[Samba] Fwd: Re: Samba winbind on redhat 7
Edouard Guigné
eguigne at pasteur-cayenne.fr
Fri Jun 21 16:14:53 UTC 2019
oups.. that was the reason
# authconfig --disablesssd --disablesssdauth --enablekrb5
--enablewinbind --enablewinbindauth --enablemkhomedir --update
ssh sftp works now
Thank you very much Rowland.
Le 21/06/2019 à 12:57, Rowland penny via samba a écrit :
> On 21/06/2019 16:49, Edouard Guigné via samba wrote:
>> Yes, I have only one domain.
>>
>> Even after added "winbind use default domain = yes" to smb.cnf, I
>> cannot ssh :
>>
>> /Jun 21 12:43:59 [localhost] sshd[5938]: pam_sss(sshd:auth): Request
>> to sssd failed. Connection refused//
>> //Jun 21 12:43:59 [localhost] sshd[5938]: pam_krb5[5938]: TGT
>> verified using key for 'host/mysambserver at MYDOMAIN.LOCAL'//
>> //Jun 21 12:43:59 [localhost] sshd[5938]: pam_krb5[5938]:
>> authentication succeeds for 'usertest' (usertest at MYDOMAIN.LOCAL)//
>> //Jun 21 12:43:59 [localhost] sshd[5938]: pam_sss(sshd:account):
>> Request to sssd failed. Connection refused//
>> //Jun 21 12:43:59 [localhost] sshd[5938]: pam_winbind(sshd:account):
>> user 'usertest' granted access//
>> //Jun 21 12:43:59 [localhost] sshd[5938]: Failed password for
>> usertest from x.x.x.x port 44090 ssh2//
>> //Jun 21 12:43:59 [localhost] sshd[5938]: fatal: Access denied for
>> user usertest by PAM account configuration [preauth]/
>>
>> The system seem to look first for sssd (pam_sss) and then for
>> pam_winbind, even if I perform before :
>> # authconfig --enablekrb5 --enablewinbind --enablewinbindauth
>> --enablemkhomedir --update
>
> I am not a PAM expert especially on Centos, but reading the authconfig
> man page turns up '--disablesssd' & '--disablesssdauth', so try them.
>
> Rowland
>
>
>
More information about the samba
mailing list