Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 06-11-2004, 05:43 AM   #1
LQ Newbie
Registered: Jun 2004
Distribution: Debian, UHU
Posts: 1

Rep: Reputation: 0
Question winbind + samba + gdm unable to login with Domain user

I have been trying to set up a linux workstation (local dist. "UHU") to authenticate from a (Samba) NT Domain when I login. I've gone through several tutorials and how-tos (which tend to vary a lot) and I am still not able to log in. The only clue Ive found in the logs is in the sys.log I get:

jan 1 00:50:02 localhost gdm[1366]: gdm_slave_session_start: User not allowed to log in

Ive joined the workstation to the domain
wbinfo -u
wbinfo -g
getent passwd
getent group
all work

Here is my smb.conf:
dns proxy = No
domain master = No
encrypt passwords = Yes
guest account = nobody
guest ok = No
interfaces = lo, eth*
invalid users = root
log level = 2
map to guest = Bad Password
max log size = 10000
name resolve order = lmhosts host wins bcast
os level = 255
preferred master = No
printing = cups
server string = bagoly
syslog = 0
password server = *
winbind enum groups = yes
winbind gid = 10000-20000
winbind enum users = yes
winbind uid = 10000-20000
winbind use default domain = yes
winbind separator = \
obey pam restrictions = No
security = domain
workgroup = MYDOMAIN

Here is my PAM login:

auth required /lib/security/
auth required /lib/security/
auth sufficient /lib/security/
auth sufficient /lib/security/ use_first_pass nullok shadow

account required /lib/security/

password required /lib/security/ retry=3
password required /lib/security/ nullok use_authtok md5 shadow

session required /lib/security/ skel=/etc/skel/ umask=0022
session required /lib/security/
session required /lib/security/
session required /lib/security/
session optional /lib/security/ never
session optional /lib/security/
session optional /lib/security/ quiet

Here is my PAM gdm:
auth required
auth sufficient
auth sufficient use_first_pass
auth required service=system-auth
auth required
account sufficient
account required service=system-auth
password required service=system-auth
session required skel=/etc/skel/ umask=0022
session required service=system-auth
session optional

Here is my nsswitch.conf:
passwd: files winbind
shadow: files winbind
group: files winbind

hosts: files nisplus nis dns

bootparams: nisplus [NOTFOUND=return] files

ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: nisplus
publickey: nisplus
automount: files
aliases: files

Any suggestions? Thanx.
Old 06-11-2004, 09:30 AM   #2
LQ Newbie
Registered: Jun 2004
Location: Cologne, Germany, Europe
Distribution: Debian Sid
Posts: 3

Rep: Reputation: 0
It's just an idea, but I would try to put the winbind entrys in your pam configuration files at the beginning of the file. Perhaps the login fails because you have an "required" entry at first.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba Winbind and 2003 domain carnold SUSE / openSUSE 0 08-26-2005 06:53 PM
Samba 3, Winbind (getent) not returning Domain USers delphiq Linux - Software 1 04-16-2004 06:18 AM
Slackware + SAMBA + WinBind + NT Domain = 3 day headache enkrypter Slackware 4 04-15-2004 11:23 PM
Samba + Winbind + Domain Users group wheeliemonster Linux - Networking 0 01-27-2004 10:56 AM
SAMBA access based on NT Domain groups [using winbind] tisource Linux - Networking 1 11-24-2003 01:34 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:45 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration