Try stopping all the related services: smbd, nmbd, winbindd then wait a minute and restart them. Try your getent passwd and see where you stand.
Tim On Wed, 2003-12-31 at 23:07, Sean Lee wrote: > I stopped Samba, rm -rf /var/lib/samba/*tdb, edited the config file > (winbind use default domain = yes), started Samba. > The situation is the same - "DOMAIN+john" can login, "john" cannot. > "getend passwod" and "getent group" show Windows accounts with the > domain portion, I don't get it - there is very little to configure until > the "getent" step... Is it possible that I misconfigured something else? > > [EMAIL PROTECTED] pam.d]# getent passwd | grep john > DOMAIN+john:x:10004:10000:john:/home/winnt/DOMAIN/john:/bin/bash > [EMAIL PROTECTED] pam.d]# wbinfo -u > DOMAIN+Administrator > DOMAIN+Guest > DOMAIN+john > ... > > Jan 1 23:52:50 redhat9 login(pam_unix)[30046]: check pass; user unknown > Jan 1 23:52:50 redhat9 login(pam_unix)[30046]: authentication failure; logname= > uid=0 euid=0 tty=tty1 ruser= rhost= > Jan 1 23:52:59 redhat9 pam_winbind[30046]: request failed: Unexpected information > received, PAM error was 4, NT error was NT_STATUS_INVALID_PARAMETER > Jan 1 23:52:59 redhat9 pam_winbind[30046]: internal module error (retval = 4, user > = `john' > Jan 1 23:52:59 redhat9 login(pam_unix)[30046]: check pass; user unknown > Jan 1 23:53:01 redhat9 login[30046]: FAILED LOGIN 1 FROM (null) FOR john, > Authentication failure > Jan 1 23:53:07 redhat9 pam_winbind[30046]: user 'DOMAIN+john' granted acces > Jan 1 23:53:07 redhat9 pam_winbind[30046]: user 'DOMAIN+john' granted acces > Jan 1 23:53:07 redhat9 login(pam_unix)[30046]: session opened for user DOMAIN+john > by (uid=0) > Jan 1 23:53:07 redhat9 -- DOMAIN+john[30046]: LOGIN ON tty1 BY DOMAIN+john > > Thanks & Happy New Year > Sean > > > On Wed, 31 Dec 2003 15:49:09 +0000 (GMT) > John H Terpstra <[EMAIL PROTECTED]> wrote: > > > On Wed, 31 Dec 2003, Sean Lee wrote: > > > > > Hello, > > > > > > I'm using RH9 with latest Samba 3.0.x-x > > > > > > I configured winbind as per > > > http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection.html#id2935561 > > > I use the default smb.conf with following (from URL above) added to its > > > global section: > > > > > > winbind separator = + > > > idmap uid = 10000-20000 > > > idmap gid = 10000-20000 > > > winbind enum users = yes > > > winbind enum groups = yes > > > use nss_winbind = yes > > > template homedir = /home/winnt/%D/%U > > > template shell = /bin/bash > > > > Add: > > > > winbind use default domain = Yes > > > > > > > > I cannot login using Active Directory's "username"; instead I must use > > > login "DOMAIN+username" at login prompt as recommended at > > > http://lists.samba.org/archive/samba/2002-June/045313.html, otherwise I > > > get the same error as mentioned at this URL. > > > > > > Why is that? I want to auth SMTP users via winbind so I want to be able > > > to use "user" instead of "DOMAIN+user". > > > > If the above change does not work for you let me know. > > > > PS: For this to work you must: > > 1. Make the change shown > > 2. Stop Samba > > 3. Delete your existing /var/lib/samba/*tdb files > > (could be in /var/cache/samba/*tdb or > > /usr/local/samba/var/(tdb) > > 4. Restart Samba > > > > Make certain that: getent passwd > > shows your accounts without the Domain name portion. > > > > - John T. > > -- > > John H Terpstra > > Email: [EMAIL PROTECTED] > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
