samba - Mar 2009 - trouble with winbind on Centos 5.2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

currently I'm testing samba authenticating against ADS. Samba is joined
to that domain, getent passwd and wbinfo -u works as expected, but when
I try to ssh to the samba server with an account in AD it failes.
I've turned debug on for pam_winbind.so in /etc/pam.d/system-auth. When
I try to connect I get the following in /var/log/secure

Mar 21 16:10:35 samba-ads sshd[20542]: PAM unable to
dlopen(/lib64/security/pam_winbind.so)
Mar 21 16:10:35 samba-ads sshd[20542]: PAM [error:
/lib64/security/pam_winbind.so: undefined symbol: talloc_asprintf]
Mar 21 16:10:35 samba-ads sshd[20542]: PAM adding faulty module:
/lib64/security/pam_winbind.so
Mar 21 16:10:37 samba-ads sshd[20542]: pam_unix(sshd:auth):
authentication failure; logname= uid=0 euid=0 tty=ssh ruserrhost=mgr2.nic.isb.d
e.renzel.net  user=mgr1
Mar 21 16:10:39 samba-ads sshd[20542]: Failed password for mgr1 from
10.2.0.5 port 55762 ssh2

I've installed the recent sernet-samba (samba3-3.3.2-38 ff) packages
from repo.
User's homedir is created manually with the right UID:GID from getent
passwd, changing 'winbind use default domain' doesn't change
anything.

Cheers

Matthias
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAknFCFYACgkQf3LySRiTg2xl0wCgjVTF3cgfEt5bGA2cuPZh0/p6
3vQAnR/1h58J0SkhJ3x1cNLVg/xLpSof
=4iIR
-----END PGP SIGNATURE-----

I'm might be wrong but it looks like the rpm binary you have is not
compatible. I built my own from source easily enough. Grab the tarball from
samba.org and extract:

samba-3.3.2/packaging/RHEL
./makerpms.sh

You'll obviously need compiler, rpm-build package and any dependencies the
rpm build process complains about.

2009/3/21 Matthias Grimm <eisofen@eisofen.de>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello,
>
> currently I'm testing samba authenticating against ADS. Samba is joined
> to that domain, getent passwd and wbinfo -u works as expected, but when
> I try to ssh to the samba server with an account in AD it failes.
> I've turned debug on for pam_winbind.so in /etc/pam.d/system-auth. When
> I try to connect I get the following in /var/log/secure
>
> Mar 21 16:10:35 samba-ads sshd[20542]: PAM unable to
> dlopen(/lib64/security/pam_winbind.so)
> Mar 21 16:10:35 samba-ads sshd[20542]: PAM [error:
> /lib64/security/pam_winbind.so: undefined symbol: talloc_asprintf]
> Mar 21 16:10:35 samba-ads sshd[20542]: PAM adding faulty module:
> /lib64/security/pam_winbind.so
> Mar 21 16:10:37 samba-ads sshd[20542]: pam_unix(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser>
rhost=mgr2.nic.isb.d
> e.renzel.net  user=mgr1
> Mar 21 16:10:39 samba-ads sshd[20542]: Failed password for mgr1 from
> 10.2.0.5 port 55762 ssh2
>
> I've installed the recent sernet-samba (samba3-3.3.2-38 ff) packages
> from repo.
> User's homedir is created manually with the right UID:GID from getent
> passwd, changing 'winbind use default domain' doesn't change
anything.
>
> Cheers
>
> Matthias
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAknFCFYACgkQf3LySRiTg2xl0wCgjVTF3cgfEt5bGA2cuPZh0/p6
> 3vQAnR/1h58J0SkhJ3x1cNLVg/xLpSof
> =4iIR
> -----END PGP SIGNATURE-----
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

Matthias Grimm wrote:

rebuilding the RPMS made it. Dunno where the difference between their 
buildhost and my fresh installed CentOS is or if it's build on CentOS 5.2..

Cheers

Matthias
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hello,
> 
> currently I'm testing samba authenticating against ADS. Samba is joined
> to that domain, getent passwd and wbinfo -u works as expected, but when
> I try to ssh to the samba server with an account in AD it failes.
> I've turned debug on for pam_winbind.so in /etc/pam.d/system-auth. When
> I try to connect I get the following in /var/log/secure
> 
> Mar 21 16:10:35 samba-ads sshd[20542]: PAM unable to
> dlopen(/lib64/security/pam_winbind.so)
> Mar 21 16:10:35 samba-ads sshd[20542]: PAM [error:
> /lib64/security/pam_winbind.so: undefined symbol: talloc_asprintf]
> Mar 21 16:10:35 samba-ads sshd[20542]: PAM adding faulty module:
> /lib64/security/pam_winbind.so
> Mar 21 16:10:37 samba-ads sshd[20542]: pam_unix(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser>
rhost=mgr2.nic.isb.d
> e.renzel.net  user=mgr1
> Mar 21 16:10:39 samba-ads sshd[20542]: Failed password for mgr1 from
> 10.2.0.5 port 55762 ssh2
> 
> I've installed the recent sernet-samba (samba3-3.3.2-38 ff) packages
> from repo.
> User's homedir is created manually with the right UID:GID from getent
> passwd, changing 'winbind use default domain' doesn't change
anything.
> 
> Cheers
> 
> Matthias
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> 
> iEYEARECAAYFAknFCFYACgkQf3LySRiTg2xl0wCgjVTF3cgfEt5bGA2cuPZh0/p6
> 3vQAnR/1h58J0SkhJ3x1cNLVg/xLpSof
> =4iIR
> -----END PGP SIGNATURE-----
> 
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3646 bytes
Desc: S/MIME Cryptographic Signature
Url :
http://lists.samba.org/archive/samba/attachments/20090323/8c5e5b12/smime.bin