[Samba] PAM Offline Authentication in Ubuntu 22.04...
Rowland Penny
rpenny at samba.org
Wed May 31 08:28:41 UTC 2023
On 31/05/2023 08:54, Marco Gaiarin via samba wrote:
> Mandi! Rowland Penny via samba
> In chel di` si favelave...
>
>> Is there anyway that Ubuntu can stop destroying the users kerberos
>> ticket in /tmp at logout ?
>> I am fairly sure it is required for winbind offline logon.
>
> ...the strange thing is that i'm not forced to logoff to trigger the
> problem: as just stated, it suffices to:
>
> 1) logon (connected)
> 2) shut off the wireless (so, disconnected)
> 3) open a terminal, took 5 minute to present the bash shell prompt with
> an 'unknown user' prompt.
>
> I'm looking at a way to move kerberos ticket file out from /tmp, but still
> does not seem that.
>
I was forced to stop at the point where I discovered that the users
ticket disappeared from /tmp
Coming back to it this morning, I discovered that the ticket
disappearing is a red herring, winbind offline logon is working without
the ticket.
Your problem isn't that winbind offline logon isn't working, it is
something else instead.
There is a big clue in the name 'winbind offline logon', it is a process
that allows 'winbind' when 'offline' to authenticate users and allow
them to 'logon'
Is it possible that something in your setup is trying to connect (and
authenticate) to something external ?
Rowland
More information about the samba
mailing list