Rowland,
I looked at Samba wiki, but it doesn't helped me as I wanted, maybe I'm
doing something wrong.
This is what I tried to do:
yum install pam*
./configure.developer --with-pam
make && make install
ln -s /usr/local/samba/lib/libnss_winbind.so.2 /lib64/libnss_winbind.so
ln -s /lib64/libnss_winbind.so /lib64/libnss_winbind.so.2
modified my nsswitch.conf
passwd: files winbind
group: files winbind
shadow: files
my smb.conf:
# Global parameters
[global]
netbios name = DEVLUCAS1
realm = LUCAS.UFES.BR
workgroup = LUCAS
server role = active directory domain controller
winbind use default domain = Yes
winbind cache time = 300
winbind reconnect delay = 30
winbind enum groups = Yes
#winbind use default domain = Yes
template shell = /home/U%
[netlogon]
path = /usr/local/samba/var/locks/sysvol/lucas.ufes.br/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
ln -s /usr/local/samba/lib/security/pam_winbind.so /lib/security
added in /etc/pam.d/system-auth:
auth sufficient pam_winbind.so
account sufficient pam_winbind.so
session required pam_mkhomedir.so
session required pam_winbind.so
I don't know what to do next, or what I should had to do. I only know that
my domain users aren't listed by getent passwd and I can't authenticate
them.
Lucas
On Wed, 4 Jan 2017 11:30:43 +0000
Lukz Ferris via samba <samba at lists.samba.org> wrote:
> Hello everyone,
>
>
> I'm trying to use winbind, but my winbind entries aren't listed by
> getent passwd. I searched many tutorials, but all of them was useless
> to me. Anyone know a good tutorial to install and use winbind in
> Centos 6.8?
>
>
>
> Lucas
Have you looked at the Samba wiki ?
https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
Setting up Samba as a Domain Member -
SambaWiki<https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member>
wiki.samba.org
Introduction. A Samba domain member is a Linux machine joined to a domain that
is running Samba and does not provide domain services, such as an NT4 primary
domain ...
It might help if you posted the smb.conf you are using.
Rowland
Your smb.conf is for a Domain Controller. Winbind is meant to run on member servers. You are setting up a domain controller or you are joining this samba to an existing domain? Em 04/01/2017 10:25, Lukz Ferris via samba escreveu:> Rowland, > > > I looked at Samba wiki, but it doesn't helped me as I wanted, maybe I'm doing something wrong. > > > This is what I tried to do: > > yum install pam* > > > ./configure.developer --with-pam > > > make && make install > > > ln -s /usr/local/samba/lib/libnss_winbind.so.2 /lib64/libnss_winbind.so > > ln -s /lib64/libnss_winbind.so /lib64/libnss_winbind.so.2 > > > modified my nsswitch.conf > > passwd: files winbind > group: files winbind > shadow: files > > my smb.conf: > > # Global parameters > [global] > netbios name = DEVLUCAS1 > realm = LUCAS.UFES.BR > workgroup = LUCAS > server role = active directory domain controller > > winbind use default domain = Yes > winbind cache time = 300 > winbind reconnect delay = 30 > winbind enum groups = Yes > #winbind use default domain = Yes > template shell = /home/U% > > [netlogon] > path = /usr/local/samba/var/locks/sysvol/lucas.ufes.br/scripts > read only = No > > [sysvol] > path = /usr/local/samba/var/locks/sysvol > read only = No > > ln -s /usr/local/samba/lib/security/pam_winbind.so /lib/security > > added in /etc/pam.d/system-auth: > > auth sufficient pam_winbind.so > account sufficient pam_winbind.so > session required pam_mkhomedir.so > session required pam_winbind.so > > > I don't know what to do next, or what I should had to do. I only know that my domain users aren't listed by getent passwd and I can't authenticate them. > > > > > Lucas > > > > > > On Wed, 4 Jan 2017 11:30:43 +0000 > Lukz Ferris via samba <samba at lists.samba.org> wrote: > >> Hello everyone, >> >> >> I'm trying to use winbind, but my winbind entries aren't listed by >> getent passwd. I searched many tutorials, but all of them was useless >> to me. Anyone know a good tutorial to install and use winbind in >> Centos 6.8? >> >> >> >> Lucas > Have you looked at the Samba wiki ? > > https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member > > Setting up Samba as a Domain Member - SambaWiki<https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member> > wiki.samba.org > Introduction. A Samba domain member is a Linux machine joined to a domain that is running Samba and does not provide domain services, such as an NT4 primary domain ... > > > > > It might help if you posted the smb.conf you are using. > > Rowland-- Vinicius Silva SOC BRA: + 55 51 2117.1000 | 55 11 5521.2021 USA: + 1 888 259.5801 vbs at e-trust.com.br skype: vinicius.bones.silva Smiley face www.e-trust.com.br <http://www.e-trust.com.br/> Esta mensagem pode conter informações confidenciais ou privilegiadas. Se você recebeu esta mensagem por engano, você não deve usar, copiar, divulgar ou tomar qualquer atitude com base nestas informações. Solicitamos que você apague a mensagem imediatamente e avise a E-TRUST, enviando um e-mail para suporte at e-trust.com.br. Opiniões, conclusões ou informações contidas nesta mensagem não necessariamente refletem a posição oficial da E-TRUST. Caso assinada digitalmente, a autenticidade desta mensagem pode ser confirmada pela Autoridade Certificadora Privada E-TRUST, disponível em www.e-trust.com.br. This message may contain privileged and confidential information for the use of the intended recipients only. If you are not an intended recipient then you should not disseminate, copy, or take any action based on its contents. If you have received this message in error then please notify E-TRUST by sending an e-mail message to suporte at e-trust.com.br immediately. Views and opinions expressed in this message do not necessarily reflect the position of E-TRUST. If this message is digitally signed, its authenticity can be confirmed by E-TRUST Private Certificate Authority, available at www.e-trust.com.br.
On Wed, 4 Jan 2017 12:25:29 +0000 Lukz Ferris via samba <samba at lists.samba.org> wrote:> Rowland, > > > I looked at Samba wiki, but it doesn't helped me as I wanted, maybe > I'm doing something wrong. > > > This is what I tried to do: > > yum install pam* > > > ./configure.developer --with-pam./configure would have been enough> > > make && make install > > > ln > -s /usr/local/samba/lib/libnss_winbind.so.2 /lib64/libnss_winbind.so > > ln -s /lib64/libnss_winbind.so /lib64/libnss_winbind.so.2 > > > modified my nsswitch.conf > > passwd: files winbind > group: files winbind > shadow: files > > my smb.conf: > > # Global parameters > [global] > netbios name = DEVLUCAS1 > realm = LUCAS.UFES.BR > workgroup = LUCAS > server role = active directory domain controller > > winbind use default domain = Yes > winbind cache time = 300 > winbind reconnect delay = 30 > winbind enum groups = Yes > #winbind use default domain = Yes > template shell = /home/U% > > [netlogon] > path = /usr/local/samba/var/locks/sysvol/lucas.ufes.br/scripts > read only = No > > [sysvol] > path = /usr/local/samba/var/locks/sysvol > read only = NoI would remove the winbind lines, they either don't do anything or are defaults.> > ln -s /usr/local/samba/lib/security/pam_winbind.so /lib/security > > added in /etc/pam.d/system-auth: > > auth sufficient pam_winbind.so > account sufficient pam_winbind.so > session required pam_mkhomedir.so > session required pam_winbind.soHave a look here: https://wiki.samba.org/index.php/Authenticating_Domain_Users_Using_PAM Rowland
On Wed, 4 Jan 2017 10:39:03 -0200 Vinicius Bones Silva via samba <samba at lists.samba.org> wrote:> Your smb.conf is for a Domain Controller. Winbind is meant to run on > member servers.Well, yes and no ;-) Yes as in you shouldn't try to manually start winbindd on a DC No as in the 'samba' binary on a DC automatically starts winbindd Rowland