[Samba] pam_winbind stops working when use_krb5 is enabled

Rowland penny rpenny at samba.org
Fri Feb 26 09:28:34 UTC 2021

On 26/02/2021 06:22, cn--- via samba wrote:
> Hello Tim,
> I can confirm that joining with Samba works on Centos 8. We have 5 DCs 
> and member servers running on 8.
> The only thing I have run after the join is this:
> authselect select winbind --force
> in nsswitch.conf I have this then:
> passwd:     files winbind systemd
> group:      files winbind systemd
> And it works.
> I can log in using krb by ssh. SMB works by krb also.
> Successful AuthZ: [SMB2,krb5] user [DOMAIN-02]\[XX] 
> However, I am not sure how this all works together.

If you have got Samba working with kerberos on Centos 8, then you did 
better than me. I tested a Domain member on Centos 8 which worked, but 
there was no kerberos until I built the Centos 7 pam_krb5 package.


More information about the samba mailing list