[Samba] Samba winbind on redhat 7
Rowland penny
rpenny at samba.org
Fri Jun 21 15:21:02 UTC 2019
On 21/06/2019 15:39, Edouard Guigné via samba wrote:
> Hello,
>
> I am facing 2 issues now.
> The first one is the more critical for me...
>
> 1. When I switch from sssd to winbind with :
> # authconfig --enablekrb5 --enablewinbind --enablewinbindauth
> --enablemkhomedir --update
>
> My sftp access did not work. Does it change the way to pass the login ?
> I used to connect in sftp with userlogin / userpassword
>
> //var/log/secure ://
> /
>
> /Jun 21 11:08:31 [localhost] sshd[17379]: Invalid user sftpuser from
> x.x.x.x port 50187//
> //Jun 21 11:08:31 [localhost] sshd[17379]: input_userauth_request:
> invalid user sftpuser [preauth]//
> //Jun 21 11:08:31 [localhost] sshd[17379]: pam_unix(sshd:auth): check
> pass; user unknown//
> //Jun 21 11:08:31 [localhost] sshd[17379]: pam_unix(sshd:auth):
> authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
> rhost=myhost.mydomain.fr//
> //Jun 21 11:08:32 [localhost] sshd[17379]: Failed password for invalid
> user sftpusert from x.x.x.x port 50187 ssh2/
>
> Do I need now to pass MYDOMAIN\userlogin / userpassword or something
> like that ?
> How can I check the correct syntax ?
> I would like to use userlogin / userpassword for sftp access.
>
Do you only have one domain and no trusted domains ?
If so add this line to smb.conf and restart Samba:
winbind use default domain = yes
This will change 'MYDOMAIN\userlogin' to just 'userlogin'
There is one gotcha though, it does not work on a Samba AD DC.
Rowland
More information about the samba
mailing list