Nick Howitt
2021-Feb-24 12:11 UTC
[Samba] How do I join an Centos8 workstation to an NT4 domain?
On 24/02/2021 10:54, Rowland penny via samba wrote:> > On 24/02/2021 10:25, Nick Howitt via samba wrote: >> >> Is there a way to leave a domain with "net ..." so I can test a >> rejoin? I added the 'wins server' line to smb.conf and the join went >> OK without specifying the -S, but it was already joined at that point. > > > Yes, just replace 'join' with 'leave' > >> >> I've made the nsswitch.conf changes but still cannot log in as domain >> user as password validation fails: >> >> Feb 24 10:10:48 proxmox106 gdm-password][3498]: >> pam_unix(gdm-password:auth): check pass; user unknown >> Feb 24 10:10:48 proxmox106 gdm-password][3498]: >> pam_unix(gdm-password:auth): authentication failure; logname= uid=0 >> euid=0 tty=/dev/tty1 ruser= rhost>> Feb 24 10:10:48 proxmox106 gdm-password][3498]: gkr-pam: error looking >> up user information >> Feb 24 10:10:59 proxmox106 gdm-password][3503]: >> pam_unix(gdm-password:auth): check pass; user unknown >> Feb 24 10:10:59 proxmox106 gdm-password][3503]: >> pam_unix(gdm-password:auth): authentication failure; logname= uid=0 >> euid=0 tty=/dev/tty1 ruser= rhost>> Feb 24 10:10:59 proxmox106 gdm-password][3503]: gkr-pam: error looking >> up user information > > > Do you have samba-winbind-clients installed ?I didn't but I do now.> >> >> Do I now need to adjust the pam configuration. Again the notes I have >> suggest so but the files mentioned don't exist in Centos 8. > > > Not really a Centos user, but I think you need to run 'authselect select > winbind with-mkhomedir'With your prompting, I found another reference. It needed a --force as well. So now PAM passes when I login at the desktop but it just throws me back to the desktop and no /home is set up for any user. If I manually clone my old local user's /home to the domain user and change the ownerships it does not help so I must be missing something here. Setting "template homedir = /home/%U" doesn't seem to help (and, I'd guess, would not give it the full desktop template). Getting closer. "net leave" and "net rpc leave" both just give me the command help. Nick
Rowland penny
2021-Feb-24 13:12 UTC
[Samba] How do I join an Centos8 workstation to an NT4 domain?
On 24/02/2021 12:11, Nick Howitt via samba wrote:> >> >> Not really a Centos user, but I think you need to run 'authselect >> select winbind with-mkhomedir' > With your prompting, I found another reference. It needed a --force as > well. > > So now PAM passes when I login at the desktop but it just throws me > back to the desktop and no /home is set up for any user. If I manually > clone my old local user's /home to the domain user and change the > ownerships it does not help so I must be missing something here. > Setting "template homedir = /home/%U" doesn't seem to help (and, I'd > guess, would not give it the full desktop template). Getting closer.You do not have a 'template homedir' line in your smb.conf, so yo will be using the default '/home/%D/%U' , so does '/home/HOME' exist ? Also do you have the oddjob-mkhomedir package installed ?> > "net leave" and "net rpc leave" both just give me the command help.It has been so long since I used an NT4-style domain, that I forgot there is no 'leave' like there is in AD. Rowland