[Samba] PAM Offline Authentication in Ubuntu 22.04
Marco Gaiarin
gaio at lilliput.linux.it
Wed Jun 28 09:32:22 UTC 2023
I reply to myself.
>> "idmap config LNFFVG : unix_nss_info = no" in smb.conf ?
> Tried, but nothing changed. My current [global] section is:
Bingo! If i set:
> idmap config lnffvg : unix_nss_info = no
AND
> idmap config lnffvg : unix_primary_group = no
Things start to work; i mean 'start' because effectively a disconnection of
the laptop basic nss survive (eg, i can do 'id gaio' and i get some output),
but still if i lock the screen, i cannot login back anymore (due to
timeouts, i suppose; it is a bit hard to debug a disconnected laptop... ;-).
I've also reboot, and in logon screen GDM say me that i'm logging in with a
cached credential (wow!), but after 15 minutes i was still logging in,
screen saver start and so i was back to login screen.
This lead to me to the considerations:
1) winbind offline logon work only in 'rid' mode, or at least does NOT work
in rfc2307 mode.
2) i think this is a bug...
Andrew, what do you think?
--
I'm old enough to remember when the Internet wasn't a group of
five websites, each consisting of screenshots of text from
the other four. (Tom Eastman)
More information about the samba
mailing list