[Samba] pam doesn't work.
Rowland penny
rpenny at samba.org
Mon Mar 2 10:46:30 UTC 2020
On 02/03/2020 09:54, Edson Wolf via samba wrote:
> pam doesn't work.
>
> Samba Version 4.12.0rc4
>
> openSUSE Leap 15.2
>
> ./configure --with-ads --systemd-install-services
> --with-shared-modules=idmap_ad --enable-debug --enable-selftest
> --with-systemd
If that was your configure line, why did Samba end up in /opt/samba4 and
not in the default /usr/local/samba ?
> # Global parameters
> [global]
> dns forwarder = 172.16.0.1
> netbios name = WNETIN
> realm = WNETINFO.LAN
> server role = active directory domain controller
> workgroup = WNETINFO
> idmap_ldb:use rfc2307 = yes
>
> ###Winbind
> template shell = /bin/bash
> template homedir = /home/%U
> winbind use default domain = true
> winbind offline logon = false
> winbind nss info = rfc2307
> winbind enum users = yes
> winbind enum groups = yes
Remove the winbind lines, they do nothing on a DC or just slow things
down. You can temporarily leave the last two until you are sure
everything works, then remove them.
> passwd: compat winbind
> group: compat winbind
> shadow: compat
> hosts: files mdns_minimal [NOTFOUND=return] dns
Try it like this:
hosts: files dns
> ln -s /op/samba/lib/libnss_winbind.so.2 /lib64/
> ln -s /lib64/libnss_winbind.so.2 /lib64/libnss_winbind.so
> ldconfig
You missed one:
ln -s /opt/samba4/lib/security/pam_winbind.so /lib64/security/
Is 'ln -s /op/samba/' a typo ?
>
> Tests
>
>
> wnetin:~ # getent group "WNETINFO\\Domain Users"
> wnetin:~ # getent passwd "WNETINFO\\user"
No, either "WNETINFO\Domain Users" or WBNETINFO\\Domain\ Users
> wnetin:~ # getent passwd
> root:x:0:0:root:/root:/bin/bash
> ......
> WNETINFO\administrator:*:0:100::/home/administrator:/bin/bash
> WNETINFO\guest:*:3000012:100::/home/guest:/bin/bash
> WNETINFO\krbtgt:*:3000018:100::/home/krbtgt:/bin/bash
> WNETINFO\jose:*:3000019:100::/home/jose:/bin/bash
> WNETINFO\user:*:3000021:100::/home/user:/bin/bash
Am I missing something here, that shows that getent works.
> wnetin:~ # getent group
> root:x:0:
> .......
> BUILTIN\administrators:x:3000000:
> BUILTIN\users:x:3000009:
> BUILTIN\guests:x:3000011:
Again, it works
> wnetin:~ # id user
> id: "user": usuário inexistente
How did you create the user 'user'
Rowland
More information about the samba
mailing list