** Changed in: samba (Ubuntu)
Status: Incomplete => Triaged
** Changed in: samba (Ubuntu)
Importance: Undecided => Low
** Summary changed:
- offline logon doesnt works in ubuntu 18.04
+ offline logon with NT4 domains needs config change in 18.04
** Summary changed:
- offline logon
I see, I just tried, and by default I get the krb5* options in
/etc/pam.d/common-auth's pam_winbind.so line.
That comes from /usr/share/pam-configs/winbind.
It's a more modern default I believe (assuming the machine was joined to
an AD domain, and not an NT one), and I'm not sure how
The krb5 options you were using in the pam_winbind.so line are only
meant to be used with active directory controllers. Your smb.conf file
shows your security to be of the "domain" style, which is an NT style
controller which does not support kerberos.
I may have lost this bit of information
Ok, can you please share your configuration files so I can give it a
try?
- smb.conf
- pam_winbbind config
- relevant /etc/pam.d/ files for the service you are trying (ssh, common-*
probably)
Also, have you run testparm on your config just to rule out syntax errors and
other checks?
I found
Can you set these two to "yes" in pam_winbind.conf (or in the
pam_winbind.so command line in the pam config):
debug = yes
debug state = yes
Try again and let's see if it gives more information. Be sure to try
first while online, so it can cache a valid set of credentials, and then
in the
When you are offline, does "getent passwd " still recognize your
user? Both things need to work: the user must "exist", and the password
must be correct, in the offline case.
--
You received this bug notification because you are a member of Ubuntu
Server, which is subscribed to samba in Ubuntu.
