[Samba] SSH SSO without keytab file

L.P.H. van Belle belle at bazuin.nl
Fri Jan 18 10:20:44 UTC 2019

I actually spent the entire last day getting 'ad' backend to work. 
Adding 'idmap config SAMDOM : backend = ad' and related lines in the client's smb.conf results in `getent passwd` 

Use : getent passwd username 
Check if wbinfo -u works also. 

As tip, if you try these.

id username
getent passwd username 
wbinfo -u | grep username

If all work and show your usename, then you should be able to login (sso) on ssh. 

If your users are only on this server and you dont need to share homedirs. 
Then you need mk_homedir in pam also. 
To enable, its simple on ubuntu/debian 

pam-auth-update --package mkhomedir
And enable mkhomedir ( you can use pam-auth-update --force also ) 



More information about the samba mailing list