Hoping this is not too far OT, since it is really a samba/.winbind/ads question. But the implementation is on FC3, so I'm hoping that maybe some FC users can tell me what is wrong here. To make one thing clear, I'm trying to log into the local FC machine, but get authenticated by an Active Directory domain controller (running Win2K3) I've got what would SEEM to be a working configuration where my FC3 machine has joined an Active Directory domain, and winbind is working. I've configured krb5.conf, smb.conf and nsswitch.conf, and /etc/pam.d/login. "getent passwd" returns an integrated list of user accounts, e.g. accounts on the local FC machine, as well as user accounts from the Win2k3 Active Directory domain controller. The only thing odd I see whenever I enumerate the winbind users is that I don't see the domain prefix, I only see the user name. E.g., instead of seeing something like DOMAIN+userid I just see "userid" in the enumerated lists. In all other winbind configurations I've done -- on RH9 and Mandrake -- I would see the domain prefix, and I would log into the local machine using "DOMAIN+userid" and the password from the Active Directory account. Is the lack of the DOMAIN prefix when I enumerate the winbind user lists a clue to what may be wrong? I've tried specifiying specific separaters (like "/") in smb.conf, and have tried all possible variations for a userid when trying to log into the local FC machine. But the result is always the same: invalid userid or password. Since I know the user account is in the integrated passwd file, I'm left to conclude that something is not working right in the winbind auth process. But what? TIA for any ideas.
