On 03/15/2011 05:32 PM, Alfanoid wrote: > Daniel Müller <mueller <at> tropenklinik.de> writes: > >> You system was trying to authenticate with winbind!? >> Did Winbind run is your smb.conf configuration to interact with winbind? >> >> ----------------------------------------------- >> EDV Daniel Müller >> >> Leitung EDV >> Tropenklinik Paul-Lechler-Krankenhaus >> Paul-Lechler-Str. 24 >> 72076 Tübingen >> >> Tel.: 07071/206-463, Fax: 07071/206-499 >> eMail: mueller <at> tropenklinik.de >> Internet: www.tropenklinik.de >> ----------------------------------------------- >> >> -----Ursprüngliche Nachricht----- >> Von: samba-bounces <at> lists.samba.org [mailto:samba-bounces <at> > lists.samba.org] Im >> Auftrag von Alfanoid >> Gesendet: Dienstag, 15. März 2011 01:39 >> An: samba <at> lists.samba.org >> Betreff: [Samba] Upgraded to 3.5.8 local users unable to log in AD users can >> >> Hi all, >> >> Upgraded Samba on RHEL5 from 3.0.33 to 3.5.8 from an rpm. Have an issue >> where AD >> users can connect to the linux box but local unix accounts cannot. >> >> We are using PAM not kerberos. >> >> After much looking and trail and error. I commented out this line in the >> /etc/pam.d/system-auth file and it works. Why??? >> >> account required pam_unix.so broken_shadow >> account sufficient pam_succeed_if.so uid < 500 quiet >> #account [default=bad success=ok user_unknown=ignore] pam_winbind.so >> account required pam_permit.so >> >> I'm not really ofay with how the whole authentication works. >> >> Thanks!! >> > Yes to all of the above. > > Upgraded from a working Samba 3.0.33-3.28.el5. > > Here is the pertinent smb.conf section > > workgroup = STANWELL > password server = dc2dc01.stanwell.com dc1dc01.stanwell.com > realm = STANWELL.COM > security = ads > idmap uid = 16777216-33554431 > idmap gid = 16777216-33554431 > template shell = /bin/bash > winbind use default domain = true > winbind offline logon = false > > >
Change these to: winbind use default domain = Yes winbind offline logon = No Some of the syntax changed between 3.0 and 3.5. See /usr/share/doc/samba3/examples/smb.conf.SerNet-RedHat if use SerNet packages or http://wiki.samba.org/index.php/Samba_&_Active_Directory . Jonn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
