https://bugzilla.novell.com/show_bug.cgi?id=245997 lmuelle@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|samba-maintainers@SuSE.de |kukuk@novell.com ------- Comment #1 from lmuelle@novell.com 2007-02-20 06:08 MST ------- Thorsten: Might this be caused by the new pam config mechanism in 10.2? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

https://bugzilla.novell.com/show_bug.cgi?id=245997 ------- Comment #3 from jhaygood@spsu.edu 2007-02-20 07:12 MST ------- The system had a fully functional configuration under 10.1. The system was upgraded to 10.2 via the openSUSE DVD from opensuse.org, where the same configuration no longer works. What worked before: 1. Logging in via ATLANTA\username (where ATLANTA is the Windows Active Directory domain) 2. Browsing SMB shares on the system remotely without providing a username/password as long as the remote system was also on the domain I've tried using YaST to reconfigure it like the original working configuration, and it didn't work. I also used the SAMBA handbook to manually recreate the working config, and that didn't work either. What did work was changing the PAM configuration to use Kerberos directly (which only allows users whove been added via useradd -m <username>). However, this is inconvienent, and it would be useful to use the old working method which made the system a fairly integrated member of the domain. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

https://bugzilla.novell.com/show_bug.cgi?id=245997 ------- Comment #5 from gd@novell.com 2007-02-20 07:52 MST ------- It seems you were using pam_krb5 and nss_winbind on 10.1. And apparently sshd can no longer resolve your AD accounts using nss_winbind. Can you please first verify that winbind correctly resolves usernames by checking: wbinfo -n ATLANTA\\jhaygood getent passwd ATLANTA\\jhaygood ? Also please verify that winbind runs and is included in /etc/nsswitch.conf. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

https://bugzilla.novell.com/show_bug.cgi?id=245997 kwagner@zetex.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kwagner@zetex.com ------- Comment #6 from kwagner@zetex.com 2007-06-13 04:56 MST ------- I have the same issue. Worked perfectly before upgrade, now doesn't work at all. I will attach the following files: log.winbindd - a partial log with debug level 10, recorded when running wbinfo -u smb.conf - my current samba config file (used only for winbind on this machine) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

https://bugzilla.novell.com/show_bug.cgi?id=245997 ------- Comment #8 from kwagner@zetex.com 2007-06-13 05:08 MST ------- Created an attachment (id=145901) --> (https://bugzilla.novell.com/attachment.cgi?id=145901&action=view) My smb.conf -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

https://bugzilla.novell.com/show_bug.cgi?id=245997 ------- Comment #10 from kwagner@zetex.com 2007-06-14 09:55 MST ------- OK, now this has anoyed me. It is nothing to do with Winbind, it is a DNS problem (at least for me) The libresolv used in SuSE used multicast DNS to resolve .local domains. I fixed this on 10.1 using a quick hack, running libresolv thru perl to change 'local' to 'lozal'. Now I've done the same on 10.2, and it works perfectly. But still, this is not a very good way to fix it. It is a hack. PLEASE can you look into changing this behaviour as it screws most AD setups (thanks to MS and dumb IT guys) (there is already a mdns nss module which can be used.) Here's a link to the hack I used: http://forums.suselinuxsupport.de/lofiversion/index.php/t38008.html -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

https://bugzilla.novell.com/show_bug.cgi?id=245997#c12 Lars Müller <lmuelle@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID --- Comment #12 from Lars Müller <lmuelle@novell.com> 2007-10-17 06:34:34 MST --- This issues is caused by mDNS. Please do not use .local domains. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.