[samba] Active Directory authentication stopped working

Andrii Dobrovol`s`kii dobr на iop.kiev.ua
Вт Май 22 13:26:28 MSD 2007


Dan O'Brien пишет:
> Hello all,
> 
> I have 3 Linux boxes all authenticating against 2 Windows 2003 domain
> controllers. Each Linux box is running a different Linux and samba version:
> 
> Box1: CentOS 3.4 3.0.25-7
> Box2: CentOS 4.4 3.0.10-1
> Box3: CentOS 5   3.0.23c-2
> 
> Their smb.conf and krb5.conf files are all identical (below). A few days
> ago authentication stopped working and my /var/log/messages fills up
> with "signing_good: BAD SIG: seq 1" and "SMB Signature verification
> failed on incoming packet!" errors. When someone tries to log into one
> of the machines i get an "internal module error" and
> "NT_STATUS_LOGON_TYPE_NOT_GRANTED" messages.
> 
> I've been on this for 2 full days now, I've tried everything I could
> think of. Any help would be appreciated.
> 
> 
> Regards,
> Dan O'Brien
> 
> (conf files and messaeges below)
> 
> 
> 
> /var/log/messages
> ...
> failed on incoming packet!
> May 21 16:58:13 scandium pam_winbind[17827]: request failed:
> NT_STATUS_LOGON_TYPE_NOT_GRANTED, PAM error was 4, NT error was
> NT_STATUS_LOGON_TYPE_NOT_GRANTED
> May 21 16:58:13 scandium pam_winbind[17827]: internal module error
> (retval = 4, user = `user'
> 
May be, you have a problem with pam?
> 
> [appdefaults]
>  pam = {
>    debug = false
>    ticket_lifetime = 36000
>    renew_lifetime = 36000
>    forwardable = true
>    krb4_convert = false
>  }
> 
You tried "debug = true"?
Or there can be something has changed on the controllers?
-- 
Rgrds,
Andriy
*********************************************************************
email: dobr at iop dot kiev dot ua            Kyiv, Ukraine
Phone: (380-44)   525-7824            Department of Gas Electronics
Fax:   (380-44)   525-2329             Institute of Physics of NASU
*********************dobrATjabber.iop.kiev.ua************************

----------- следущая часть -----------
Было удалено вложение не в текстовом формате...
Имя     : signature.asc
Тип     : application/pgp-signature
Размер  : 189 байтов
Описание: OpenPGP digital signature
Url     : http://lists.altlinux.org/pipermail/samba/attachments/20070522/34f2f76b/attachment.bin 


Подробная информация о списке рассылки Samba