hi'
Ive followed the
steps from http://weblog.bignerdranch.com/?p=6&page=2 and
http://forums.fedoraforum.org/showthread.php?t=92804
I'm trying to login
as a domain user in x (gdm)
If a boot the pc and
try to login i get the following error in /var/log/messages:
Jan
9 13:10:35 zgltsp03 gdm(pam_unix)[2812]: check pass; user unknown
Jan 9 13:10:35 zgltsp03 gdm(pam_unix)[2812]: authentication failure; logname= u
id=0 euid=0 tty=ws001.domain.lan:0 ruser= rhost=ws001.domain.lan
Jan 9 13:10:35 zgltsp03 pam_winbind[2812]: user 'domain+daniel' granted access
Jan 9 13:10:35 zgltsp03 gdm(pam_unix)[2812]: could not identify user (from getpwnam(domain+daniel))
Jan 9 13:10:35 zgltsp03 gdm-binary[2812]: Couldn't set acct. mgmt for domain+daniel
Jan 9 13:10:35 zgltsp03 gdm(pam_unix)[2812]: authentication failure; logname= u
id=0 euid=0 tty=ws001.domain.lan:0 ruser= rhost=ws001.domain.lan
Jan 9 13:10:35 zgltsp03 pam_winbind[2812]: user 'domain+daniel' granted access
Jan 9 13:10:35 zgltsp03 gdm(pam_unix)[2812]: could not identify user (from getpwnam(domain+daniel))
Jan 9 13:10:35 zgltsp03 gdm-binary[2812]: Couldn't set acct. mgmt for domain+daniel
now if i call
in a shell de command "wbinfo -u -g" and then try to login everything works
fine!
almost as if the
wbinfo would remind the server that those users could login..
after a few minutes
(2 or 3) i try to login again with the same user and it doesnt work
again!!
this line is quite
strange, no? .... could not identify user (from
getpwnam(domain+daniel))
my krb5
file:
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = domain.LAN
# default_tgs_enctypes = des-cbc-crc des-cbc-md5
# default_tkt_enctypes = des-cbc-crc des-cbc-md5
forwardable = true
proxiable = true
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24000
default_realm = domain.LAN
# default_tgs_enctypes = des-cbc-crc des-cbc-md5
# default_tkt_enctypes = des-cbc-crc des-cbc-md5
forwardable = true
proxiable = true
dns_lookup_realm = true
dns_lookup_kdc = true
[realms]
domain.LAN = {
kdc = 10.0.0.100:88
# admin_server = 10.0.0.100:749
default_domain = domain.lan
}
domain.LAN = {
kdc = 10.0.0.100:88
# admin_server = 10.0.0.100:749
default_domain = domain.lan
}
[domain_realm]
.domain.lan = DOMAIN.LAN
domain.lan = DOMAIN.LAN
.domain.lan = DOMAIN.LAN
domain.lan = DOMAIN.LAN
[kdc]
profile = "">
profile = "">
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
and my
smb.conf file:
[global]
workgroup = DOMAIN
netbios name = SERVIDORES
server string = LTSP Server
winbind separator = +
netbios name = SERVIDORES
server string = LTSP Server
winbind separator = +
dns proxy = no
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
idmap gid = 16777216-33554431
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
winbind use default domain = no
# username map = /etc/samba/smbusers
# username map = /etc/samba/smbusers
security = ads
encrypt passwords = yes
realm = DOMAIN.LAN
password server = controller.domain.lan
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
encrypt passwords = yes
realm = DOMAIN.LAN
password server = controller.domain.lan
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = no
domain master = False
preferred master = False
domain master = False
preferred master = False
printcap name = /etc/printcap
load printers = yes
proxy = no
PS: i replaced the
real domain name with "domain"
many thanks!
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
