Page 2 of 6 FirstFirst 1234 ... LastLast
Results 11 to 20 of 57

Thread: HOWTO: NT Domain Authentication

  1. #11
    Join Date
    May 2005
    Beans
    1

    Re: HOWTO: NT Domain Authentication

    What if my domain admin can't/won't come to my workstation and type his password? And even if he/she were willing, wouldn't that be risky if I were running a keystroke logger?

    So, how can I join my domain in this case? Our domain admins temporarily enable user accounts to join the domain, and in XP for example, we'd join using our own username and password, not theirs. (usually done over the phone)

  2. #12
    Join Date
    Dec 2004
    Location
    St. Louis, Missoura
    Beans
    70
    Distro
    Gutsy Gibbon Testing

    Re: HOWTO: NT Domain Authentication

    Quote Originally Posted by eekarum
    What if my domain admin can't/won't come to my workstation and type his password? And even if he/she were willing, wouldn't that be risky if I were running a keystroke logger?

    So, how can I join my domain in this case? Our domain admins temporarily enable user accounts to join the domain, and in XP for example, we'd join using our own username and password, not theirs. (usually done over the phone)
    A domain admin can give your user special rights so you can add machines to your domain. This can be done without you having administrator access.

  3. #13
    Join Date
    Jun 2005
    Beans
    4

    Re: HOWTO: NT Domain Authentication

    Quote Originally Posted by mmrobins
    I did this with Hoary Hedgehog 5.04 and now I get the message "The system administrator has disabled access to the system temporarily." when I try to logon using a domain user. My local users can't log in now, simply saying authentication failed. I'm trying to login to a mixed mode windows 2000 domain, so used the net join rpc command and it worked. So I guess the good news is that it IS authenticating against the AD, but it won't let me onto the system. Any suggestions?
    Quote Originally Posted by xsdevnet
    I did this and am able to login with one of the command line virtual terminals and ssh as an active directory user. I cannot log in with XWindows though. Any ideas what I should look at?
    Hi guys - Think I might have a solution to this for you.

    I was having the same problem until I went into System>Administration>login screen setup (I think you can also run "gksudo gdmsetup" to get this). I then switched to the "security" tab and unchecked the box next to "Always disallow TCP connections to X server"

    While I was there I also switched the graphical greeter to "happy gnome with browser" so that I could see domain users on bootup - just to make sure everything was looking ok!

    I hope this helps. If its wrong or if theres anything stupid contained within, then please accept my apologies - I've only been using linux for a month or so as a curiosity-project, so I don't claim to be any kind of expert, but most of that time has been spent configuring it to work with AD. Worked for me though.

    <Rant>
    And incidentally, why does this have to be so totally painful on every distro I've tried? So far, I've tried fedora, rhe, suse and ubuntu and all of them have made my life hell when simply trying to get hooked up to a windows domain.

    Ubuntu is the only distro where I've ever got this to work (so it scores BIG points from me there) and that took a couple of days spent googling and some total trial-and-error-config-file-madness!

    And whats really annoying is that all of the software is out there to make it work, you've just got to faff around for so long to get it to play. I've been that hacked off by this that I'm seriously thinking of doing some kind of "idiots guide to joining ubuntu to a domain". Granted, there are some good articles out there: the one on wiki is quite handy (https://wiki.ubuntu.com/ActiveDirectoryWinbindHowto) but fell over for me at "apt-get install krb5-user" which just didn't work on my default hoary install!

    From my perspective, as a veteran windows user (but total linux newbie) this is the sort of thing that has to work out-of-the box, first-time and through a nice GUI. Instead, I've been downloading and unpacking tar files for hours and now my brain is bleeding.

    Something should be done.
    </Rant>

    Thanks for your time.

  4. #14
    Join Date
    Apr 2005
    Location
    UK
    Beans
    41
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: HOWTO: NT Domain Authentication

    Hoary out of the box doesn't include Libkadm55 and, as far as I know, it isn't contained in any of the standard repositories. So for the Hoary package of Libkadm55 (1.3.6-1), go Here to download it

    Ensure it is verison 1.3.6-1 and at the console type...

    Code:
    sudo dpkg -i [Path to deb]/libkadm55_1.3.6-1_i386.deb'
    Then follow the rest of the very good HowTo as referenced in the previous posts. Just got it working on Hoary with it authenticating to a Win2k3 domain, and I am *very* pleased with it / myself.

    Btw - By default in Win2k3 a "normal" user can join up to 10 machines to the domain without the admin granting special rights. So when asked to provide a username / password combo, and assuming you haven't joined a machine to the domain before, enter your username / password and you should be away.

  5. #15
    Join Date
    Jun 2005
    Location
    Cologne - Germany
    Beans
    3

    Re: HOWTO: NT Domain Authentication

    Samba Domain Authentication

    I want to integrate my notebook with Kubuntu 5.04 in my network.

    At my home is still running a Samba-Server as PDC based on Debian 3.1 r0a. Furthermore are there two Windows-Clients with WIndows XP Pro. The Domain-Authentication from the Windows-Clients to the Samba-Server works fine .. Each Client gets his home-directory and a global share directory. Also the Profiles were saved on the Samba-Server .. its running so beautiful

    How do i get my f*** Kubuntu-Notebook into this domain ? It cannot be so difficult, or ?
    My Notebook should get those two directories on startup ... and also the local notebook-profile should be stored on the Samba-Server.

    I tried lots of ways by now ...
    - i edited the /etc/resolv.conf
    - i changed the samba security level to domain
    - i added the same user and pass as stored on the samba-server to my notebook
    - ...

    but nothing works
    webray

  6. #16
    Join Date
    Sep 2005
    Beans
    7

    Re: HOWTO: NT Domain Authentication

    Quote Originally Posted by DracosX
    For a win2k domain, just be sure to set security = ads as well as ream = your_realm in smb.conf and use net ads join -U administrator for the join command.
    Hi Guys--

    I'm trying to log onto my windows 2000 domain at work and have followed your instructions, however I get the following error message:

    net ads join -U dhardy
    root@dhardy:/home/dhardy # net ads join -U dhardy
    dhardy's password:
    [2005/09/02 11:29:58, 0] utils/net_ads.c:ads_startup(191)
    ads_connect: No such file or directory

    Any idea what is going wrong?

    Thanks in advance.

    Dan

  7. #17
    Join Date
    Sep 2005
    Location
    Hamar,Norway
    Beans
    36
    Distro
    Dapper Drake Testing/

    Re: HOWTO: NT Domain Authentication

    Thanks for the howto, everything authenicates well, but I cant login with any users, not on ssh or gdm, if i use ssh i get that the user doesnt exist, on gdm it authenicates but it cant login, says something like "the system cannot log you on at the moment".

    but my biggest problem is that i no longer can sudo or gksudo to root with my admin user!

    why?

  8. #18
    Join Date
    Aug 2005
    Location
    Northern Ireland
    Beans
    109
    Distro
    The Feisty Fawn Testing

    Question Re: HOWTO: NT Domain Authentication

    Has anyone seen a ubuntu specific tutorial for using samba to emulate a domain controller and allow windows xp clients to authenticate against it? I have seen a load of examples, but no ubuntu specific ones.

  9. #19
    Join Date
    Oct 2005
    Beans
    1

    Re: HOWTO: NT Domain Authentication

    Quote Originally Posted by Philiphgray
    Hi guys - Think I might have a solution to this for you.

    I was having the same problem until I went into System>Administration>login screen setup (I think you can also run "gksudo gdmsetup" to get this). I then switched to the "security" tab and unchecked the box next to "Always disallow TCP connections to X server"

    While I was there I also switched the graphical greeter to "happy gnome with browser" so that I could see domain users on bootup - just to make sure everything was looking ok!

    I hope this helps. If its wrong or if theres anything stupid contained within, then please accept my apologies - I've only been using linux for a month or so as a curiosity-project, so I don't claim to be any kind of expert, but most of that time has been spent configuring it to work with AD. Worked for me though.

    <Rant>
    And incidentally, why does this have to be so totally painful on every distro I've tried? So far, I've tried fedora, rhe, suse and ubuntu and all of them have made my life hell when simply trying to get hooked up to a windows domain.

    Ubuntu is the only distro where I've ever got this to work (so it scores BIG points from me there) and that took a couple of days spent googling and some total trial-and-error-config-file-madness!

    And whats really annoying is that all of the software is out there to make it work, you've just got to faff around for so long to get it to play. I've been that hacked off by this that I'm seriously thinking of doing some kind of "idiots guide to joining ubuntu to a domain". Granted, there are some good articles out there: the one on wiki is quite handy (https://wiki.ubuntu.com/ActiveDirectoryWinbindHowto) but fell over for me at "apt-get install krb5-user" which just didn't work on my default hoary install!

    From my perspective, as a veteran windows user (but total linux newbie) this is the sort of thing that has to work out-of-the box, first-time and through a nice GUI. Instead, I've been downloading and unpacking tar files for hours and now my brain is bleeding.

    Something should be done.
    </Rant>

    Thanks for your time.








    Same thing happen to me..... I try this suggestion too. It did'nt work to me...
    I hope there's someone can solve this problem...

  10. #20
    Join Date
    Sep 2005
    Beans
    54

    Red face

    .
    Last edited by daahli; October 28th, 2005 at 01:06 AM.

Page 2 of 6 FirstFirst 1234 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •