Web lists-archives.com

[Samba] SSH with User in Member Domain




Hi!!

I dont sucess in ssh with user my domain, in my Filserver(Member)

Samba 4.7.3 Compilated

Ubuntu 16.04

# smb.conf

[global]
        workgroup = XXXXX
        realm = INTERNO.XXX.XXXX.BR
        security = ADS
        username map = /usr/local/samba/etc/user.map

        dedicated keytab file = /etc/krb5.keytab
        kerberos method = secrets and keytab
        winbind cache time = 60

        winbind max clients = 600
        winbind enum users = Yes
        winbind enum groups = Yes
        winbind use default domain = Yes
        winbind nss info = rfc2307
        winbind refresh tickets = Yes
        winbind nss info = template
        template shell = /bin/bash

        idmap config * : backend = tdb
        idmap config * : range = 3000-7999
        idmap config XXXX : backend = rid
        idmap config XXXXX : range = 10000-999999


        # Necessario para Fileserver
        map acl inherit = Yes
        store dos attributes = Yes

        #
        # Disable Cups
        load printers = no
        printing = bsd
        printcap name = /dev/null
        disable spoolss = yes

        # Lixeira + Auditoria
        vfs objects = recycle,full_audit,acl_xattr
        recycle:keeptree = yes
        recycle:versions = yes
        recycle:repository = /opt/DADOS/Lixeira/%U
        recycle:exclude = *.tmp, *.log, *.obj, ~*.*, *.bak, *.iso, *.exe
        recycle:exclude_dir = tmp
        recycle:touch = yes
        recycle:touch_mtime = yes
        full_audit:failure = none
        full_audit:facility = local5
        full_audit:priority = notice
        full_audit:prefix = %u|%I|%S
        full_audit:success = rename rmdir unlink

# include
include = /opt/samba/etc/compartilhamento.conf


ls -l /lib/x86_64-linux-gnu/libnss_winbind.so*
lrwxrwxrwx 1 root root 41 Dez  8 18:00 /lib/x86_64-linux-gnu/libnss_winbind.so -> /lib/x86_64-linux-gnu/libnss_winbind.so.2 lrwxrwxrwx 1 root root 40 Dez  8 18:00 /lib/x86_64-linux-gnu/libnss_winbind.so.2 -> /usr/local/samba/lib/libnss_winbind.so.2


/etc/pam.d# cat common-session

..

....

 and here are more per-package modules (the "Additional" block)
session required        pam_unix.so
session optional        pam_systemd.so
session optional        pam_winbind.so
session optional        pam_mkhomedir.so skel=/etc/skel umask=077

Any ideia ?

Regards;




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba