Hi

I'm having problems implementing a domain member server using winbind.

I've setup a test share on the server (BERTHOG) and test user (alex)
on the PDC (RODNEY).

Winbind seems to be running fine:

berthog:/srv$ wbinfo -n alex
S-1-5-21-2502943273-132007109-1129902423-3006 User (1)

But when I try to connect to the share:

berthog:/srv$ smbclient //BERTHOG/shared -U alex
Password:
session setup failed: NT_STATUS_LOGON_FAILURE

The machine log shows this:

[2006/04/05 20:14:36, 0] auth/pampass.c:smb_pam_account(573)
smb_pam_account: PAM: UNKNOWN PAM ERROR (9) during Account
Management for User
: STATEART+alex
[2006/04/05 20:14:36, 0] auth/pampass.c:smb_pam_accountcheck(781)
smb_pam_accountcheck: PAM: Account Validation Failed - Rejecting
User STATEART
+alex!


I don't believe any modifications have to be made to the PAM files to
get samba/winbind working?

Any advice would be gratefully recieved!


My smb.conf follows:


[global]

## Browsing/Identification ###

workgroup = stateart
netbios name = BERTHOG
server string = %h server (Samba %v)

wins support = no
wins server = 192.168.2.97
winbind use default domain = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template primary group = "Domain Users"
winbind separator = +

# This will prevent nmbd to search for NetBIOS names through DNS.
dns proxy = no

# What naming service and in what order should we use to resolve host
names
# to IP addresses
name resolve order = wins bcast hosts


#### Debugging/Accounting ####

log file = /var/log/samba/log.%m
max log size = 1000
; syslog only = no
syslog = 0

# Do something sensible when Samba crashes: mail the admin a backtrace
panic action = /usr/share/samba/panic-action %d


####### Authentication #######

security = domain
; security = share
password server = *
domain master = no

# You may wish to use password encryption. See the section on
# 'encrypt passwords' in the smb.conf(5) manpage before enabling.
encrypt passwords = true

# If you are using encrypted passwords, Samba will need to know what
# password database type you are using.
passdb backend = tdbsam guest

obey pam restrictions = yes

; guest account = nobody
invalid users = root
; unix password sync = no

load printers = no


######## File sharing ########

# Name mangling options
; preserve case = yes
; short preserve case = yes


############ Misc ############

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192


#======================= Share Definitions =======================

[shared]
path = /srv/TESTFS/shared
writeable = yes
valid users = alex
create mode = 0660
directory mode = 0770




--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba