Hi Jan, Yes, that's the one I had found, and I already have that link there. I don't think winbind worked at all until that was in place. It's samba that doesn't seem to be working with winbind properly.
James On 21 Jun 2013, at 09:00, Jan Holzhueter <[email protected]> wrote: > Hi, > ok I looked up the old bug about that: > https://www.opencsw.org/mantis/view.php?id=5020 > > acroding to this you need this: > ln -s /opt/csw/lib/libnss_winbind.so.1 /lib/nss_winbind.so.1 > > Greetings > Jan > > > Am 21.06.13 07:30, schrieb James Relph: >> Thanks for the speedy reply. I think I found where you'd already >> mentioned that online anyway, I've got: >> >> libnss_winbind.so -> /opt/csw/lib/libnss_winbind.so.1 >> nss_winbind.so.1 -> /opt/csw/lib/libnss_winbind.so.1 >> >> In /lib. Winbind itself seems to be working fine, I've got netatalk >> using that happily, it's the cswsamba version that won't seem to use >> winbind (it's either not using it properly, or it's using the wrong >> winbind somehow). Netatalk, using winbind, is fine. >> >> Best regards, >> >> James. >> >> >> On 21 Jun 2013, at 06:24, Jan Holzhueter <[email protected] >> <mailto:[email protected]>> wrote: >> >>> Hi, >>> if you use the auth via pam you must symlink the nss_winbind to a >>> special place. I'm not sure which one atm. Check the orginal OI samba >>> package that should put it in the right place. >>> We can't add this to our package as this would brake install on sparse >>> zones. >>> I wanted to write a short notice about it put did not have the time yet. >>> It might be that you even need to copy and not symlink the lib. Not sure >>> here. >>> >>> Greetings >>> Jan >>> >>> >>> >>> Am 21.06.13 07:15, schrieb James Relph: >>>> Hi, >>>> >>>> Apologies for cross posting, but I'm not sure if this is an Oi issue or >>>> a cswsamba issue. I've installed cswsamba (3.6.15) and cswsamba_winbind >>>> on an OI box (151a7). I've got it bound to AD fine, and winbind itself >>>> seems to be operating perfectly (I've actually got netatalk happily >>>> authenticating AD users via winbind). If I run wbinfo -u or getent >>>> passwd, I get the expected information back. >>>> >>>> Oddly though Samba itself isn't authenticating users. If I try and >>>> login (with a few variations of DOMAIN\username or username@DOMAIN) it >>>> just kicks it back as an unknown user (see below). The only thing that >>>> I can think of is that the cswsamba is actually still calling the >>>> previously installed (but turned off) winbind that I installed with the >>>> original OI samba install. With that not running though I wouldn't have >>>> thought that would have happened (but if that could be it - how do I >>>> make sure that cswsamba uses cswsamba_winbind). I have symlinked the >>>> csw nss_winbind libraries into /lib, I just don't know if there's >>>> anything else that could cause this. >>>> >>>> Thanks for any help. >>>> >>>> James >>>> >>>> Principal Consultant >>>> >>>> >>>> Mapping user [DOMAIN]\[james] from workstation [server03] >>>> attempting to make a user_info for james (james) >>>> making strings for james's user_info struct >>>> making blobs for james's user_info struct >>>> check_ntlm_password: Checking password for unmapped user >>>> [DOMAIN]\[james]@[server03] with the new password interface >>>> check_ntlm_password: mapped user is: [DOMAIN]\[james]@[server03] >>>> Finding user DOMAIN\james >>>> Trying _Get_Pwnam(), username as lowercase is DOMAIN\james >>>> Trying _Get_Pwnam(), username as given is DOMAIN\james >>>> Checking combinations of 0 uppercase letters in DOMAIN\james >>>> Get_Pwnam_internals didn't find user [DOMAIN\james]! >>>> Finding user james >>>> Trying _Get_Pwnam(), username as lowercase is james >>>> Checking combinations of 0 uppercase letters in james >>>> Get_Pwnam_internals didn't find user [james]! >>>> Failed to find authenticated user DOMAIN\james via getpwnam(), denying >>>> access. >>>> check_ntlm_password: winbind authentication for user [james] FAILED >>>> with error NT_STATUS_NO_SUCH_USER >>>> check_ntlm_password: Authentication for user [james] -> [james] >>>> FAILED with error NT_STATUS_NO_SUCH_USER >>>> Got user=[[email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>] >>>> domain=[DOMAIN] workstation=[server03] len1=24 len2=124 >>>> Mapping user [DOMAIN]\[[email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>] >>>> from workstation [server03] >>>> attempting to make a user_info for [email protected] >>>> <mailto:[email protected]> >>>> <mailto:[email protected]> ([email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>) >>>> making strings for [email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>'s >>>> user_info struct >>>> making blobs for [email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>'s >>>> user_info struct >>>> check_ntlm_password: Checking password for unmapped user >>>> [DOMAIN]\[[email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>]@[server03] with >>>> the new password interface >>>> check_ntlm_password: mapped user is: [DOMAIN]\[[email protected] >>>> <mailto:[email protected]> >>>> <mailto:[email protected]>]@[server03] >>>> check_ntlm_password: winbind authentication for user >>>> [[email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>] FAILED with error >>>> NT_STATUS_NO_SUCH_USER >>>> check_ntlm_password: Authentication for user [[email protected] >>>> <mailto:[email protected]> >>>> <mailto:[email protected]>] -> [[email protected] >>>> <mailto:[email protected]> >>>> <mailto:[email protected]>] FAILED with error NT_STATUS_NO_SUCH_USER >>>> Got user=[[email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>] >>>> domain=[DOMAIN] workstation=[server03] len1=24 len2=124 >>>> Mapping user [DOMAIN]\[[email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>] >>>> from workstation [server03] >>>> attempting to make a user_info for [email protected] >>>> <mailto:[email protected]> >>>> <mailto:[email protected]> ([email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>) >>>> making strings for [email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>'s >>>> user_info struct >>>> making blobs for [email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>'s >>>> user_info struct >>>> check_ntlm_password: Checking password for unmapped user >>>> [DOMAIN]\[[email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>]@[server03] with >>>> the new password interface >>>> check_ntlm_password: mapped user is: [DOMAIN]\[[email protected] >>>> <mailto:[email protected]> >>>> <mailto:[email protected]>]@[server03] >>>> check_ntlm_password: winbind authentication for user >>>> [[email protected] >>>> <mailto:[email protected]> <mailto:[email protected]>] FAILED with error >>>> NT_STATUS_NO_SUCH_USER >>>> check_ntlm_password: Authentication for user [[email protected] >>>> <mailto:[email protected]> >>>> <mailto:[email protected]>] -> [[email protected] >>>> <mailto:[email protected]> >>>> <mailto:[email protected]>] FAILED with error NT_STATUS_NO_SUCH_USER >>>> >>>> >>>> _______________________________________________ >>>> users mailing list >>>> [email protected] <mailto:[email protected]> >>>> https://lists.opencsw.org/mailman/listinfo/users >>>> >>> >>> _______________________________________________ >>> users mailing list >>> [email protected] <mailto:[email protected]> >>> https://lists.opencsw.org/mailman/listinfo/users >> > > _______________________________________________ > users mailing list > [email protected] > https://lists.opencsw.org/mailman/listinfo/users
_______________________________________________ users mailing list [email protected] https://lists.opencsw.org/mailman/listinfo/users
