[Samba] Unable to ssh to dc

Rob Campbell robcampbell08105 at gmail.com
Tue Jun 13 19:19:00 UTC 2023 

 kinit newtestuser
kinit: Cannot find KDC for realm "HOME.ROB-CAMPBELL.LAN" while getting
initial credentials

What OS are you running ?
>
Debian 11

> Does the directory /home/newtestuser exist ?

It does not

> Or do you need to get your
> distro to create it at the users first logon ?
>
It is created on first logon.

>
> Also have you checked if winbind is actually running:
> ps ax | grep 'winbind'
>
 root     3390186  0.0  0.0 132728 27688
<http://voice.google.com/calls?a=nc,%2B13272827688>?        S    14:09
0:00 samba: task[winbindd] pre-fork master
root     3390193  0.0  0.1 136804 55000 ?        Ss   14:09   0:00
/usr/sbin/winbindd -D --option=server role check:inhibit=yes --foreground
root     3390225  0.0  0.1 137204 43392 ?        S    14:09   0:00
winbindd: domain child [HOME]
root     3390234  0.0  0.1 136804 37376 ?        S    14:09   0:00
winbindd: idmap child
root     3390326  0.0  0.1 136896 39712 ?        S    14:10   0:00
winbindd: domain child [BUILTIN]
root     3403087  0.0  0.0   6372   712 pts/0    S+   15:16   0:00 grep
--color=auto -E winbind

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In all things, Be Intentional.


On Tue, Jun 13, 2023 at 2:47 PM Rowland Penny via samba <
samba at lists.samba.org> wrote:

>
>
> On 13/06/2023 19:08, Rob Campbell via samba wrote:
> >>
> >> Before we get really involved here, can we just check it isn't something
> >> easy.
> >> By default a Samba AD DC has this default line (it is there, even if it
> >> doesn't show in your smb.conf):
> >>
> >> template shell = /bin/false
> >>
> >> With that, you cannot logon as a domain user
> >>
> >> So you need to set something like:
> >>
> >> template shell = /bin/bash
> >>
> >
> > Prior to my last email, it didn't have a template shell variable at all
> so
> > I added
> > template shell = /bin/bash
> > template homedir = /home/%U
> >
> > I then restarted samba and I was still unable to ssh in. I then added the
> > two packages and I was able to getent passwd newtestuser but still unable
> > to ssh in.  I can ssh in with a local user account but I think I
> mentioned
> > that already.
>
> What OS are you running ?
> Does the directory /home/newtestuser exist ? Or do you need to get your
> distro to create it at the users first logon ?
>
> Also have you checked if winbind is actually running:
> ps ax | grep 'winbind'
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

More information about the samba mailing list