Alex Laslavic (Lenox)
2006-Jan-26 18:24 UTC
[Samba] winbind authentication fails with STATUS_BUFFER_OVERFLOW
Using samba-3.0.10-1.4E.2 as supplied by RedHat Enterprise 4. Using
security=ADS mode, and using winbind and pam_winbind to authenticate.
I was able to sucessfully join the domain, and can enumerate users and
groups.
Whenever I try to authenticate, it always fails with the status
STATUS_BUFFER_OVERFLOW.
-------------------pieces of Winbind Logs---------------
[2006/01/26 13:08:55, 5] rpc_parse/parse_prs.c:prs_ntstatus(672)
0024 status: STATUS_BUFFER_OVERFLOW
[2006/01/26 13:08:55, 3]
rpc_client/cli_netlogon.c:cli_nt_setup_creds(290)
cli_nt_setup_creds: auth2 challenge failed STATUS_BUFFER_OVERFLOW
[2006/01/26 13:08:55, 3] nsswitch/winbindd_pam.c:winbindd_pam_auth(289)
could not open handle to NETLOGON pipe
[2006/01/26 13:08:55, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth(361)
Plain-text authentication for user alaslavic returned
STATUS_BUFFER_OVERFLOW (PAM: 4)
[2006/01/26 13:08:55, 5] nsswitch/winbindd.c:winbind_client_read(477)
read failed on sock 23, pid 11620: EOF
[2006/01/26 13:08:55, 3] nsswitch/winbindd_user.c:winbindd_getpwnam(126)
[11620]: getpwnam alaslavic
[2006/01/26 13:08:55, 3] lib/charcnv.c:convert_string_allocate(567)
convert_string_allocate: Conversion error: Incomplete multibyte
sequence(?V?*U)
[2006/01/26 13:08:55, 3] lib/charcnv.c:convert_string_allocate(576)
convert_string_allocate: Conversion error: Illegal multibyte
sequence(?*U)
[2006/01/26 13:08:59, 5] nsswitch/winbindd.c:winbind_client_read(477)
read failed on sock 20, pid 11620: EOF
[2006/01/26 13:09:11, 5] lib/smbldap.c:smbldap_close(929)
The connection to the LDAP server was closed
[2006/01/26 13:09:11, 5] sam/idmap_ldap.c:ldap_idmap_close(765)
The connection to the LDAP server was closed
[2006/01/26 13:09:11, 5] nsswitch/winbindd.c:winbind_client_read(477)
read failed on sock 10, pid 11586: EOF
---------------smb.conf--------------------
# Globals
[global]
workgroup = WORLDTRAVEL
netbios name = usgalnx1tuxmgmt01
realm = WORLDTRAVEL.LOCAL
server string = Linux Management Server
security = ADS
log level = 7
ldap admin dn = cn=xxxx,dc=worldtravel,dc=local
ldap idmap suffix = ou=Idmap
ldap suffix = dc=worldtravel,dc=local
idmap backend = ldap:ldap://usgalnx1tuxmgmt01.worldtravel.local
idmap uid = 100000-900000
idmap gid = 100000-900000
template shell = /bin/bash
winbind use default domain = Yes
winbind nested groups = Yes
use spnego = yes
socket options = TCP_NODELAY SO_RCVBUF=16384
include = /etc/samba/smb.include
--
***********************************
* Alex Laslavic
* Linux Engineer
* WorldTravel BTI
* x49511
* gpg/pgp key at
* http://keys.jumpbox.net
***********************************
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20060126/0cc6d3a4/attachment.bin
Possibly Parallel Threads
- winbindd problem - STATUS_BUFFER_OVERFLOW (0x80000005)
- STATUS_BUFFER_OVERFLOW
- One of the SOLUTIONS for winbind authenication failures with STATUS_BUFFER_OVERFLOW
- Winbind 3.2.3 error with trusted domains
- Using idmap_rid backend, cannot browse home directory from XP
Wisdom of the Ancients
