[Samba] How do I join an Centos8 workstation to an NT4 domain?
Nick Howitt
nick at howitts.co.uk
Wed Feb 24 12:11:15 UTC 2021
On 24/02/2021 10:54, Rowland penny via samba wrote:
>
> On 24/02/2021 10:25, Nick Howitt via samba wrote:
>>
>> Is there a way to leave a domain with "net ..." so I can test a
>> rejoin? I added the 'wins server' line to smb.conf and the join went
>> OK without specifying the -S, but it was already joined at that point.
>
>
> Yes, just replace 'join' with 'leave'
>
>>
>> I've made the nsswitch.conf changes but still cannot log in as domain
>> user as password validation fails:
>>
>> Feb 24 10:10:48 proxmox106 gdm-password][3498]:
>> pam_unix(gdm-password:auth): check pass; user unknown
>> Feb 24 10:10:48 proxmox106 gdm-password][3498]:
>> pam_unix(gdm-password:auth): authentication failure; logname= uid=0
>> euid=0 tty=/dev/tty1 ruser= rhost=
>> Feb 24 10:10:48 proxmox106 gdm-password][3498]: gkr-pam: error looking
>> up user information
>> Feb 24 10:10:59 proxmox106 gdm-password][3503]:
>> pam_unix(gdm-password:auth): check pass; user unknown
>> Feb 24 10:10:59 proxmox106 gdm-password][3503]:
>> pam_unix(gdm-password:auth): authentication failure; logname= uid=0
>> euid=0 tty=/dev/tty1 ruser= rhost=
>> Feb 24 10:10:59 proxmox106 gdm-password][3503]: gkr-pam: error looking
>> up user information
>
>
> Do you have samba-winbind-clients installed ?
I didn't but I do now.
>
>>
>> Do I now need to adjust the pam configuration. Again the notes I have
>> suggest so but the files mentioned don't exist in Centos 8.
>
>
> Not really a Centos user, but I think you need to run 'authselect select
> winbind with-mkhomedir'
With your prompting, I found another reference. It needed a --force as well.
So now PAM passes when I login at the desktop but it just throws me back
to the desktop and no /home is set up for any user. If I manually clone
my old local user's /home to the domain user and change the ownerships
it does not help so I must be missing something here. Setting "template
homedir = /home/%U" doesn't seem to help (and, I'd guess, would not give
it the full desktop template). Getting closer.
"net leave" and "net rpc leave" both just give me the command help.
Nick
More information about the samba
mailing list