Public bug reported:
I set up successfully an Ubuntu server 12.4.4 to be a Member Serve of
the Windows Domain and to allow Domain Users to login.
I created an Ubuntu 14.4 server to test with the same purpose and I
tried to set up with the same way, but I cannot login to the server with
a domain user.
Ubuntu server 14.4 can read the list of domain user and domain group via
wbinfo-u and wbinfo-g command like in Ubuntu server 12.4.4.
The wbinfo-t command indicates successful communication via rpc between
Ubuntu server 14.4 and the Domain Controller.
The interesting thing is when I installed the Samba and Winbind packets
(apt-get install samba winbind), the PAM configuration files (common-
account, common-auth, common-session) in /etc/pam.d/ are automatically
set up in Ubuntu server 12.4.4, but in Ubuntu 14.4 are not.
Below are the list files configured automatically in Ubuntu server
12.4.4 and adjusted manually in Ubuntu 14.4:
/etc/pam.d/common-account
account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so
account [success=1 new_authtok_reqd=done default=ignore] pam_winbind.so
account requisite pam_deny.so
account required pam_permit.so
/etc/pam.d/common-auth
auth [success=2 default=ignore] pam_unix.so nullok_secure
auth [success=1 default=ignore] pam_winbind.so krb5_auth
krb5_ccache_type=FILE cached_login try_first_pass
auth requisite pam_deny.so
auth required pam_permit.so
/etc/pam.d/common-session
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session optional pam_umask.so
session required pam_unix.so
session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
session optional pam_winbind.so
I proceeded with the installation of Kerberos (apt-get install krb5-user
libkrb5-3) in the same way that I performed on active Ubuntu server
12.4.4.
Because I have not succeeded to login in the test server, I decided to
recreate the active server (Ubuntu server 12.4.4) and upgrade him with
the command do-release-upgrade-d.
Despite I succeeded to install and set up the server test Ubuntu server
12.4.4the problem reappeared after the upgrade. I could no longer access
the server with a domain user while still able to read the list of users
and groups via wbinfo-u and wbinfo-g command.
I installed libnss-winbind package (apt-get install libnss-winbind) and
then I get success to login to the server with a domain user.
Noteworthy that with a clean install of Ubuntu server 14.4, the
installation of this library did not solved the problem.
** Affects: ubuntu-docs (Ubuntu)
Importance: Undecided
Status: New
** Tags: winbind
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1341544
Title:
Winbind: domain user doesn't login on Ubuntu server 14.4
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+bug/1341544/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
