Oliver Neumann [New Identity AG]
2005-Aug-25 12:43 UTC
[Samba] Winbind error plaintext password against Windows 2000 Server AD
Hi all, I configured a linux box (Debian Sarge) with Winbind to authenticate against a windows 2000 server AD. After joining the Domain via net rpc join -U Administrator I can get all AD users and groups using wbinfo -u wbinfo -g getent passwd Everything seems to be really fine, but when I try to authenticate against the AD via wbinfo -a testuser%testpass I get: -x-x-x- plaintext password authentication failed error code was NT_STATUS_NO_SUCH_USER (0xc0000064) error messsage was: No such user Could not authenticate user testuser%testpass with plaintext password challenge/response password authentication succeeded -x-x-x- So authentication seems to work obviously (see bottom line), but what does the above messages mean? Additionally I cannot authenticate using pam_winbind.so e.g. for SSH Loggins, I suppose the error that causes both has the same reason. So here are the relevant parts of my /etc/samba/smb.conf: -x-x- workgroup = ... security = domain encrypt passwords = true winbind separator = + idmap uid = 10000-65535 idmap gid = 10000-65535 winbind enum users = yes winbind enum groups = yes -x-x- Winbind is up and running, the symlink mentioned in the Samba HOWTO (/lib/libnss_winbind.so --> /lib/libnss_winbind.so.2) is set up correctly and /lib/security/pam_winbind.so and /lib/libnss_winbind.so are in place. My /etc/nsswitch.conf is: -x-x- passwd: compat winbind group: compat winbind shadow: compat hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis -x-x- Any help is appreciated! I'm using version 3.0.14a of winbind (latest stable package of winbind daemon on debian sarge). Thanks, Oliver Neumann