Philippe Dhont (Sea-ro)
2005-Oct-17 13:54 UTC
:Re: [Samba] Unknown PAM failiure in WIN2003/ Active Directory + samba
Huh....2.6.16.4....i mean! :) In smb.conf, i removed obey pam restrictions and now it works... What does "obey pam restrictions" do ? Cheers, Phil. - Hash: SHA1 Philippe Dhont (Sea-ro) escreveu:> Hello, > I have an existing windows 2003 network and now try to add a new linux> server with samba/kerberos support for unified logon authentication. > Normally, everything is installed & this is the configuration:> - Debian with 2.6.16.4 kernelAre you sure about this kernel version? :-) [...]> In my /etc/pam.d/samba file i have: > @include common-auth > @include common-account > @include common-session > auth required /lib/security/pam_winbind.so > account required /lib/security/pam_winbind.soI'm not sure, but I believe you should put auth options together, same for account, AFAIK, pam check the options line by line, after the auth area ends, there is no chance to "another auth area", you should put auth parameters all together, like this: @include common-auth auth required /lib/security/pam_winbind.so @include common-account account required /lib/security/pam_winbind.so [...]> In my loggings i get after trying:[...]> In the new added logfile from the windows pc i tried to connect:> [2005/10/17 11:26:59, 0] auth/pampass.c:smb_pam_account(573) > smb_pam_account: PAM: UNKNOWN PAM ERROR (9) during Account > Management for User: TEST\phil > [2005/10/17 11:26:59, 0] auth/pampass.c:smb_pam_accountcheck(781) > smb_pam_accountcheck: PAM: Account Validation Failed - Rejecting > User TEST\phil![...] Yep, looks like pam stack problem. :-)> On the windowsXP pc, i am logged in as phil and when i connect and i > get a logon, i tried TEST\Administrator I don't find alot of good > information about this error, but i hope that someone can help me out.Hope it helps, cheers,
Possibly Parallel Threads
- :Re: Unknown PAM failiure in WIN2003/ Active Directory + samba
- Unknown PAM failiure in WIN2003/ Active Directory + samba
- Samba as domain member server cannot authenticate users
- Authentication problem with samba 3.3.4 on AIX 5.3
- ADS Domain Member Server + PAM problem