I stopped Samba, rm -rf /var/lib/samba/*tdb, edited the config file (winbind use default domain = yes), started Samba. The situation is the same - "DOMAIN+john" can login, "john" cannot. "getend passwod" and "getent group" show Windows accounts with the domain portion, I don't get it - there is very little to configure until the "getent" step... Is it possible that I misconfigured something else?
[EMAIL PROTECTED] pam.d]# getent passwd | grep john DOMAIN+john:x:10004:10000:john:/home/winnt/DOMAIN/john:/bin/bash [EMAIL PROTECTED] pam.d]# wbinfo -u DOMAIN+Administrator DOMAIN+Guest DOMAIN+john ... Jan 1 23:52:50 redhat9 login(pam_unix)[30046]: check pass; user unknown Jan 1 23:52:50 redhat9 login(pam_unix)[30046]: authentication failure; logname= uid=0 euid=0 tty=tty1 ruser= rhost= Jan 1 23:52:59 redhat9 pam_winbind[30046]: request failed: Unexpected information received, PAM error was 4, NT error was NT_STATUS_INVALID_PARAMETER Jan 1 23:52:59 redhat9 pam_winbind[30046]: internal module error (retval = 4, user = `john' Jan 1 23:52:59 redhat9 login(pam_unix)[30046]: check pass; user unknown Jan 1 23:53:01 redhat9 login[30046]: FAILED LOGIN 1 FROM (null) FOR john, Authentication failure Jan 1 23:53:07 redhat9 pam_winbind[30046]: user 'DOMAIN+john' granted acces Jan 1 23:53:07 redhat9 pam_winbind[30046]: user 'DOMAIN+john' granted acces Jan 1 23:53:07 redhat9 login(pam_unix)[30046]: session opened for user DOMAIN+john by (uid=0) Jan 1 23:53:07 redhat9 -- DOMAIN+john[30046]: LOGIN ON tty1 BY DOMAIN+john Thanks & Happy New Year Sean On Wed, 31 Dec 2003 15:49:09 +0000 (GMT) John H Terpstra <[EMAIL PROTECTED]> wrote: > On Wed, 31 Dec 2003, Sean Lee wrote: > > > Hello, > > > > I'm using RH9 with latest Samba 3.0.x-x > > > > I configured winbind as per > > http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection.html#id2935561 > > I use the default smb.conf with following (from URL above) added to its > > global section: > > > > winbind separator = + > > idmap uid = 10000-20000 > > idmap gid = 10000-20000 > > winbind enum users = yes > > winbind enum groups = yes > > use nss_winbind = yes > > template homedir = /home/winnt/%D/%U > > template shell = /bin/bash > > Add: > > winbind use default domain = Yes > > > > > I cannot login using Active Directory's "username"; instead I must use > > login "DOMAIN+username" at login prompt as recommended at > > http://lists.samba.org/archive/samba/2002-June/045313.html, otherwise I > > get the same error as mentioned at this URL. > > > > Why is that? I want to auth SMTP users via winbind so I want to be able > > to use "user" instead of "DOMAIN+user". > > If the above change does not work for you let me know. > > PS: For this to work you must: > 1. Make the change shown > 2. Stop Samba > 3. Delete your existing /var/lib/samba/*tdb files > (could be in /var/cache/samba/*tdb or > /usr/local/samba/var/(tdb) > 4. Restart Samba > > Make certain that: getent passwd > shows your accounts without the Domain name portion. > > - John T. > -- > John H Terpstra > Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
