Nick Howitt
2021-Feb-24 17:09 UTC
[Samba] How do I join an Centos8 workstation to an NT4 domain?
On 24/02/2021 13:12, Rowland penny via samba wrote: One pint of blood donated later ....> > On 24/02/2021 12:11, Nick Howitt via samba wrote: >> >>> >>> Not really a Centos user, but I think you need to run 'authselect >>> select winbind with-mkhomedir' >> With your prompting, I found another reference. It needed a --force as >> well. >> >> So now PAM passes when I login at the desktop but it just throws me >> back to the desktop and no /home is set up for any user. If I manually >> clone my old local user's /home to the domain user and change the >> ownerships it does not help so I must be missing something here. >> Setting "template homedir = /home/%U" doesn't seem to help (and, I'd >> guess, would not give it the full desktop template). Getting closer. > > > You do not have a 'template homedir' line in your smb.conf, so yo will > be using the default '/home/%D/%U' , so does '/home/HOME' exist ?> For the moment I have set "template homedir = /home/%U". I have a suspicion why the documentation says "template homedir = /home/%D/%U", so data loss is avoided if an account already exists, but it is not a problem on my test set up so I've left it simple. Either way /home/HOME exists> Also do you have the oddjob-mkhomedir package installed ?> yes>> >> "net leave" and "net rpc leave" both just give me the command help. > > > It has been so long since I used an NT4-style domain, that I forgot > there is no 'leave' like there is in AD. >NP. I'll do a full test of the process by rolling back the VM anyway. Nick
On 24/02/2021 17:09, Nick Howitt via samba wrote:> > > > On 24/02/2021 13:12, Rowland penny via samba wrote: > > One pint of blood donated later .... > >> >> On 24/02/2021 12:11, Nick Howitt via samba wrote: >>> >>>> >>>> Not really a Centos user, but I think you need to run 'authselect >>>> select winbind with-mkhomedir' >>> With your prompting, I found another reference. It needed a --force >>> as well. >>> >>> So now PAM passes when I login at the desktop but it just throws me >>> back to the desktop and no /home is set up for any user. If I >>> manually clone my old local user's /home to the domain user and >>> change the ownerships it does not help so I must be missing something >>> here. Setting "template homedir = /home/%U" doesn't seem to help >>> (and, I'd guess, would not give it the full desktop template). >>> Getting closer. >> >> >> You do not have a 'template homedir' line in your smb.conf, so yo will >> be using the default '/home/%D/%U' , so does '/home/HOME' exist ? > > > > For the moment I have set "template homedir = /home/%U". I have a > suspicion why the documentation says "template homedir = /home/%D/%U", > so data loss is avoided if an account already exists, but it is not a > problem on my test set up so I've left it simple. Either way /home/HOME > exists > >> Also do you have the oddjob-mkhomedir package installed ? > > > > yes > >>> >>> "net leave" and "net rpc leave" both just give me the command help. >> >> >> It has been so long since I used an NT4-style domain, that I forgot >> there is no 'leave' like there is in AD. >> > > NP. I'll do a full test of the process by rolling back the VM anyway. > > Nick >Got it. oddjob-mkhomedir has a service which needs to be enabled. Also I ran: authselect select winbind with-mkhomedir Stolen and adapted from https://computingforgeeks.com/join-centos-rhel-system-to-active-directory-domain/ I'll roll back the VM tomorrow and re-test end-to-end. -- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus