Downloaded 2.2.4 yesterday and it without your patch it works for me: [noel@belly noel]$ wbinfo -a uk+nkelly%password plaintext password authentication succeeded error code was NT_STATUS_OK (0x0) challenge/response password authentication succeeded error code was NT_STATUS_OK (0x0) [noel@belly noel]$ [noel@belly noel]$ wbinfo -a uk+nkelly%wrongpassword plaintext password authentication failed error code was NT_STATUS_WRONG_PASSWORD (0xc000006a) Could not authenticate user uk+nkelly%password with plaintext password challenge/response password authentication failed error code was NT_STATUS_WRONG_PASSWORD (0xc000006a) Could not authenticate user uk+nkelly with challenge/response [noel@belly noel]$
Noel -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: 12 May 2002 09:27 To: [EMAIL PROTECTED] Cc: Andrew Bartlett Subject: winbind authentication Hi, this problem applies to 2.2.4 and partly to head, too. I need to set a username when connecting to a Win2K server using winbind. The documentiation states "wbinfo -A user%password" would do the trick. However this doesn't work. For wbinfo in 2.2.4: - the "-A" option is documented, but isn't working. (--set-auth-user is the actual name of the command but this is undocumented) - secrets_init() isn't called so secrets.tdb isn't open. - the username variable instead of user is stored (which is user%password instead of user alone) The patch below makes it work for me. In head the same patch can be applied, with the exception of secrets_init() not being needed. ...Juergen --- nsswitch/wbinfo.orig Fri May 3 03:03:20 2002 +++ nsswitch/wbinfo.c Sat May 11 18:30:06 2002 @@ -592,9 +592,9 @@ password = ""; /* Store in secrets.tdb */ - - if (!secrets_store(SECRETS_AUTH_USER, username, - strlen(username) + 1) || + secrets_init(); + if (!secrets_store(SECRETS_AUTH_USER, user, + strlen(user) + 1) || !secrets_store(SECRETS_AUTH_DOMAIN, domain, strlen(domain) + 1) || !secrets_store(SECRETS_AUTH_PASSWORD, password, @@ -640,6 +640,7 @@ printf("\t-m\t\t\tlist trusted domains\n"); printf("\t-r user\t\t\tget user groups\n"); printf("\t-a user%%password\tauthenticate user\n"); + printf("\t-A user%%password\tstore user and password used by winbind (root only)\n"); printf("\t-p 'ping' winbindd to see if it is alive\n"); printf("\t--sequence\t\tshow sequence numbers of all domains\n"); } @@ -683,7 +684,7 @@ { "sequence", 0, POPT_ARG_NONE, 0, OPT_SEQUENCE }, { "user-groups", 'r', POPT_ARG_STRING, &string_arg, 'r' }, { "authenticate", 'a', POPT_ARG_STRING, &string_arg, 'a' }, - { "set-auth-user", 0, POPT_ARG_STRING, &string_arg, OPT_SET_AUTH_USER }, + { "set-auth-user", 'A', POPT_ARG_STRING, &string_arg, OPT_SET_AUTH_USER }, { "ping", 'p', POPT_ARG_NONE, 0, 'p' }, { 0, 0, 0, 0 } };
