Hello folks,
I recently had a big boo-boo... had to totally wipe and reinstall my F14 laptop. I had gotten winbind working great on it.
I decided to install F16 x64. It's working along pretty well, but winbind is not working. The problem is, I can join the computer to the domain, I can get a list of users with wbinfo -u, I can get a ticket with kinit, and I can authenticate my domain account, but I cannot actually login to my computer.
wbinfo -u
works
wbinfo -g
works
wbinfo -i
user fails
getent passwd and getent group only show local info
Attempting to su to domain user account says "user does not exist". Attempting to login to domain user account on console says "login incorrect". The following appears in the logs:
/var/log/secure:
Code:
Mar 1 09:24:36 mylaptop login: pam_unix(login:auth): check pass; user unknown
Mar 1 09:24:36 mylaptop login: pam_unix(login:auth): authentication failure; logname=LOGIN uid=0 euid=0 tty=tty3 ruser= rhost=
Mar 1 09:24:38 mylaptop login: FAILED LOGIN 1 FROM (null) FOR myid, User not known to the underlying authentication module
/var/log/samba/log.winbindd:
Code:
[2012/03/01 09:24:34.160829, 3] winbindd/winbindd_misc.c:384(winbindd_interface_version)
[ 9126]: request interface version
[2012/03/01 09:24:34.160973, 3] winbindd/winbindd_misc.c:417(winbindd_priv_pipe_dir)
[ 9126]: request location of privileged pipe
[2012/03/01 09:24:34.161201, 3] winbindd/winbindd_getpwnam.c:56(winbindd_getpwnam_send)
getpwnam myid
[2012/03/01 09:24:34.161906, 3] winbindd/winbindd_getpwnam.c:56(winbindd_getpwnam_send)
getpwnam myid
[2012/03/01 09:24:36.198043, 3] winbindd/winbindd_getpwnam.c:56(winbindd_getpwnam_send)
getpwnam myid
[2012/03/01 09:24:36.199493, 3] winbindd/winbindd_getpwnam.c:56(winbindd_getpwnam_send)
getpwnam myid
[2012/03/01 09:24:38.344314, 3] winbindd/winbindd_getpwnam.c:56(winbindd_getpwnam_send)
getpwnam myid
I am running SELINUX, and I did add the recommended module to allow winbind access to port 389:
Code:
require {
type ldap_port_t;
type smbd_t;
class tcp_socket name_connect;
}
allow smbd_t ldap_port_t:tcp_socket name_connect;
However, even if I set SELINUX to Permissive, I still can't login with the domain account.
This is my configuration:
Fedora release 16 (Verne)
Linux 3.1.0-7.fc16.x86_64 #1 SMP Tue Nov 1 21:10:48 UTC 2011
samba-winbind-clients-3.6.3-78.fc16.x86_64
samba-common-3.6.3-78.fc16.x86_64
samba-client-3.6.3-78.fc16.x86_64
samba-winbind-3.6.3-78.fc16.x86_64
samba-3.6.3-78.fc16.x86_64
/etc/samba/smb.conf
Code:
[global]
workgroup = TAHQDOM1
realm = TA.COM
server string = Samba Server Version %v
security = ADS
allow trusted domains = No
log file = /var/log/samba/log.%m
max log size = 50
template shell = /bin/bash
template homedir = /home/%D/%U
winbind use default domain = Yes
winbind offline logon = Yes
winbind normalize names = Yes
winbind enum users = Yes
winbind enum groups = Yes
idmap config TAHQDOM1 : backend = rid
idmap config TAHQDOM1 : range = 16777216-33554431
idmap config * : backend = tdb
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
print ok = Yes
browseable = No
Does anyone have an idea what might be wrong? I cannot find any solution for this.
Thanks!
Samba 3.6 winbind not working on F16 x64
Linear Mode
