[Bug 1165461] Re: pam_winbind offline logon does not work in 12.04

napnap napnap at free.fr
Mon Sep 21 09:11:53 UTC 2015 

Hi,

same bug here with Ubuntu 14.04 interated to a domain NT4 style.
Offline logon works if I close the session and disconnet LAN wire, but not work if I reboot, this is auth.log :

Sep 21 08:46:42 PC-UPS846 lightdm: pam_unix(lightdm:auth): check pass; user unknown
Sep 21 08:46:42 PC-UPS846 lightdm: pam_unix(lightdm:auth): authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= 
Sep 21 08:46:42 PC-UPS846 lightdm: pam_winbind(lightdm:auth): getting password (0x00000208)
Sep 21 08:46:42 PC-UPS846 lightdm: pam_winbind(lightdm:auth): pam_get_item returned a password
Sep 21 08:46:45 PC-UPS846 lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
Sep 21 08:46:45 PC-UPS846 lightdm: PAM adding faulty module: pam_kwallet.so


"user unknow", it seems winbind can't handle the NSS caching. ( I see an error with pam_kwallet.so but not seems to be relevant)

The file gencache.tdb is already in /var/cache/samba/ .


cat /etc/nsswitch.conf 
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         compat winbind
group:          compat winbind
shadow:         compat

hosts:          files myhostname mdns4_minimal [NOTFOUND=return] dns mdns4 wins
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis



** Attachment added: "smb.conf"
   https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1165461/+attachment/4470140/+files/smb.conf

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/1165461

Title:
  pam_winbind offline logon does not work in 12.04

Status in samba package in Ubuntu:
  Confirmed

Bug description:
  The pam_winbind offline login does not work in 12.04 LTS with latest updates.
  My configuration.
  Client joined to domain with uidNumber set in AD.
  smb.conf with winbind offline logon = yes
  /etc/security/pam_winbind.conf with cached_login = yes
  PAM configuration is the "default" pam-auth-update configuration with winbind.

  If I am online everything works as expected. I can login with my AD account tstusr2.
  But if my notebook has no connection to the domain controller the offline login does not work anymore.
  The problem seems to be somehwere in PAM as PAM identifies the user as "unkown". See attachment auth.log.

  If I manually add my user to /etc/passwd the offline login works.
  tstusr2:*:50001:70005::/home:/bin/bash

  It can't be solution to add domain users to /etc/passwd. pam_winbind
  has to deal with it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1165461/+subscriptions

More information about the foundations-bugs mailing list