SLED – domain user failed to authenticate to AD domain

This document (7000863) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Desktop 10 (i586) SP1

Situation

The initial join to the AD domain works.
Later authentications to the AD domain work.
Later authenticating the same user to the same domain fails.

Resolution

When authenticating to the domain fails:
- if you open a terminal on the SLED workstation and switch to the root user
- go to /var/lib/samba/
- mv winbindd_cache.tdb winbindd_cache.tdb.bk
- mv winbindd_idmap.tdb winbindd_idmap.tdb.bk
- reboot the workstation
- rejoin the domain
- roboot the workstation
- authenticate to the domain.

If this is works then there was data corruption in the .tdb files.

You can avoid this data corruption in the future by adding the line,
use mmap=no
to the /etc/samba/smb.conf file in the global section.
After doing so save the smb.conf file and restart Samba. (rcsmbd restart)

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.