[Samba] SSH SSO without keytab file
L.P.H. van Belle
belle at bazuin.nl
Fri Jan 18 10:20:44 UTC 2019
I actually spent the entire last day getting 'ad' backend to work.
Adding 'idmap config SAMDOM : backend = ad' and related lines in the client's smb.conf results in `getent passwd`
Use : getent passwd username
Check if wbinfo -u works also.
As tip, if you try these.
getent passwd username
wbinfo -u | grep username
If all work and show your usename, then you should be able to login (sso) on ssh.
If your users are only on this server and you dont need to share homedirs.
Then you need mk_homedir in pam also.
To enable, its simple on ubuntu/debian
pam-auth-update --package mkhomedir
And enable mkhomedir ( you can use pam-auth-update --force also )
More information about the samba