[Samba] Linux Active Directory Login
John H Terpstra
jht at samba.org
Tue Nov 18 02:44:45 GMT 2003
On Mon, 17 Nov 2003, Kenneth Savoy wrote:
> Im using Samba 3.0.0 and I am trying to get my Redhat 9 workstations to use
> a Windows 2003 Active Directory server for authentication. Using LDAP for
> auth.
>
> I issue this command net rpc join -S <MYPDCDOMAINNAME> -U <MYADMINACCT>
>
> I get joined the domain <MYDOMAIN>
>
> winbindd does start
>
> I issue wbinfo -u and it shows all the users on the domain.
> I issue wbinfo -g and it shows all the groups on the domain
> I issue getent passwd and it shows all the users in UNIX format
>
> I start smb daemons in this order
> smbd,nmbd,winbindd
>
> I can see the users and groups but I can't login with them. Any suggestions?
> If i do su <user> It returns user does not exist.
Have you configured PAM for winbind?
It's documented in the Samba-HOWTO-Collection.pdf. If you haven't checked
that you can obtain it from:
http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
The chapters you want are called Winbind: Use of Domain Accounts, and PAM:
Distributed Authentication.
If you have already read this, perhaps you can post your /etc/pam.d/login
file.
Cheers,
John T.
>
> My smb.conf and nsswitch.conf are below
>
>
> # Samba config file created using SWAT
> # Global parameters
> [global]
> workgroup = <MYPDCDOMAINNAME>
> netbios name = IBPS12
> server string = clients12
> security = DOMAIN
> password server = <MYPDCDOMAINNAME>
> idmap uid = 10000-20000
> idmap gid = 10000-20000
>
>
> # /etc/nsswitch.conf
>
> # To use db, put the "db" in front of "files" for entries you want to be
> # looked up first in the databases
> #
> # Example:
> #passwd: db files nisplus nis
> #shadow: db files nisplus nis
> #group: db files nisplus nis
>
> passwd: files winbind
> shadow: files
> group: files winbind
>
> #hosts: db files nisplus nis dns
> #hosts: files winbind dns
>
> # Example - obey only what nisplus tells us...
> #services: nisplus [NOTFOUND=return] files
> #networks: nisplus [NOTFOUND=return] files
> #protocols: nisplus [NOTFOUND=return] files
> #rpc: nisplus [NOTFOUND=return] files
> #ethers: nisplus [NOTFOUND=return] files
> #netmasks: nisplus [NOTFOUND=return] files
>
> #bootparams: nis [NOTFOUND=return] files
>
> ethers: files
> netmasks: files
> networks: files
> protocols: files
> rpc: files
> services: files
>
> #netgroup: files nis
>
> #publickey: nis
>
> #automount: nis files
> #aliases: files nis
>
>
--
John H Terpstra
Email: jht at samba.org
More information about the samba
mailing list