Winbind has been working great for domain logons (have to restart it every few weeks, but other than that, works great!), but today I noticed I couldn't log in as a local user. For instance, if my local user was test, and I tried to log in, I'd get this in /var/log/messages:
Aug 22 12:14:00 mgprisvr pam_winbind[8346]: request failed, but PAM error 0! Aug 22 12:14:00 mgprisvr pam_winbind[8346]: internal module error (retval = 3, user = `test') There were no errors in the winbind.log file. In my /etc/pam.d/system-auth, I found this line: account [default=bad success=ok user_unknown=ignore] pam_winbind.so I Googled that line (and parts of it) but had no luck figuring out what it was doing. I changed it to: account sufficient pam_winbind.so and now I can log in with local accounts, as well as domain (winbind) accounts. I have two questions: A) Is this some kind of bug with winbind, or did some other tool mis-configure my system-auth file with this line? B) What does the [default=bad success=ok user_unknown=ignore] line do, and does it matter that I removed it? Thanks! Nolan Garrett
signature.asc
Description: OpenPGP digital signature
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
