Hi Stefan, Thank you for reporting the issue.
Can you please provide additional details how the centrally managed AD user accounts are set up and integrated with PAM? I want to try to reproduce your setup so that I can see the bug occur in practice and try to trace where the failure occurs. We didn't change the UAM code drastically between 3.1 and 4.2. The only immediately relevant change would be a few lines that does additional validation of the PAM account. However those code paths don't match what we see in your logs. These are the changes, in case you want to try reverting them and see if it makes a difference. https://github.com/Netatalk/netatalk/pull/1935 https://github.com/Netatalk/netatalk/pull/1937 Other potential lines of inquiry include: - Some binary has the wrong file system permissions (we switched from Autotools to Meson) - The PAM configuration is wrong or incomplete (/etc/pam.d/netatalk) - A bug in the libpam version in Trixie Looking forward to your answer! Daniel
