Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Cannot login using WINBIND in AIX 5.3
Top Forums UNIX for Advanced & Expert Users Cannot login using WINBIND in AIX 5.3 Post 302795575 by lhareigh890 on Thursday 18th of April 2013 03:51:23 AM
Old 04-18-2013
Cannot login using WINBIND in AIX 5.3
I configured AIX5.3 to use kerberos and winbind so user can login and authenticate via AD. I was able to join my AIX server to domain and can execute wbinfo -u/g. However when I login, It says unknown user. I already edit /etc/secuirty/user and then method.cfg.

On the log.winbindd it says

Code:
Apr 18 15:47:28 bdougp05 daemon:err|error winbindd[213342]: [2013/04/18 15:47:28.020931,  0] lib/util_tdb.c:69(tdb_chainlock_with_timeout_internal)
Apr 18 15:47:28 bdougp05 daemon:err|error winbindd[213342]: [2013/04/18 15:47:28.020931,  0] lib/util_tdb.c:69(tdb_chainlock_with_timeout_internal)
Apr 18 15:47:28 bdougp05 daemon:err|error winbindd[213342]:   tdb_chainlock_with_timeout_internal: alarm (40) timed out for key adserver.example.com in tdb /opt/pware64/var/locks/mutex.tdb
Apr 18 15:47:28 bdougp05 daemon:err|error winbindd[213342]:   tdb_chainlock_with_timeout_internal: alarm (40) timed out for key adserver.example.com in tdb /opt/pware64/var/locks/mutex.tdb
Apr 18 15:47:28 bdougp05 daemon:err|error winbindd[213342]: [2013/04/18 15:47:28.021148,  0] winbindd/winbindd_cm.c:791(cm_prepare_connection)
Apr 18 15:47:28 bdougp05 daemon:err|error winbindd[213342]: [2013/04/18 15:47:28.021148,  0] winbindd/winbindd_cm.c:791(cm_prepare_connection)
Apr 18 15:47:28 bdougp05 daemon:err|error winbindd[213342]:   cm_prepare_connection: mutex grab failed foradserver.example.com
Apr 18 15:47:28 bdougp05 daemon:err|error winbindd[213342]:   cm_prepare_connection: mutex grab failed for adserver.example.com

   workgroup = example
   password server = adserver.example.com
   realm = EXAMPLE.COM
   security = ads
   winbind separator = +
   template shell = /bin/bash
   template homedir = /home/users/%U
   preferred master = no
   local master = no
   domain master = no
   winbind separator = +
   winbinduid = 1000-20000
   winbindgid = 1000-20000
   winbind enum users = Yes
   winbind enum groups = Yes
   winbind use default domain = Yes
   idmap uid = 1000-20000
   idmap gid = 1000-20000
   encrypt passwords = true
   winbind offline logon = no
   idmap config EXAMPLE:default = yes
   idmap config EXAMPLE:backend = tdb
   idmap config EXAMPLE:range = 200000 - 50000000
   log level = 10
   idmap alloc backend = tdb
   idmap alloc config:range = 200000 - 50000000

pls assist. thanks
 

10 More Discussions You Might Find Interesting

1. AIX

Implicit login in AIX

only wanted to know .. if I have some tivoli jobs running with different user .. will this mean that everytime the job invokes .. the .profile runs for that user ... or is it that the .profile runs only at explicit LOGINs ... e.g if a cron calls a job under some user, does it run the .profile of... (1 Reply)
Discussion started by: rajesh_149
1 Replies

2. AIX

AIX login problem

I have users at several remote locations that connect to a AIX 5.1 server using telnet. Last week the users at one location reported problems with logging into the server. After entering user ID and password the users get a blank screen. I have checked the user password, profile, and permissions... (7 Replies)
Discussion started by: TTC1
7 Replies

3. AIX

not able to login to aix

Aix version 5.2. We restarted the server last night. after that we are not able to login from the workstations. we are just able to login in the console. when we try to login thru' netterm or telnet it gives the following error. "password required, but none set". We are able to ping... (1 Reply)
Discussion started by: mjdarm
1 Replies

4. AIX

Can't login on CDE AIX 4.2

Hi, can somebody please, please help me? After a power loss and server restart my server running AIX 4.2.2 could not boot. Following the procedure in my user guide I checked the hd's with # fsck -y /dev/hd1 # fsck -y /dev/hd2 # fsck -y /dev/hd3 # fsck -y /dev/hd4 # fsck -y /dev/hd9var I... (0 Replies)
Discussion started by: semso
0 Replies

5. AIX

User Account Login Login on your AIX server

I want to learn AIX. I would like to find someone who would be willing to give me a login to their AIX home lab server. My intent is to poke around and discover the similarities and differences of AIX compared to other *NIXs. I am a UNIX admin so I can think of what some immediate concerns may... (1 Reply)
Discussion started by: perl_in_my_shel
1 Replies

6. AIX

AIX 7.1 Login Terminal

Hi there, I am a newbie in AIX. I have reboot the AIX today and then the CDE login screen disappear. :eek:I have reboot several times and still it only shows the terminal (lft0) with only green characters and black screen:confused:. Anyway I can have the CDE login screen back?:confused: Also, as... (5 Replies)
Discussion started by: sunnytai
5 Replies

7. AIX

AIX 7.1 integrate AD with winbind

I have joined an AIX 7.1 into a 2012 AD domain sucesfully. I can get ouput from wbinfo -u but when I try to access a share I get the following error : check_ntlm_password: Authentication for user -> FAILED with error NT_STATUS_NO_SUCH_USER I have found that I'm missing... (0 Replies)
Discussion started by: laxtnog
0 Replies

8. UNIX and Linux Applications

WINBIND module missing in AIX 7.1

I have installed following packages from perzl samba-winbind-clients-3.6.22-1 samba-client-3.6.22-1 samba-domainjoin-gui-3.6.22-1 samba-winbind-devel-3.6.22-1 samba-3.6.22-1 samba-common-3.6.22-1 samba-winbind-krb5-locator-3.6.22-1 samba-doc-3.6.22-1 samba-swat-3.6.22-1... (7 Replies)
Discussion started by: laxtnog
7 Replies

9. AIX

Samba 3.6.22 on AIX 7.1 with Windows AD (Kerberos and winbind)

Hi all, I have installed samba 3.6.22 on AIX 7.1 and join a windows AD with success. All seem to work fine, I have configured smb.conf, methods.cfg, kerberos, user .... the following command work fine wbinfo -u, wbinfo -g, wbinfo -i, wbinfo -s, wbinfo -S, lsuser, id... The unique... (20 Replies)
Discussion started by: PhilippeA
20 Replies

10. AIX

Not able to login AIX server but able to login thru console.

Hi, i am able to login to AX server thru console but not able to login directly thru server. also the server is not ping-able with other server. filesystem is fine. and OS version is AIX 5.3. please let me know if you need any specific log. thx in advance. Scriptor (2 Replies)
Discussion started by: scriptor
2 Replies

LEARN ABOUT FREEBSD

idmap_tdb

IDMAP_TDB(8)                                                System Administration tools                                               IDMAP_TDB(8)

NAME

       idmap_tdb - Samba's idmap_tdb Backend for Winbind

DESCRIPTION

       The idmap_tdb plugin is the default backend used by winbindd for storing SID/uid/gid mapping tables.

       In contrast to read only backends like idmap_rid, it is an allocating backend: This means that it needs to allocate new user and group IDs
       in order to create new mappings. The allocator can be provided by the idmap_tdb backend itself or by any other allocating backend like
       idmap_ldap or idmap_tdb2. This is configured with the parameter idmap alloc backend.

       Note that in order for this (or any other allocating) backend to function at all, the default backend needs to be writeable. The ranges
       used for uid and gid allocation are the default ranges configured by "idmap uid" and "idmap gid".

       Furthermore, since there is only one global allocating backend responsible for all domains using writeable idmap backends, any explicitly
       configured domain with idmap backend tdb should have the same range as the default range, since it needs to use the global uid / gid
       allocator. See the example below.

IDMAP OPTIONS

       range = low - high
           Defines the available matching uid and gid range for which the backend is authoritative. If the parameter is absent, Winbind fails over
           to use the "idmap uid" and "idmap gid" options from smb.conf.

EXAMPLES

       This example shows how tdb is used as a the default idmap backend. It configures the idmap range through the global options for all domains
       encountered. This same range is used for uid/gid allocation.

                [global]
                # "idmap backend = tdb" is redundant here since it is the default
                idmap backend = tdb
                idmap uid = 1000000-2000000
                idmap gid = 1000000-2000000

       This (rather theoretical) example shows how tdb can be used as the allocating backend while ldap is the default backend used to store the
       mappings. It adds an explicit configuration for some domain DOM1, that uses the tdb idmap backend. Note that the same range as the default
       uid/gid range is used, since the allocator has to serve both the default backend and the explicitly configured domain DOM1.

                [global]
                idmap backend = ldap
                idmap uid = 1000000-2000000
                idmap gid = 1000000-2000000
                # use a different uid/gid allocator:
                idmap alloc backend = tdb

                idmap config DOM1 : backend = tdb
                idmap config DOM1 : range = 1000000-2000000

AUTHOR

       The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by the Samba Team as an Open
       Source project similar to the way the Linux kernel is developed.

Samba 3.5                                                           06/18/2010                                                        IDMAP_TDB(8)
All times are GMT -4. The time now is 08:00 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy