Thierry: i have not touched lwiauthd.conf or pam_lwidentity.conf, except
to turn on debugging in pam_lwidentity.conf
--
likewise-open: allows lockout while disconnected
https://bugs.launchpad.net/bugs/314623
You received this bug notification because you are a member of Ubuntu
Server Team, which
Justin, I think your problem is different than this one. All your
problems occur while connected to the network.
--
likewise-open: allows lockout while disconnected
https://bugs.launchpad.net/bugs/314623
You received this bug notification because you are a member of Ubuntu
Server Team, which is
I am working to deploy Ubuntu 9.04 in a medium sized Windows network,
using Likewise-open for domain authentication... and I have seen this
happen on two separate occasions over the course of about 4 months. I
don't have any log files or anything, but here is what I experienced.
1) I went on vacat
I reproduce the exact same log lines when I am connected to the DC, once
I set up the lockout policy.
However when I'm disconnected, I get the same logs for the first 3 attempts but
the 4th one (with the right password) succeeds with:
...
pam_lwidentity(su:auth): enabling request for a FILE krb5
turning on debug in pam_lwidentity.conf, my /var/log/auth.log tells me
the following:
May 5 12:25:55 host su[8722]: pam_lwidentity(su:auth): PAM config:
global:krb5_ccache_type 'FILE'
May 5 12:25:55 host su[8722]: pam_lwidentity(su:auth): failed to get GP info
May 5 12:25:55 host su[8722]: pam
Ubuntu Jaunty, likewise-open version 4.1.2982-0ubuntu2.
The domain account is never locked out, because the incorrect passwords
were entered with the machine disconnected from the network. Therefore
there is no way for the DC to even know about the login attempts.
relevant sections of my pam con
I tried to reproduce with the exact same instructions with likewise-open on a
Jaunty desktop, without success.
Three incorrect, then one correct, I can still log in with cached creds, as
expected.
Could you please indicate what version of Ubuntu you're running, and the
version of the likewise-o
I tested by disabling the network (unchecking "Enable networking" on the
network manager applet in GNOME). I've also done it by simply
unplugging the network cable.
I used 'su - $USER', using a gnome-terminal session while logged in to
the GNOME desktop.
One incorrect, then one correct, allowed
I can't reproduce that.
With the DC shut down I've ssh-ed in and typed 15 wrong passwords... but could
still connect using cached credentials on the 16th attempt.
Could you please explain what I could do to reproduce the issue ?
** Changed in: likewise-open (Ubuntu)
Status: New => Incomple
I'm sure I'm in a disconnected state, because I'm not physically
connected to a network which can reach a DC of the domain in question.
I'm not talking about a lockout of the account on the DC, I'm talking
about a lockout implemented by likewise-open on its local cache.
The exact error is: "The a
Are you sure you are in a disconnected state. I don't see it would be
possible to do what you describe since the authentication attempt are
against a local cache and never sent to the DC.
How are you determining you are a offline state?
--
likewise-open: allows lockout while disconnected
https:
11 matches
Mail list logo
