ignore this .. I was restricting group access via the 'auth' section instead of the 'session' section thus causing the account to try and authenticate 4 times as I am restricting access to 4 groups, doh!
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Glenn Bailey Sent: Wednesday, May 14, 2008 4:02 PM To: [email protected] Subject: [Samba] windbind locks out domain account Howdy folks, I'm having a weird issue here. I have winbind running on several other servers on our domain, and they are working fine. From what I can tell the configuration is identical, as I custom rolled my own RPM that set's all the config parameters. What's happening is when I try to ssh to this one specific server, it seems looking at the logs it's trying to continuously authenticate off the domain with the wrong password and then locks the account out. Here's some info from the logs (names changed of course): May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' OK May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): request failed: Wrong Password, PAM error was Authentication failure (7), NT error was NT_STATUS_WRONG_PASSWORD May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' denied access (incorrect password or invalid membership) May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' OK May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): request failed: Wrong Password, PAM error was Authentication failure (7), NT error was NT_STATUS_WRONG_PASSWORD May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' denied access (incorrect password or invalid membership) May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' OK May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): request failed: Wrong Password, PAM error was Authentication failure (7), NT error was NT_STATUS_WRONG_PASSWORD May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' denied access (incorrect password or invalid membership) May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): user 'DOMAIN+user' OK May 14 16:38:52 SERVER sshd[24479]: pam_winbind(sshd): request failed: Account locked out, PAM error was Have exhasted maximum number of retries for service. (11), NT error was NT_STATUS_ACCOUNT_LOCKED_OUT Anyone seen anything like this before? I just type in my password once, and whammmo, account locked out! ;-) Glenn E. Bailey III terremark worldwide -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
