hi
I tried the tutorial, and it does not work... :(
when i type: wbinfo -u
I see all the users...
but when i type wbinfo -g
I see only:
but there are much more groups... does anybody know a solution?Code:BUILTIN+administrators
BUILTIN+users
Printable View
hi
I tried the tutorial, and it does not work... :(
when i type: wbinfo -u
I see all the users...
but when i type wbinfo -g
I see only:
but there are much more groups... does anybody know a solution?Code:BUILTIN+administrators
BUILTIN+users
I changed the configuration of pam to authenticate in the domain with winbind and I have enabled caching of user and password of the domain, I log the domain user (both online and offline) and mount the shared, but I have a problem when Working offline and use of certain programs that require user authentication to be run.
Example: When I try to launch the System -> Admin -> Users and Group " from local user and I click Unlock I request the password, but when I enter the program freezes for a few minutes and then tells me:
And in the file auth.log I appear the following messages:HTML Code:Unable to authenticate
An unexpected error occurred
And if you use a domain user I have these messages appear:HTML Code:dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.29" (uid=1001 pid=4573 comm="/usr/lib/indicator-applet/indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.91" (uid=1000 pid=6714 comm="/usr/lib/policykit-gnome/polkit-gnome-manager "))
dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.59" (uid=1000 pid=5593 comm="/usr/lib/indicator-applet/indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.91" (uid=1000 pid=6714 comm="/usr/lib/policykit-gnome/polkit-gnome-manager "))
dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.29" (uid=1001 pid=4573 comm="/usr/lib/indicator-applet/indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.92" (uid=1000 pid=6715 comm="/usr/lib/policykit/polkit-grant-helper 6706 org.fr"))
dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.59" (uid=1000 pid=5593 comm="/usr/lib/indicator-applet/indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.92" (uid=1000 pid=6715 comm="/usr/lib/policykit/polkit-grant-helper 6706 org.fr"))
dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.29" (uid=1001 pid=4573 comm="/usr/lib/indicator-applet/indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.93" (uid=1000 pid=6718 comm="/usr/lib/policykit/polkit-grant-helper 6706 org.fr"))
dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.59" (uid=1000 pid=5593 comm="/usr/lib/indicator-applet/indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.93" (uid=1000 pid=6718 comm="/usr/lib/policykit/polkit-grant-helper 6706 org.fr"))
polkit-grant-helper-pam[6721]: pam_mount(rdconf1.c:667): path to luserconf set to /home/user1/.pam_mount.conf.xml
polkit-grant-helper-pam[6721]: pam_winbind(polkit:auth): getting password (0x00000010)
polkit-grant-helper-pam[6721]: pam_winbind(polkit:auth): pam_get_item returned a password
polkit-grant-helper-pam[6721]: pam_winbind(polkit:auth): request wbcLogonUser failed: WBC_ERR_AUTH_ERROR, PAM error: PAM_AUTHINFO_UNAVAIL (9), NTSTATUS: NT_STATUS_NO_LOGON_SERVERS, Error message was: No logon servers
polkit-grant-helper-pam[6721]: pam_winbind(polkit:auth): internal module error (retval = PAM_AUTHINFO_UNAVAIL(9), user = 'user1')
polkit-grant-helper-pam[6721]: pam_unix(polkit:auth): authentication failure; logname= uid=1000 euid=0 tty= ruser=user1 rhost= user=user1
This is my configuration files:HTML Code:dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.52" (uid=1001 pid=4575 comm="/usr/lib/indicator-applet/
indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.
57" (uid=1001 pid=4645 comm="users-admin "))
dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.52" (uid=1001 pid=4575 comm="/usr/lib/indicator-applet/
indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.
58" (uid=0 pid=4648 comm="/usr/bin/perl /usr/share/system-tools-backends-2.0"))
dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.52" (uid=1001 pid=4575 comm="/usr/lib/indicator-applet/
indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.
59" (uid=0 pid=4654 comm="/usr/bin/perl /usr/share/system-tools-backends-2.0"))
dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.52" (uid=1001 pid=4575 comm="/usr/lib/indicator-applet/
indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.
60" (uid=0 pid=4656 comm="/usr/bin/perl /usr/share/system-tools-backends-2.0"))
dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.52" (uid=1001 pid=4575 comm="/usr/lib/indicator-applet/
indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.
61" (uid=0 pid=4658 comm="/usr/bin/perl /usr/share/system-tools-backends-2.0"))
dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.52" (uid=1001 pid=4575 comm="/usr/lib/indicator-applet/
indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.
62" (uid=1001 pid=4666 comm="/usr/lib/policykit-gnome/polkit-gnome-manager "))
dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.52" (uid=1001 pid=4575 comm="/usr/lib/indicator-applet/
indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.
63" (uid=1001 pid=4667 comm="/usr/lib/policykit/polkit-grant-helper 4645 org.fr"))
dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.52" (uid=1001 pid=4575 comm="/usr/lib/indicator-applet/
indicator-applet --oaf-a") interface="org.freedesktop.DBus.Properties" member="Get" error name="(unset)" requested_reply=0 destination=":1.
64" (uid=1001 pid=4670 comm="/usr/lib/policykit/polkit-grant-helper 4645 org.fr"))
polkit-grant-helper-pam[4673]: pam_mount(rdconf1.c:667): path to luserconf set to /home/user2/.pam_mount.conf.xml
polkit-grant-helper-pam[4673]: pam_winbind(polkit:auth): getting password (0x00000210)
polkit-grant-helper-pam[4673]: pam_winbind(polkit:auth): pam_get_item returned a password
polkit-grant-helper-pam[4673]: pam_winbind(polkit:auth): user 'user2' granted access
polkit-grant-helper-pam[4673]: pam_winbind(polkit:account): user 'user2' granted access
Code:[common-account]
account sufficient pam_winbind.so
account required pam_unix.so
[common-auth]
auth required pam_mount.so
auth sufficient pam_winbind.so use_first_pass
#auth sufficient pam_winbind.so
auth required pam_unix.so nullok_secure use_first_pass
[common-password]
password sufficient pam_winbind.so use_authtok
#password sufficient pam_winbind.so
password required pam_unix.so nullok obscure min=4 max=9 md5
[common-session]
session required pam_unix.so nullok_secure
session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
session optional pam_mount.so
[pam_winbind.conf]
[global]
#debug
cached_login = yes
[smb.conf]
workgroup = DOM1
server string = %h
security = domain
encrypt passwords = true
wins server = xxx.xxx.xxx.xxx
password server = *
domain master = false
preferred master = false
local master = no
lm announce = false
hosts allow = xxx.xxx.xxx.xxx, 127.0.0.1
hosts deny = all
socket options = TCP_NODELAY IPTOS_LOWDELAY
log file = /var/log/samba/log.%U
log level = 2
pam password change = yes
interfaces = eth0, lo
winbind uid = 1000-10000
winbind gid = 1000-10000
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind cache time = 15
winbind offline logon = yes
template shell = /bin/bash
template homedir = /home/%U
Suggestions?
Hi,
I tried this method on my server and I'm now kicked out from is as root!!!!
After rebooting, no more root account was accessible!!! I can't roll back without admin priviledge!! I had a ssh secure key set and it does'nt work anymore.
This changed the root account to another!!
Some major help please!!
I need a way to recover this server!!
Thank you for this contribution, I have been thinking about migrating all my server from Windows Server to Linux due to the high cost of licensing but I am still a little afraid about doing it since I might loose some functionality. I am still evaluating the possibility and this serve as a good start.:P
Hi cucu007, i have the 80% of Servers with Linux (CentOS and Debian) and 20% with Windows (because some applications require Windows as SO).
Linux servers provide:
- Domain autentication (Samba)
- File Server (Samba)
- Mail (imap, pop, smtp)
- Groupware (with SOGo)
- Fax server
- Datawarehouse
- VPN
- Firewalling
- DB Server
and more... ;)
In linux the cost of licensing is very cheap but in some cases the implementation requires more effort on the part of the System Administrators.
;)
I am trying to connect ubuntu 11.04 to windows 2003 server domain. I followed all the configuration steps as told.
After rebooting the machine i am unable to login. This is the first time i am trying to connect to windows domain.
Any help will be of great importance.