On Fri, 2011-03-18 at 09:46 +0100, pk10@ksiaznica.torun.pl wrote:
auth default: mechanisms: plain login use_winbind: yes
This use_winbind setting doesn't do anything. It's only used for authentication with NTLM mechanisms.
passdb: driver: pam args: dovecot
So Dovecot only knows that it's using PAM.
Setting auth_debug=yes may also show up something useful in logs.
Mar 14 09:43:22 komp14 dovecot-auth: pam_winbind(dovecot:auth): user 'tt1' granted access
So pam_authenticate() succeeded. This is where it fails if password is incorrect.
Mar 14 09:43:29 auth-worker(default): Error: pam(tt1,10.10.10.38): pam_acct_mgmt() failed: Authentication failure
But pam_acct_mgmt() doesn't like the user. I have no idea why. I've never used winbind. Maybe you could find some winbind mailing list or something. But man page of pam_acct_mgmt() may help you do guesses:
The pam_acct_mgmt function is used to determine if the users account is
valid. It checks for authentication token and account expiration and
verifies access restrictions. It is typically called after the user has
been authenticated.