[Samba] How to join join Ubuntu desktop to AD
lingpanda101
lingpanda101 at gmail.com
Tue Dec 13 19:57:59 UTC 2016
On 12/12/2016 3:27 PM, lingpanda101 wrote:
> On 12/11/2016 8:59 AM, Brian Candler via samba wrote:
>> On 10/12/2016 16:25, Brian Candler wrote:
>>> I think there's plenty of emphasis now, but I think there is a part
>>> which is misleading:
>>>
>>> > To enable Samba to retrieve user and group information from Active
>>> Directory (AD):
>>> >
>>> > * Users must have at least the uidNumber and groups the gidNumber
>>> attribute set.
>>
>> I'm so sorry: I misread this as "Users must have at least the
>> uidNumber and gidNumber attribute set", which is of course *not* what
>> it says. Hence the text is accurate (if you read it correctly); it's
>> my brain which is at fault.
>>
>> I do still think that the alternative text I gave is clearer - for my
>> brain anyway :-)
>>
>> Regards,
>>
>> Brian.
>>
>>
>
> OK finally solved. Added to my smb.conf
>
> 'winbind use default domain = yes'
>
> Disabling Avahi and using the above was the issue. Next to attempt
> actually signing in from the login screen and not via. SSH.
>
>
>
Following the wiki and I'm stuck at 'Authenticating Domain Users Using
PAM'. I see the section
If you have compiled Samba, you need to add a symbolic links.
Seepam_winbind Link
<https://wiki.samba.org/index.php/Pam_winbind_Link>for OS specific
information, where to place it.
If I follow the link it appears to take me to a page similar to
'libnss_winbind' linking. I don't see any difference. I ran
'pam-auth-update' and made sure to enable Winbind NT/Active Directory
authentication. I did not manually edit pam config files. If I attempt
to login with a domain account I get
user1 at DR210:/$ su domainuser
Password:
su: Authentication failure
Any ideas? Thanks.
--
- James
More information about the samba
mailing list