https://bugzilla.novell.com/show_bug.cgi?id=239601 Summary: Winbind offline login loses credentials while windows user still logged in Product: openSUSE 10.2 Version: Final Platform: x86 OS/Version: SuSE Other Status: NEW Severity: Major Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: slea@taupehat.com QAContact: qa@suse.de Have set up here a laptop with openSUSE 10.2, clean install. Laptop was installed at the location of a Windows 2000 AD domain, and was joined to the domain during the regular installation process which progressed without apparent error. While "on the lot," the laptop works perfectly, with no apparent errors. When off the lot, user authentication for known domain accounts (accounts which have previously logged in to the laptop) works correctly at first, throwing only the "cached credentials" advisory. Within some brief period of time (about 15-30 minutes), desktop applications being acting strangely or not launching - it looks as though IPC isn't working. Launching a terminal from the logged in user results in a fifteen minute wait (+- 10 minutes) and ultimately the shell displays "I have no name!" indicating some sort of pam meltdown maybe? From that point on, domain accounts can no longer log in, and the currently-logged-in domain user cannot save open documents or otherwise maintain any sort of state, as the OS no longer recognizes that user's rights to write (or read) anywhere. The only log hit that's apparent when this happens is as follows: [2007/01/26 21:19:21, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(370) group 0 in domain FOO does not exist Below is the entirety of my smb.conf. The only edit I've made to this paste is to change the domain and realm with FOO and FOO.EXAMPLE respectively: [global] idmap gid = 10000-20000 idmap uid = 10000-20000 realm = FOO.EXAMPLE security = ADS template homedir = /home/%D/%U template shell = /bin/bash usershare allow guests = No winbind offline logon = yes winbind refresh tickets = yes workgroup = FOO winbind use default domain = yes It really looks as if the "magic" that "winbind refresh tickets = yes" is supposed to perform is failing, or perhaps winbind is trying to refresh tickets on an overly-aggressive schedule. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.