Web lists-archives.com

Re: [Samba] SSH SSO without keytab file




I actually spent the entire last day getting 'ad' backend to work. 
Adding 'idmap config SAMDOM : backend = ad' and related lines in the client's smb.conf results in `getent passwd` 

... 
Use : getent passwd username 
Check if wbinfo -u works also. 

As tip, if you try these.

id username
getent passwd username 
wbinfo -u | grep username

If all work and show your usename, then you should be able to login (sso) on ssh. 

If your users are only on this server and you dont need to share homedirs. 
Then you need mk_homedir in pam also. 
To enable, its simple on ubuntu/debian 

pam-auth-update --package mkhomedir
pam-auth-update
And enable mkhomedir ( you can use pam-auth-update --force also ) 


Greetz, 

Louis


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba