[Samba] Bug with winbindd
L.P.H. van Belle
belle at bazuin.nl
Thu Apr 3 04:05:42 MDT 2014
Other question Joffery.
Since im having a lot of troubles setting up Privileges.
Can you test 1 thing for me.
does these work :
net rpc rights list accounts -Uadministrator
and
net rpc rights grant 'YOURDOMAINNAME\Domain Admins' SeDiskOperatorPrivilege -Uadministrator
for the ssh login,
try this : ( debian/ubuntu systems )
cp /etc/pam.d/sshd /etc/pam.d/sshd.original
cat << EOF > /etc/pam.d/sshd
# copy from /etc/pam.d/common-auth - authentication settings common to all services
#
auth sufficient pam_winbind.so
auth [success=1 default=ignore] pam_unix.so nullok_secure use_first_pass
auth requisite pam_deny.so
auth required pam_permit.so
# copy from /etc/pam.d/common-account - authorization settings common to all services
#
account sufficient pam_winbind.so
account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so
account requisite pam_deny.so
account required pam_permit.so
# copy from /etc/pam.d/common-session - session-related modules common to all services
#
session required pam_mkhomedir.so
session required pam_winbind.so
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session required pam_unix.so
EOF
Greetz,
Louis
>-----Oorspronkelijk bericht-----
>Van: jaudin at adista.fr [mailto:samba-bounces at lists.samba.org]
>Namens Joffrey AUDIN
>Verzonden: donderdag 3 april 2014 11:48
>Aan: 'Rowland Penny'; samba at lists.samba.org
>Onderwerp: Re: [Samba] Bug with winbindd
>
>sorry
>I said one subcommand of wbinfo.
>wbinfo si on my FreeBSD domain member.
>The domain controller is the Windows 2012R2 (no wbinfo)
>
>But, I rebooted the Windows Controller and wbinfo -I works on
>the Unix member.
>I need to check why authentification with ssh doesn't work.
>
>'Joffrey
>
>-----Original Message-----
>From: samba-bounces at lists.samba.org
>[mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland Penny
>Sent: jeudi 3 avril 2014 11:37
>To: samba at lists.samba.org
>Subject: Re: [Samba] Bug with winbindd
>
>On 03/04/14 10:30, Joffrey AUDIN wrote:
>> I don't understand
>> Your AD is a Samba server ? In my case, it's a Windows 2012
>R2 server. I don't have the 'wbinfo' command.
>> The problem is with all accounts, not only the administrator.
>>
>> 'Joffrey
>>
>> -----Original Message-----
>> From: samba-bounces at lists.samba.org
>> [mailto:samba-bounces at lists.samba.org] On Behalf Of Rowland Penny
>> Sent: jeudi 3 avril 2014 11:22
>> To: samba at lists.samba.org
>> Subject: Re: [Samba] Bug with winbindd
>>
>> On 03/04/14 09:52, L.P.H. van Belle wrote:
>>> Since i was already testing with winbind also.
>>>
>>> I experiance the same on the MEMBER server.
>>>
>>> wbinfo -D DOMAIN gives nice all info.
>>> wbinfo -i Administrator
>>> or
>>> wbinfo -i DOMAIN\Administrator
>>> failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND
>>>
>>> Did not work, BUT on my DC. ...
>>>
>>> i get :
>>> wbinfo -i Administrator
>>>
>INTERNAL\Administrator:*:0:100::/home/INTERNAL/Administrator:/bin/fal
>>> se
>>>
>>> ( the GID 100 is correct here i did modify that in my AD )
>>>
>>>
>>> Greetz,
>>>
>>> louis
>>>
>>>
>> I will third that, I get exactly the same results
>>
>> Rowland
>>
>This is confused of England here ;-)
>
>You posted:
>
>[quote]
>
>But one fails :
>wbinfo -i administrator
>failed to call wbcGetpwnam: WBC_ERR_DOMAIN_NOT_FOUND Could not
>get info for user administrator
>
>[unquote]
>
>You have now posted:
>
>[quote]
>
>In my case, it's a Windows 2012 R2 server. I don't have the
>'wbinfo' command.
>
>[unquote]
>
>
>First you have used wbinfo, then suddenly you do not have the
>wbinfo command????
>
>Which is it ????
>
>Rowland
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list