[Samba] Unable to join domain

Rob Campbell robcampbell08105 at gmail.com
Fri Oct 15 01:04:20 UTC 2021

I've done some looking around and also found the information you provided.
I did
sudo authselect enable-feature with-mkhomedir
sudo systemctl enable --now oddjobd

And the user is able to log in and the directory is created.  I've been
spinning up different Fedora vms to see if I got the whole process down and
I think I do but I've only tested on 2.  I want to test on this last one
that is configuring now and see what happens.  I wanted to also test the
enterprise login from a new install but that will be for another day.
According to all that I can see, I am able to join the domain so this
thread can be considered closed.  Also, since I am able to also have the
home dir created at login, I'll mention this in that thread and that too
can be considered closed (at least as far as I am concerned).

Thanks so much for all your help.  Now I need to find a Fedora or Gnome
forum to assist with getting the enterprise login to work with my Samba

Quick question, does Debian have an enterprise login desktop environment?

In all things, Be Intentional.

On Thu, Oct 14, 2021 at 5:43 PM Rowland Penny via samba <
samba at lists.samba.org> wrote:

> On Wed, 2021-10-13 at 19:00 -0400, Rob Campbell wrote:
> > > on fedora, I think it is samba-winbind-clients
> > This was already installed.
> >
> > > at one time 'authselect select winbind' would do this, but times
> > change.
> > authselect select winbind
> > [error] [/etc/authselect/system-auth] has unexpected content!
> > [error] [/etc/authselect/nsswitch.conf] has unexpected content!
> > [error] Unexpected changes to the configuration were detected.
> > [error] Refusing to activate profile unless those changes are removed
> > or overwrite is requested.
> >
> > Some unexpected changes to the configuration were detected.
> > Use --force parameter if you want to overwrite these changes.
> >
> > authselect select winbind --force
> > [error] [/etc/authselect/system-auth] has unexpected content!
> > [error] [/etc/authselect/nsswitch.conf] has unexpected content!
> > Backup stored at /var/lib/authselect/backups/2021-10-13-22-52-
> > 26.HHhaHu
> > Profile "winbind" was selected.
> > The following nsswitch maps are overwritten by the profile:
> > - passwd
> > - group
> >
> > Make sure that winbind service is configured and enabled. See winbind
> > documentation for more information.
> >
> > I made backups but I was told to be sure passwd and group was there
> > and had the value of files winbind
> >
> > I'm not running winbind service, I'm running the binary and I'm
> > guessing that's causing problems.
> >
> > > Because he wants to use fedora and was trying to use that distro
> > for a DC.
> > I am using Debian as my DC and Fedora is just a joining member that
> > I'm trying to use as a fileserver
> >
> >
> I now think I understand the problem, fedora supplies various tools to
> configure things, one of which is authselect, from my understanding it
> is supposed to work like this:
> sudo authselect enable-feature with-mkhomedir
> sudo systemctl enable --now oddjobd
> sudo authselect select winbind
> Only problem is that the first one doesn't seem to work, it doesn't add
> mkhomedir to the pam stack, so when you try to login, you get:
> Could not chdir to home directory /home/rowland: No such file or
> directory
> It is further compounded by the pam_oddjob_mkhomedir manpage telling
> you that you need this:
> session optional /lib/security/pam_oddjob_mkhomedir.so
> When it actually requires this:
> session optional /usr/lib64/security/pam_oddjob_mkhomedir.so
> With that in /etc/pam.d/sshd , I could login via ssh and get the
> homedir created.
> I presume something similar is required in other PAM files, but I have
> no idea which and no real inclination to find out.
> Compare this with Debian, install the pam_mkhomedir package and it is
> all done for you.
> Rowland
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list