Linux Winbind Setup: Difference between revisions

From Pumping Station One
Browse history interactively
← Older edit
VisualWikitext
m makign ubuntu listed first, I expect it to be used more
 
(17 intermediate revisions by the same user not shown)
Line 12: Line 12:
== Installation ==
== Installation ==


=== Ubuntu ===
    sudo apt-get install krb5-user samba


=== Arch Linux ===
=== Arch Linux ===
Line 20: Line 17:
     sudo pacman -S krb5 samba
     sudo pacman -S krb5 samba


* Default Kerberos version 5 realm: AD.PUMPINGSTATIONONE.ORG
=== Debian ===
 
    sudo apt-get install krb5-user libnss-winbind libpam-winbind ntp samba winbind
 
=== Ubuntu ===
 
    sudo apt-get install krb5-user ntp samba winbind
 
* Default Kerberos version 5 realm: AD.PUMPINGSTATIONONE.ORG


== /etc/nsswitch.conf ==
== /etc/nsswitch.conf ==
Line 65: Line 70:


== Join the domain ==
== Join the domain ==
Use your account, you must be in the Domain Admins group. If you are adding a machine and are not in the Domain Admins group, Join the [[Systems Group]] and ask.


     sudo ads join -U ```administrator```@PS1
     sudo net ads join -U '''administrator'''@AD.PUMPINGSTATIONONE.ORG


== /etc/pam.d/system-auth ==
== /etc/pam.d/system-auth ==
Line 100: Line 106:
     session  sufficient  pam_winbind.so use_first_pass use_authtok
     session  sufficient  pam_winbind.so use_first_pass use_authtok
     session  optional  pam_permit.so
     session  optional  pam_permit.so
== /etc/sudoers.d/domain_admins ==
    %domain\ admins ALL=(ALL:ALL) ALL
    %PS1\\domain\ admins ALL=(ALL:ALL) ALL
Then make sure the file has proper permissions:
    sudo chmod 0440 /etc/sudoers.d/domain_admins
== pam_mkhomdir.so ==
pam_mkhomdir is responsible for creating the home directory of users that don't have one. Without it you get the following message.
    Could not chdir to home directory /home/PS1/username: No such file or directory
=== ubuntu ===
Create a file called /usr/share/pam-configs/my_mkhomedir:
    Name: activate mkhomedir
    Default: yes
    Priority: 900
    Session-Type: Additional
    Session:
            required                        pam_mkhomedir.so umask=0022 skel=/etc/skel
and then run:
    sudo pam-auth-update
== /etc/lightdm/lightdm.conf ==
Ubuntu Only, enable showing the other ''user'' login.
   
    [SeatDefaults]
    user-session=ubuntu
    greeter-session=unity-greeter
    autologin-user=ps1member
    '''greeter-show-manual-login=true'''
Retrieved from "https://ps1.mywikis.net/wiki/Linux_Winbind_Setup"
Powered by MediaWiki
Powered by Semantic MediaWiki