https://bugzilla.novell.com/show_bug.cgi?id=286825 Summary: Using "Offline authentication" in a domain membership fails the login Product: openSUSE 10.2 Version: Final Platform: i386 OS/Version: openSUSE 10.2 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: sloncho@gmail.com QAContact: qa@suse.de Found By: Customer When using a windows domain authentication against NT4 PDC, if "Offline authentication" is enabled, the login fails. It works otherwise. Details (as posted on opensuse list): Hi, I have a fresh install of 10.2 32 bit. I enabled the authentication against a NT4 PDC on the local network. So far I have only partial success - I had to disable SuSEfirewall completely in order to make this work. With firewall up, and enabling TCP 135, 139 and 445, and UDP 137 and 138, as I read online, did not allow me to browse the network. So, if I want to be able to browse the network (DOMAIN) but enable the firewall, which ports I need to enable? The real problem: after joining the machine to the domain, and enabling the user authentication against the domain, I could login as a domain user, and the home directory was properly created. The problem is, that if I enable "Offline Authentication", I can no longer log in as this same user - kdm reports: "A critical error occurred: Please look at KDM's logfile(s) for more information or contact your system administrator." In /var/log/kdm.log I see no authentication error - I see only 2 lines for the time I tried the login: Could not init font path element /usr/share/fonts/Speedo, removing from list! Could not init font path element unix/:7100, removing from list! And I guess they are unrelated. But in /var/log/messages I see this: Jun 21 10:32:45 sunsuse winbindd[6911]: [2007/06/21 10:32:45, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_noauth(2265) Jun 21 10:32:45 sunsuse winbindd[6911]: cli_rpc_pipe_open_noauth: rpc_pipe_bind for pipe \lsarpc failed with error NT_STATUS_BUFFER_TOO_SMALL Jun 21 10:32:45 sunsuse winbindd[6911]: [2007/06/21 10:32:45, 0] nsswitch/winbindd_cred_cache.c:winbindd_add_memory_creds_internal(567) Jun 21 10:32:45 sunsuse winbindd[6911]: winbindd_add_memory_creds_internal: invalid uid for user MYDOMAIN\sunny. Jun 21 10:32:45 sunsuse kdm: :1[7381]: pam_winbind(xdm:auth): request failed: Unexpected information received, PAM error was System error (4), NT error was NT_STATUS_INVALID_PARAMETER The first 2 lines I see all over the place, even when I can log in, but when the login fails, I see the other 3. When I disable "Offline authentication", I still see many of the first 2 lines, and after that I have: Jun 21 10:38:02 sunsuse kdm: :1[7656]: pam_winbind(xdm:auth): user 'ICEBERG\sunny' granted access And I can log in. No using "Offline authentication" is bad for laptop users, so I would prefer to make it work. Any ideas what can be wrong? Also, what can be the cause for these 2 lines to appear multiple times on every login attempt: Jun 21 10:36:29 sunsuse winbindd[7486]: [2007/06/21 10:36:29, 0] rpc_client/cli_pipe.c:cli_rpc_pipe_open_noauth(2265) Jun 21 10:36:29 sunsuse winbindd[7486]: cli_rpc_pipe_open_noauth: rpc_pipe_bind for pipe \lsarpc failed with error NT_STATUS_BUFFER_TOO_SMALL -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.