[Samba] Problem with PAM/SSSD/SAMBA4.1.2
samba at nmedien.de
Thu Nov 28 04:21:11 MST 2013
I hope that I am not totally wrong when asking this on a Samba list, but
as I followed a tutorial found at the SAMBA wiki I hope I can find
someone how is able to help me.
My goal is to set up a server acting as a SAMBA AD Server with single
sign on for linux users.
I use a Ubuntu Server 13.10 as the base. On top of this I installed a
SAMBA 4.1.2 from GIT, did provisioning, Kerberos installation and so on.
This part seems to work. I can connect a Windows 7 Client to the domain
and work with MS rsat tools on the SAMBA server.
After that I installed SSSD with
apt-get install sssd sssd-tools
and configured this package as found on
getnet passwd and getent group do what they should (after adding posix
stuff to groups and users with RSAT)
I did not change anything with any pam configuration as i think that dpk
should do the job when libpam-sss and libnss-sss were installed.
Checking /etc/pam.d/* files show more or less the same as shown in the
When I try to connect with ssh to the server I can not do this
(Permission denied, please try again.). On the server I found in
/var/log/auth the following:
Nov 28 12:17:44 ad-server sshd: pam_unix(sshd:auth):
authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
Nov 28 12:17:44 ad-server sshd: pam_sss(sshd:auth): authentication
failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=walhalla-2.fritz.box
Nov 28 12:17:44 ad-server sshd: pam_sss(sshd:auth): received for
user administrator: 9 (Authentication service cannot retrieve
Nov 28 12:17:46 ad-server sshd: Failed password for administrator
from fd00::ca60:ff:fe14:986f port 57260 ssh2
Does anybody have an idea.
More information about the samba