Winbind and Active Directory
Matthew Carpenter
matt
Mon Nov 7 10:46:42 PST 2005
Hi all,
I have some questions about Winbind and Active Directory.
I'm migrating a box off of it's current NT Domain dependency to an Active
Directory. Since I have all the SSH and SAMBA stuff configured for Winbind,
I'd like to keep the same setup. Unfortunately, simply joining the active
directory domain with "net rpc join" doesn't seem to give the desired
results.
Although I can list all the domain users in "getent passwd" I can't login
with SSH and I can't chown a file to any domain user:
Nov 7 10:22:05 lngz19 sshd[15707]: Postponed keyboard-interactive for illegal
user DOMAIN+myid from ::ffff:172.16.33.163 port 53949 ssh2
Nov 7 10:22:06 lngz19 sshd[15707]: Failed keyboard-interactive/pam for
illegal user DOMAIN+myid from ::ffff:172.16.33.163 port 53949 ssh2
lngz19:~ # chown DOMAIN+myid vdir
chown: `DOMAIN+myid': invalid user
Any ideas of what might have changed between NT Domain and AD Domain
Emulation? Any security settings which might be enabled in AD that might
stop this type of activity?
Anyone with AD integration experience? Should I be joining the AD using "net
join" instead of "net rpc join"? Does that still allow me to use winbind for
PAM integration?
Thanks,
Matt
--
Matthew Carpenter
matt at eisgr.com http://www.eisgr.com/
Enterprise Information Systems
* Network Server Appliances
* Security Consulting, Incident Handling & Forensics
* Network Consulting, Integration & Support
* Web Integration and E-Business
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.linux-sxs.org/pipermail/linux-users/attachments/20051107/cdce102d/attachment.pgp
More information about the Linux-users
mailing list