[Bug 1815019] Re: offline logon doesnt works in ubuntu 18.04
** Changed in: samba (Ubuntu) Status: Incomplete => Triaged ** Changed in: samba (Ubuntu) Importance: Undecided => Low ** Summary changed: - offline logon doesnt works in ubuntu 18.04 + offline logon with NT4 domains needs config change in 18.04 ** Summary changed: - offline logon with NT4 domains needs config change in 18.04 + offline logon with NT4 domains needs config change ** Also affects: samba via https://bugzilla.samba.org/show_bug.cgi?id=10455 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1815019 Title: offline logon with NT4 domains needs config change To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1815019/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1815019] Re: offline logon doesnt works in ubuntu 18.04
I see, I just tried, and by default I get the krb5* options in /etc/pam.d/common-auth's pam_winbind.so line. That comes from /usr/share/pam-configs/winbind. It's a more modern default I believe (assuming the machine was joined to an AD domain, and not an NT one), and I'm not sure how configurable or smart it could be made. Maybe multiple profiles could be shipped, one for NT4 domains, one for AD domains (default)? -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1815019 Title: offline logon doesnt works in ubuntu 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1815019/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1815019] Re: offline logon doesnt works in ubuntu 18.04
The krb5 options you were using in the pam_winbind.so line are only meant to be used with active directory controllers. Your smb.conf file shows your security to be of the "domain" style, which is an NT style controller which does not support kerberos. I may have lost this bit of information elsewhere in this bug, but did you add those krb5* parameters to the pam module config, or was that some tool? -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1815019 Title: offline logon doesnt works in ubuntu 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1815019/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1815019] Re: offline logon doesnt works in ubuntu 18.04
Ok, can you please share your configuration files so I can give it a try? - smb.conf - pam_winbbind config - relevant /etc/pam.d/ files for the service you are trying (ssh, common-* probably) Also, have you run testparm on your config just to rule out syntax errors and other checks? I found some bugs in debian and upstream, still open, but in a "needinfo" state. Finally, I would suggest to really drop the network instead of running "winbind offline", as I think that is a more realistic test. -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1815019 Title: offline logon doesnt works in ubuntu 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1815019/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1815019] Re: offline logon doesnt works in ubuntu 18.04
Can you set these two to "yes" in pam_winbind.conf (or in the pam_winbind.so command line in the pam config): debug = yes debug state = yes Try again and let's see if it gives more information. Be sure to try first while online, so it can cache a valid set of credentials, and then in the disconnected state. Thanks! -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1815019 Title: offline logon doesnt works in ubuntu 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1815019/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1815019] Re: offline logon doesnt works in ubuntu 18.04
When you are offline, does "getent passwd " still recognize your user? Both things need to work: the user must "exist", and the password must be correct, in the offline case. -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1815019 Title: offline logon doesnt works in ubuntu 18.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1815019/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs