Re: [Samba] Samba4 + Winbind + PAM Installation/Configuration
I am justs tarting o samba too, but I think it is normal to have lots of not found. You have to pay attention for the features you want, though. You might need libpam0g-dev package for PAM support (At least that is the one for Debian) and you can also consider libacl-dev for ACL support (changing permissions for a share on windows, for example) On Sun, Aug 18, 2013 at 11:38 AM, Andreas Krupp andreaskr...@akrupp.chwrote: Hi, I have not set any home var yet in my smb.conf. If you're asking for that, I am probably missing a lot of important parameters. Below my smb.conf for the moment: # Global parameters [global] workgroup = MYDOMAIN realm = MYDOMAIN.HOME netbios name = DC server role = active directory domain controller dns forwarder = 10.33.66.99 template shell = /bin/bash wins support = yes [netlogon] path = /usr/local/samba/var/locks/sysvol/mydomain.home/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No Otherwise I checked for all the lines during ./configure that mention not found... I have more than 100 of these. Is that normal? Among the things missing are e.g. ldap, pam_start, NFS QUOTAS, and lots of other stuff... I tried to follow the list of packages to install on the Samba4 Wiki for CentOS but it seems, that is not really enough, is it? Cheers best, Andreas *On 16 August 2013 08:37, Daniel Müller has written: * -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Thiago Fernandes Crepaldi (aka Crepaldi) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 + Winbind + PAM Installation/Configuration
Hi, I have not set any home var yet in my smb.conf. If you're asking for that, I am probably missing a lot of important parameters. Below my smb.conf for the moment: # Global parameters [global] workgroup = MYDOMAIN realm = MYDOMAIN.HOME netbios name = DC server role = active directory domain controller dns forwarder = 10.33.66.99 template shell = /bin/bash wins support = yes [netlogon] path = /usr/local/samba/var/locks/sysvol/mydomain.home/scripts read only = No [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No Otherwise I checked for all the lines during ./configure that mention not found... I have more than 100 of these. Is that normal? Among the things missing are e.g. ldap, pam_start, NFS QUOTAS, and lots of other stuff... I tried to follow the list of packages to install on the Samba4 Wiki for CentOS but it seems, that is not really enough, is it? Cheers best, Andreas *On 16 August 2013 08:37, Daniel Müller has written: * -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 + Winbind + PAM Installation/Configuration
Save yourself a lot of integraton work and depency resolution. Hop over to
https://github.com/nkadel/samba-4.0.7-srpm and grab my tools for building
RHEL 6.x compatibe RPM's for the full toolsuite. All the necessary
dependencies are in the .spec file, you can use make build to build the
RP{M's locally, and it publishes the RPM information so that other software
with Samba RPM integration, such as pam or authconfig, know where to
find all the components.
It's backported from Fedora, I updated it a few days ago to Samba 4.0.7,
and it has flags to compile with or without full domain controller
services.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 + Winbind + PAM Installation/Configuration
Did you set the [home] var already in your smb.conf? --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Andreas Krupp [mailto:andreaskr...@akrupp.ch] Gesendet: Donnerstag, 15. August 2013 19:06 An: 'samba'; 'Daniel Müller' Betreff: FW: [Samba] Samba4 + Winbind + PAM Installation/Configuration Hello, The steps so far worked: 1) get all of pam installed via yum install pam* 2) Then recompile samba with ./configure.developer followed by make and make install 3) Restarted Samba... and great stuff, my domain controller, settings and users are still there! This is awesome by the way! 4) linked the pam_winbind.so with ln -s /usr/local/samba/lib/security/pam_winbind.so /lib/security 5) Edited /etc/pam.d/system-auth and added the entries as described in the wiki (http://wiki.samba.org/index.php/Samba4/Winbind) All the tests but 1 are fine: Wbinfo -p (Ok) Wbinfo -u (Ok) Getent passwd (Ok) Id [User] (Ok) Ssh [user]@localhost (Fails) -- Permission denied, please try again I tried with the Administrator Account and a normal user account, both fail in the same way. Any ideas? Cheers thx, Andreas -Original Message- From: Andreas Krupp [mailto:andreaskr...@akrupp.ch] Sent: jeudi 15 août 2013 14:53 To: 'muel...@tropenklinik.de' Subject: RE: [Samba] Samba4 + Winbind + PAM Installation/Configuration Ok I will try that. Just as a possibly important follow up question: If I run ./configure.developer, then make and make install ... is my current samba domain configuration kept or will I have to start setting up the domain from scratch? Cheers thx, Andreas -Original Message- From: Daniel Müller [mailto:muel...@tropenklinik.de] Sent: jeudi 15 août 2013 14:39 To: 'Andreas Krupp' Subject: AW: [Samba] Samba4 + Winbind + PAM Installation/Configuration Yes it is pam-devel. To be shure install with yum install pam* to get all pam packages. ./configure.developer will try all possibilities. It is important to have all packages installed before compiling. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Andreas Krupp [mailto:andreaskr...@akrupp.ch] Gesendet: Donnerstag, 15. August 2013 14:18 An: muel...@tropenklinik.de; 'samba' Betreff: RE: [Samba] Samba4 + Winbind + PAM Installation/Configuration Hello Daniel, Thx a lot for the quick reply. Actually I did all these steps already and the tests that you proposed and that are documented on the wiki are working fine. http://wiki.samba.org/index.php/Samba4/Winbind It is the next section Using pam_winbind that I cannot get to work. My goal is that I can log on to the linux box with an AD Account, or run a service with an AD account or connect via SSH with an AD account. So where I am stuck is: - I do not know which pam files to edit under CentOS and it seems that - I do not have pam_winbind.so installed/compiled with Samba4.1rc2 On the wiki it says: Ensure that you built Samba 4 with libpam0g-dev installed on your system. If not, install the PAM development libraries and re-compile Samba 4 from the ./configure.developer stage. Install pam_winbind.so in the usual place: ... and I cannot make much sense out of that. Is pam-devel = libpam0g-dev? Would you know the difference between ./configure and ./configure.developer? Cheers thx, Andreas -Original Message- From: Daniel Müller [mailto:muel...@tropenklinik.de] Sent: jeudi 15 août 2013 11:35 To: andreaskr...@akrupp.ch; 'samba' Subject: AW: [Samba] Samba4 + Winbind + PAM Installation/Configuration Just install pam and pam-devel And: /etc/nsswitch.conf: passwd: files winbind shadow: files group: files winbind And: ln -s /usr/local/samba/lib/libnss_winbind.so.2 /lib64/libnss_winbind.so ln -s /lib64/libnss_winbind.so /lib64/libnss_winbind.so.2 Test now: [root@s4master lib]# ldconfig -v | grep winbind ldconfig: /etc/ld.so.conf.d/kernel-2.6.32-358.11.1.el6.x86_64.conf:6: duplicate hwcap 1 nosegneg libnss_winbind.so - libnss_winbind.so.2 libnss_winbind.so - libnss_winbind.so.2 and it should work with getent group and getenet passwd --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun
Re: [Samba] Samba4 + Winbind + PAM Installation/Configuration
centos bug ? https://www.centos.org/modules/newbb/viewtopic.php?topic_id=42048 -Oorspronkelijk bericht- Van: muel...@tropenklinik.de [mailto:samba-boun...@lists.samba.org] Namens Daniel Müller Verzonden: vrijdag 16 augustus 2013 8:37 Aan: 'Andreas Krupp'; 'samba' Onderwerp: Re: [Samba] Samba4 + Winbind + PAM Installation/Configuration Did you set the [home] var already in your smb.conf? --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Andreas Krupp [mailto:andreaskr...@akrupp.ch] Gesendet: Donnerstag, 15. August 2013 19:06 An: 'samba'; 'Daniel Müller' Betreff: FW: [Samba] Samba4 + Winbind + PAM Installation/Configuration Hello, The steps so far worked: 1) get all of pam installed via yum install pam* 2) Then recompile samba with ./configure.developer followed by make and make install 3) Restarted Samba... and great stuff, my domain controller, settings and users are still there! This is awesome by the way! 4) linked the pam_winbind.so with ln -s /usr/local/samba/lib/security/pam_winbind.so /lib/security 5) Edited /etc/pam.d/system-auth and added the entries as described in the wiki (http://wiki.samba.org/index.php/Samba4/Winbind) All the tests but 1 are fine: Wbinfo -p (Ok) Wbinfo -u (Ok) Getent passwd (Ok) Id [User] (Ok) Ssh [user]@localhost (Fails) -- Permission denied, please try again I tried with the Administrator Account and a normal user account, both fail in the same way. Any ideas? Cheers thx, Andreas -Original Message- From: Andreas Krupp [mailto:andreaskr...@akrupp.ch] Sent: jeudi 15 août 2013 14:53 To: 'muel...@tropenklinik.de' Subject: RE: [Samba] Samba4 + Winbind + PAM Installation/Configuration Ok I will try that. Just as a possibly important follow up question: If I run ./configure.developer, then make and make install ... is my current samba domain configuration kept or will I have to start setting up the domain from scratch? Cheers thx, Andreas -Original Message- From: Daniel Müller [mailto:muel...@tropenklinik.de] Sent: jeudi 15 août 2013 14:39 To: 'Andreas Krupp' Subject: AW: [Samba] Samba4 + Winbind + PAM Installation/Configuration Yes it is pam-devel. To be shure install with yum install pam* to get all pam packages. ./configure.developer will try all possibilities. It is important to have all packages installed before compiling. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Andreas Krupp [mailto:andreaskr...@akrupp.ch] Gesendet: Donnerstag, 15. August 2013 14:18 An: muel...@tropenklinik.de; 'samba' Betreff: RE: [Samba] Samba4 + Winbind + PAM Installation/Configuration Hello Daniel, Thx a lot for the quick reply. Actually I did all these steps already and the tests that you proposed and that are documented on the wiki are working fine. http://wiki.samba.org/index.php/Samba4/Winbind It is the next section Using pam_winbind that I cannot get to work. My goal is that I can log on to the linux box with an AD Account, or run a service with an AD account or connect via SSH with an AD account. So where I am stuck is: - I do not know which pam files to edit under CentOS and it seems that - I do not have pam_winbind.so installed/compiled with Samba4.1rc2 On the wiki it says: Ensure that you built Samba 4 with libpam0g-dev installed on your system. If not, install the PAM development libraries and re-compile Samba 4 from the ./configure.developer stage. Install pam_winbind.so in the usual place: ... and I cannot make much sense out of that. Is pam-devel = libpam0g-dev? Would you know the difference between ./configure and ./configure.developer? Cheers thx, Andreas -Original Message- From: Daniel Müller [mailto:muel...@tropenklinik.de] Sent: jeudi 15 août 2013 11:35 To: andreaskr...@akrupp.ch; 'samba' Subject: AW: [Samba] Samba4 + Winbind + PAM Installation/Configuration Just install pam and pam-devel And: /etc/nsswitch.conf: passwd: files winbind shadow: files group: files winbind And: ln -s /usr/local/samba/lib/libnss_winbind.so.2 /lib64/libnss_winbind.so ln -s /lib64/libnss_winbind.so /lib64/libnss_winbind.so.2 Test now: [root@s4master lib]# ldconfig -v | grep winbind ldconfig: /etc/ld.so.conf.d/kernel-2.6.32-358.11.1.el6.x86_64.conf:6: duplicate hwcap 1 nosegneg libnss_winbind.so - libnss_winbind.so.2 libnss_winbind.so - libnss_winbind.so.2 and it should work with getent group and getenet
[Samba] Samba4 + Winbind + PAM Installation/Configuration
Hello, Now that I have my Samba4 DC running great on CentOS6.4 I was wondering if somebody could help understand better how to install and configure Samba4 with winbind and PAM. I used the tutorial here: [http://wiki.samba.org/index.php/Samba4/Winbind](http://wiki.samba.org/index.php/Samba4/Winbind) This got me through to the point where Using pam_winbind starts. Could anybody help me understand how to do these steps + compile samba4 with pam_winbind on CentOS 6.4? I am more than willing to update the wiki page after that ;-) My questions in detail are: - How do I compile/install Samba4 with pam_winbind support and which prerequisits do I need to install with yum before doing that? - Which pam configuration files do I have to change on CentOS6.4? Cheers thx, Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 + Winbind + PAM Installation/Configuration
Just install pam and pam-devel And: /etc/nsswitch.conf: passwd: files winbind shadow: files group: files winbind And: ln -s /usr/local/samba/lib/libnss_winbind.so.2 /lib64/libnss_winbind.so ln -s /lib64/libnss_winbind.so /lib64/libnss_winbind.so.2 Test now: [root@s4master lib]# ldconfig -v | grep winbind ldconfig: /etc/ld.so.conf.d/kernel-2.6.32-358.11.1.el6.x86_64.conf:6: duplicate hwcap 1 nosegneg libnss_winbind.so - libnss_winbind.so.2 libnss_winbind.so - libnss_winbind.so.2 and it should work with getent group and getenet passwd --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Andreas Krupp Gesendet: Donnerstag, 15. August 2013 11:15 An: samba Betreff: [Samba] Samba4 + Winbind + PAM Installation/Configuration Hello, Now that I have my Samba4 DC running great on CentOS6.4 I was wondering if somebody could help understand better how to install and configure Samba4 with winbind and PAM. I used the tutorial here: [http://wiki.samba.org/index.php/Samba4/Winbind](http://wiki.samba.org/index .php/Samba4/Winbind) This got me through to the point where Using pam_winbind starts. Could anybody help me understand how to do these steps + compile samba4 with pam_winbind on CentOS 6.4? I am more than willing to update the wiki page after that ;-) My questions in detail are: - How do I compile/install Samba4 with pam_winbind support and which prerequisits do I need to install with yum before doing that? - Which pam configuration files do I have to change on CentOS6.4? Cheers thx, Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 + Winbind + PAM Installation/Configuration
On Thu, 2013-08-15 at 11:15 +0200, Andreas Krupp wrote: This got me through to the point where Using pam_winbind starts. Hi From that point: ln -s /usr/local/samba/lib/security/pam_winbind.so /lib/security then: pam-config -a --winbind Add: template shell = /bin/bash to smb.conf Do _not_ start winbindd. Best of luck. Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 + Winbind + PAM Installation/Configuration
Hello Daniel, Thx a lot for the quick reply. Actually I did all these steps already and the tests that you proposed and that are documented on the wiki are working fine. http://wiki.samba.org/index.php/Samba4/Winbind It is the next section Using pam_winbind that I cannot get to work. My goal is that I can log on to the linux box with an AD Account, or run a service with an AD account or connect via SSH with an AD account. So where I am stuck is: - I do not know which pam files to edit under CentOS - and it seems that I do not have pam_winbind.so installed/compiled with Samba4.1rc2 On the wiki it says: Ensure that you built Samba 4 with libpam0g-dev installed on your system. If not, install the PAM development libraries and re-compile Samba 4 from the ./configure.developer stage. Install pam_winbind.so in the usual place: ... and I cannot make much sense out of that. Is pam-devel = libpam0g-dev? Would you know the difference between ./configure and ./configure.developer? Cheers thx, Andreas -Original Message- From: Daniel Müller [mailto:muel...@tropenklinik.de] Sent: jeudi 15 août 2013 11:35 To: andreaskr...@akrupp.ch; 'samba' Subject: AW: [Samba] Samba4 + Winbind + PAM Installation/Configuration Just install pam and pam-devel And: /etc/nsswitch.conf: passwd: files winbind shadow: files group: files winbind And: ln -s /usr/local/samba/lib/libnss_winbind.so.2 /lib64/libnss_winbind.so ln -s /lib64/libnss_winbind.so /lib64/libnss_winbind.so.2 Test now: [root@s4master lib]# ldconfig -v | grep winbind ldconfig: /etc/ld.so.conf.d/kernel-2.6.32-358.11.1.el6.x86_64.conf:6: duplicate hwcap 1 nosegneg libnss_winbind.so - libnss_winbind.so.2 libnss_winbind.so - libnss_winbind.so.2 and it should work with getent group and getenet passwd --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Andreas Krupp Gesendet: Donnerstag, 15. August 2013 11:15 An: samba Betreff: [Samba] Samba4 + Winbind + PAM Installation/Configuration Hello, Now that I have my Samba4 DC running great on CentOS6.4 I was wondering if somebody could help understand better how to install and configure Samba4 with winbind and PAM. I used the tutorial here: [http://wiki.samba.org/index.php/Samba4/Winbind](http://wiki.samba.org/index .php/Samba4/Winbind) This got me through to the point where Using pam_winbind starts. Could anybody help me understand how to do these steps + compile samba4 with pam_winbind on CentOS 6.4? I am more than willing to update the wiki page after that ;-) My questions in detail are: - How do I compile/install Samba4 with pam_winbind support and which prerequisits do I need to install with yum before doing that? - Which pam configuration files do I have to change on CentOS6.4? Cheers thx, Andreas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
