[Dovecot] Problem with pam-auth and winbind
Timo Sirainen
tss at iki.fi
Mon Mar 21 19:01:29 EET 2011
On Fri, 2011-03-18 at 09:46 +0100, pk10 at ksiaznica.torun.pl wrote:
> auth default:
> mechanisms: plain login
> use_winbind: yes
This use_winbind setting doesn't do anything. It's only used for
authentication with NTLM mechanisms.
> passdb:
> driver: pam
> args: dovecot
So Dovecot only knows that it's using PAM.
Setting auth_debug=yes may also show up something useful in logs.
> Mar 14 09:43:22 komp14 dovecot-auth: pam_winbind(dovecot:auth): user 'tt1'
> granted access
So pam_authenticate() succeeded. This is where it fails if password is
incorrect.
> Mar 14 09:43:29 auth-worker(default): Error: pam(tt1,10.10.10.38):
> pam_acct_mgmt() failed: Authentication failure
But pam_acct_mgmt() doesn't like the user. I have no idea why. I've
never used winbind. Maybe you could find some winbind mailing list or
something. But man page of pam_acct_mgmt() may help you do guesses:
The pam_acct_mgmt function is used to determine if the users account is
valid. It checks for authentication token and account expiration and
verifies access restrictions. It is typically called after the user has
been authenticated.
More information about the dovecot
mailing list