← Back to team overview

documentation-packages team mailing list archive

[Bug 1341544] Re: Winbind: domain user doesn't login on Ubuntu server 14.4


Thanks for your report. However you filed it as a bug against the Ubuntu
desktop documentation, which it is not.

To me it sounds like you are asking for help with a server configuration
issue, and http://askubuntu.com/ is one good place to ask for help with
using Ubuntu.

** Changed in: ubuntu-docs (Ubuntu)
       Status: New => Invalid

You received this bug notification because you are a member of
Documentation Packages, which is subscribed to ubuntu-docs in Ubuntu.

  Winbind: domain user doesn't login on Ubuntu server 14.4

Status in “ubuntu-docs” package in Ubuntu:

Bug description:
  I set up successfully an Ubuntu server 12.4.4 to be a Member Serve of
  the Windows Domain and to allow Domain Users to login.

  I created an Ubuntu 14.4 server to test with the same purpose and I
  tried to set up with the same way, but I cannot login to the server
  with a domain user.

  Ubuntu server 14.4 can read the list of domain user and domain group
  via wbinfo-u and wbinfo-g command like in Ubuntu server 12.4.4.

  The wbinfo-t command indicates successful communication via rpc
  between Ubuntu server 14.4 and the Domain Controller.

  The interesting thing is when I installed the Samba and Winbind
  packets (apt-get install samba winbind), the PAM configuration files
  (common-account, common-auth, common-session) in /etc/pam.d/ are
  automatically set up in Ubuntu server 12.4.4, but in Ubuntu 14.4 are

  Below are the list files configured automatically in Ubuntu server
  12.4.4 and adjusted manually in Ubuntu 14.4:

  account [success=2 new_authtok_reqd=done default=ignore]    pam_unix.so
  account [success=1 new_authtok_reqd=done default=ignore]    pam_winbind.so
  account requisite              pam_deny.so
  account required            pam_permit.so
  auth    [success=2 default=ignore]      pam_unix.so nullok_secure
  auth    [success=1 default=ignore]      pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass
  auth    requisite              pam_deny.so
  auth    required            pam_permit.so
  session [default=1]          pam_permit.so
  session requisite              pam_deny.so
  session required            pam_permit.so
  session optional            pam_umask.so
  session required    pam_unix.so
  session required    pam_mkhomedir.so skel=/etc/skel/ umask=0022
  session optional            pam_winbind.so

  I proceeded with the installation of Kerberos (apt-get install
  krb5-user libkrb5-3) in the same way that I performed on active Ubuntu
  server 12.4.4.

  Because I have not succeeded to login in the test server, I decided to
  recreate the active server (Ubuntu server 12.4.4) and upgrade him with
  the command do-release-upgrade-d.

  Despite I succeeded to install and set up the server test Ubuntu
  server 12.4.4the problem reappeared after the upgrade. I could no
  longer access the server with a domain user while still able to read
  the list of users and groups via wbinfo-u and wbinfo-g command.

  I installed libnss-winbind package (apt-get install libnss-winbind)
  and then I get success to login to the server with a domain user.

  Noteworthy that with a clean install of Ubuntu server 14.4, the
  installation of this library did not solved the problem.

To manage notifications about this bug go to: