[NTLUG:Discuss] Can't log into desktop, can SSH into box

Leroy Tennison leroy_tennison at prodigy.net
Sun Dec 2 00:14:38 CST 2007 

Minh Duong wrote:
> --- Robert Citek <robert.citek at gmail.com> wrote:
> 
>> On 12/01/2007 04:27 PM, Minh Duong wrote:
>>> Thanks, it was a WinBind issue.  I replied to the
>> last
>>> person and forgot to reply to the entire list.  I
>>> turned off WinBind authentication and it works
>> now. 
>>> Thanks all for your help.
>> Inquiring minds want to know how you figured that
>> out.
>>
>> Regards,
>> - Robert
>>
> 
> 
> I went to text login to remove any X dependencies by
> using CTR-ALT-F1.  I tried to login using a user.  It
> failed.  So I logged in as root in text. 
> 
> tail /var/log/messages
> 
> got me the end of the system messages.  The error said
> something like:
> 
> Nov 30 12:00:01 server pam_winbind[4083]: write to
> socket failed!
> 
> I really don't know what Winbind is for so I went to
> setup and turned it off.
> 
> 
> 
>       ____________________________________________________________________________________
> Be a better sports nut!  Let your teams follow you 
> with Yahoo Mobile. Try it now.  http://mobile.yahoo.com/sports;_ylt=At9_qDKvtAbMuh1G1SQtBI7ntAcJ
> 
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
> 
Just FYI, winbind is a part of the Samba suite.  What it is doing is 
looking to a Windows domain for username and password information.  This 
basically means that the Linux machine was relying on a (non-existent?) 
Windows domain for authentication.  From the description of your problem 
it sounds like the configuration was using winbind exclusively for user 
authentication.  /etc/nsswitch.conf can be configured to fall back to 
"files" (local authentication) if network services fail to respond.

Winbind would be considered one of the "network-based authentication 
mechanisms" available to Linux (others being NIS, LDAP and Kerberos.  if 
I have missed another one someone jump in).  What these mechanisms do is 
move the authentication process off of individual machines to a 
centralized network-based repository.  They are a real time-saver for 
large environments but at the cost of increased complexity in the 
environment.

More information about the Discuss mailing list