I have used winbindd, libnss_winbind.so and openssh. Before with 3.0.7, openssh runs well with winbind. But openssh doesn't run with winbind which is included in 3.0.9. "Timeout before authentication" errors always kill my SSH sessions. My SSH sessions are killed 2 minutes later after logon. These errors get lost after I remove "winbind" from nsswitch.conf. In addition, winbind causes bad effect on other programs ( such as cron). Cause: On solaris 2.6, threading shared libraries ( libraries having link with libthread.so ) treating signals can not link with non-threading programs ( programs having no link with libthread.so ) treating signals. With 3.0.7, libnss_winbind.so has no link with libthread.so. However, with 3.0.9, libnss_winbind.so has link libthread.so. libnss_winbind.so doesn't have to link with libthread.so.
/var/log/authlog wrote by openssh: Nov 25 16:27:30 myhost sshd[20935]: Connection from 10.171.207.98 port 58166 Nov 25 16:27:30 myhost sshd[20935]: Failed none for sasajima from 10.171.207.98 port 58166 ssh2 Nov 25 16:27:30 myhost sshd[20935]: userauth_hostbased mismatch: client sends yourhost, but we resolve 10.171.207.98 to yourhost.yourdomain.co.jp Nov 25 16:27:31 myhost sshd[20935]: userauth_hostbased mismatch: client sends yourhost, but we resolve 10.171.207.98 to yourhost.yourdomain.co.jp Nov 25 16:27:31 myhost sshd[20935]: Accepted hostbased for sasajima from 10.171.207.98 port 58166 ssh2 Nov 25 16:29:30 myhost sshd[20935]: fatal: Timeout before authentication for 10.171.207.98 Compile options: $ ./configure --prefix=/usr/local/exp \ --sysconfdir=/etc/exp --localstatedir=/var/exp \ --with-privatedir=/etc/exp \ --with-configdir=/etc/exp \ --with-libiconv=/usr/local/exp \ --with-piddir=/var/exp/run \ --with-logfilebase=/var/exp/log --with-pam \ --with-winbind Link info: % ldd samba-3.0.9/source/nsswitch/libnss_winbind.so libiconv.so.2 => /usr/local/exp/lib/libiconv.so.2 libthread.so.1 => /usr/lib/libthread.so.1 libsocket.so.1 => /usr/lib/libsocket.so.1 libc.so.1 => /usr/lib/libc.so.1 libdl.so.1 => /usr/lib/libdl.so.1 libnsl.so.1 => /usr/lib/libnsl.so.1 libmp.so.2 => /usr/lib/libmp.so.2 /usr/platform/SUNW,Ultra-60/lib/libc_psr.so.1 % ldd samba-3.0.7/source/nsswitch/libnss_winbind.so libiconv.so.2 => /usr/local/exp/lib/libiconv.so.2 libsocket.so.1 => /usr/lib/libsocket.so.1 libc.so.1 => /usr/lib/libc.so.1 libnsl.so.1 => /usr/lib/libnsl.so.1 libdl.so.1 => /usr/lib/libdl.so.1 libmp.so.2 => /usr/lib/libmp.so.2 /usr/platform/SUNW,Ultra-60/lib/libc_psr.so.1
Installed 3.0.11 on a Solaris 2.6 box. Integrated with PAM as described in the manual. Integration with PAM works fine. Can log on as a NT account with NT password. However, after a few minutes the telnet/ftp/other session is killed by a SIGHUP (as shown by truss). Also, when the login is done using a UNIX account defined in /etc/passwd, the session is killed a few minutes after the login has succeeded. Samba shares work fine. When the integration into the login procedure is removed, the system stays stable: no more sessions are killed. Samba shares keep working fine. For now, I've arranged the server of ctr to exclude PAM authentication against Windows 2003 AD. Is no problem. Funny is that the killing of the process takes place a few minutes (approx. 3) after the login succeeded. This happens even when practically all server side processes have been stopped. Although I was unable to determine what the exact process is that kills the sessions, it must be running as root. Maybe a child of login? Linkinfo includes thread. Note that inclusion into /etc/nsswitch.conf has no impact on the killing of sessions.
please retest against 3.0.20a (the current SAMBA_3_0_RELEASE branch) which will publically be availebl next week.