Did Winbind run is your smb.conf configuration to interact with winbind? > > ----------------------------------------------- > EDV Daniel Müller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 Tübingen > > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: mueller <at> tropenklinik.de > Internet: www.tropenklinik.de > ----------------------------------------------- > > -----Ursprüngliche Nachricht----- > Von: samba-bounces <at> lists.samba.org [mailto:samba-bounces <at> lists.samba.org] Im > Auftrag von Alfanoid > Gesendet: Dienstag, 15. März 2011 01:39 > An: samba <at> lists.samba.org > Betreff: [Samba] Upgraded to 3.5.8 local users unable to log in AD users can > > Hi all, > > Upgraded Samba on RHEL5 from 3.0.33 to 3.5.8 from an rpm. Have an issue > where AD > users can connect to the linux box but local unix accounts cannot. > > We are using PAM not kerberos. > > After much looking and trail and error. I commented out this line in the > /etc/pam.d/system-auth file and it works. Why??? > > account required pam_unix.so broken_shadow > account sufficient pam_succeed_if.so uid < 500 quiet > #account [default=bad success=ok user_unknown=ignore] pam_winbind.so > account required pam_permit.so > > I'm not really ofay with how the whole authentication works. > > Thanks!! >
Yes to all of the above. Upgraded from a working Samba 3.0.33-3.28.el5. Here is the pertinent smb.conf section workgroup = STANWELL password server = dc2dc01.stanwell.com dc1dc01.stanwell.com realm = STANWELL.COM security = ads idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/bash winbind use default domain = true winbind offline logon = false -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
