Rowland penny
2021-Feb-24 10:54 UTC
[Samba] How do I join an Centos8 workstation to an NT4 domain?
On 24/02/2021 10:25, Nick Howitt via samba wrote:> > Is there a way to leave a domain with "net ..." so I can test a > rejoin? I added the 'wins server' line to smb.conf and the join went > OK without specifying the -S, but it was already joined at that point.Yes, just replace 'join' with 'leave'> > I've made the nsswitch.conf changes but still cannot log in as domain > user as password validation fails: > > Feb 24 10:10:48 proxmox106 gdm-password][3498]: > pam_unix(gdm-password:auth): check pass; user unknown > Feb 24 10:10:48 proxmox106 gdm-password][3498]: > pam_unix(gdm-password:auth): authentication failure; logname= uid=0 > euid=0 tty=/dev/tty1 ruser= rhost> Feb 24 10:10:48 proxmox106 gdm-password][3498]: gkr-pam: error looking > up user information > Feb 24 10:10:59 proxmox106 gdm-password][3503]: > pam_unix(gdm-password:auth): check pass; user unknown > Feb 24 10:10:59 proxmox106 gdm-password][3503]: > pam_unix(gdm-password:auth): authentication failure; logname= uid=0 > euid=0 tty=/dev/tty1 ruser= rhost> Feb 24 10:10:59 proxmox106 gdm-password][3503]: gkr-pam: error looking > up user informationDo you have samba-winbind-clients installed ?> > Do I now need to adjust the pam configuration. Again the notes I have > suggest so but the files mentioned don't exist in Centos 8.Not really a Centos user, but I think you need to run 'authselect select winbind with-mkhomedir' Rowland
Nick Howitt
2021-Feb-24 12:11 UTC
[Samba] How do I join an Centos8 workstation to an NT4 domain?
On 24/02/2021 10:54, Rowland penny via samba wrote:> > On 24/02/2021 10:25, Nick Howitt via samba wrote: >> >> Is there a way to leave a domain with "net ..." so I can test a >> rejoin? I added the 'wins server' line to smb.conf and the join went >> OK without specifying the -S, but it was already joined at that point. > > > Yes, just replace 'join' with 'leave' > >> >> I've made the nsswitch.conf changes but still cannot log in as domain >> user as password validation fails: >> >> Feb 24 10:10:48 proxmox106 gdm-password][3498]: >> pam_unix(gdm-password:auth): check pass; user unknown >> Feb 24 10:10:48 proxmox106 gdm-password][3498]: >> pam_unix(gdm-password:auth): authentication failure; logname= uid=0 >> euid=0 tty=/dev/tty1 ruser= rhost>> Feb 24 10:10:48 proxmox106 gdm-password][3498]: gkr-pam: error looking >> up user information >> Feb 24 10:10:59 proxmox106 gdm-password][3503]: >> pam_unix(gdm-password:auth): check pass; user unknown >> Feb 24 10:10:59 proxmox106 gdm-password][3503]: >> pam_unix(gdm-password:auth): authentication failure; logname= uid=0 >> euid=0 tty=/dev/tty1 ruser= rhost>> Feb 24 10:10:59 proxmox106 gdm-password][3503]: gkr-pam: error looking >> up user information > > > Do you have samba-winbind-clients installed ?I didn't but I do now.> >> >> Do I now need to adjust the pam configuration. Again the notes I have >> suggest so but the files mentioned don't exist in Centos 8. > > > Not really a Centos user, but I think you need to run 'authselect select > winbind with-mkhomedir'With your prompting, I found another reference. It needed a --force as well. So now PAM passes when I login at the desktop but it just throws me back to the desktop and no /home is set up for any user. If I manually clone my old local user's /home to the domain user and change the ownerships it does not help so I must be missing something here. Setting "template homedir = /home/%U" doesn't seem to help (and, I'd guess, would not give it the full desktop template). Getting closer. "net leave" and "net rpc leave" both just give me the command help. Nick