[Samba] Re: samba with ADS. winbindd ignore for user authentication
rdieter at math.unl.edu
Wed Oct 19 17:49:14 GMT 2005
Oliver Neubauer wrote:
> I'm trying to set up samba using ADS for authentication.
> I can successfully join the samba machine to the domain. Windows hosts
> can "see" the samba machine.
> After successfully joining, doing:
> # wbinfo -u
> shows me ADS-defined users. Same goes for groups.
> However, when I try and assign one of those users ownership of a file, I
> # chown user1 /tmp/test
> chown: test1: illegal user name
> even though that user is a valid AD user.
You need to configure pam to use nss_winbind, see
for example, my /etc/pam.d/system-auth contains references to pam_winbind:
auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
account [default=bad success=ok user_unknown=ignore]
password sufficient /lib/security/$ISA/pam_winbind.so use_authtok
More information about the samba