[Samba] PAM Offline Authentication in Ubuntu 22.04
rpenny at samba.org
Fri Jun 23 17:15:22 UTC 2023
On 23/06/2023 17:04, Marco Gaiarin via samba wrote:
> Mandi! Rowland Penny via samba
> In chel di` si favelave...
>> As most of what was in /run/samba is now in /var/cache/samba and
>> survives a reboot, I therefore feel it is a safe assumption that
>> something in /run/samba is required for offline logon, 'gencache.tdb' ?
> OK, i supposed also that (please, restore that on wiki), but as just stated
> i've not a problem with reboot... ;-)
I planned to, just waiting to here from you, but now ?
Are you saying that without the lockdir line in your smb.conf, offline
logon works for you after a reboot, because it doesn't for me.
>> I still think that dns has a place in this somewhere, I have an
>> /etc/hosts file that looks like this:
> I'm still using my 'old' DNS and DHCP setup, and DHCP server does not assign
> the AD domain to client (for windows cliend it is not needed: thay have the
> AD domain dns suffix as predefined by default, after joined).
I was using the dhcp server on my router and this was either sending no
dns domain or the wrong one. I have now set up a new dhcp server on one
of my DC's and this is sending the correct domain information.
> Also, as just stated, previous Ubuntu 16.04 worked perfectly with the same
> dns setup, so probably it is not the culprit.
There are a very lot of differences between dns on 16.04 and 22.04.
There is also the fact that Active directory has a large dependency on dns.
>> If I run the following commands when connected to the network, I get the
>> expected output:
> Also trying to fiddle with /etc/hosts and /etc/hostname, i was not able to
> print the domain, eg:
>> hostname -d
>> hostname -f
> i get empty result (hostname -f return the host).
Then I would suggest you need to fix this, easiest way is to add the
information to the 127.0.1.1 line in /etc/hosts
> I've tried to disable DHCP and setup manual network connectivity (cabled)
> using domain DNS (DCs)
> Nothing changed.
If you just changed from a dhcp supplied IP to a fixed IP without
setting up anything else, then I think this is to be expected.
> If network is connected, all works as expected; if i disconnect cable, all
> (logon, a simple 'id gaio', ...) stop instantly to work...
> I'm starting to get a bit desperate...
Now I know just how you have your dns setup, I will try and emulate it
over the weekend and see what happens.
More information about the samba