documentation-packages team mailing list archive

Thread
Date

[Bug 1341544] Re: Winbind: domain user doesn't login on Ubuntu server 14.4

To: documentation-packages@xxxxxxxxxxxxxxxxxxx
From: Gunnar Hjalmarsson <1341544@xxxxxxxxxxxxxxxxxx>
Date: Mon, 14 Jul 2014 12:17:00 -0000
Reply-to: Bug 1341544 <1341544@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Thanks for your report. However you filed it as a bug against the Ubuntu
desktop documentation, which it is not.

To me it sounds like you are asking for help with a server configuration
issue, and http://askubuntu.com/ is one good place to ask for help with
using Ubuntu.

** Changed in: ubuntu-docs (Ubuntu)
       Status: New => Invalid

-- 
You received this bug notification because you are a member of
Documentation Packages, which is subscribed to ubuntu-docs in Ubuntu.
https://bugs.launchpad.net/bugs/1341544

Title:
  Winbind: domain user doesn't login on Ubuntu server 14.4

Status in “ubuntu-docs” package in Ubuntu:
  Invalid

Bug description:
  I set up successfully an Ubuntu server 12.4.4 to be a Member Serve of
  the Windows Domain and to allow Domain Users to login.

  I created an Ubuntu 14.4 server to test with the same purpose and I
  tried to set up with the same way, but I cannot login to the server
  with a domain user.

  Ubuntu server 14.4 can read the list of domain user and domain group
  via wbinfo-u and wbinfo-g command like in Ubuntu server 12.4.4.

  The wbinfo-t command indicates successful communication via rpc
  between Ubuntu server 14.4 and the Domain Controller.

  The interesting thing is when I installed the Samba and Winbind
  packets (apt-get install samba winbind), the PAM configuration files
  (common-account, common-auth, common-session) in /etc/pam.d/ are
  automatically set up in Ubuntu server 12.4.4, but in Ubuntu 14.4 are
  not.

  Below are the list files configured automatically in Ubuntu server
  12.4.4 and adjusted manually in Ubuntu 14.4:

  /etc/pam.d/common-account
  account [success=2 new_authtok_reqd=done default=ignore]    pam_unix.so
  account [success=1 new_authtok_reqd=done default=ignore]    pam_winbind.so
  account requisite              pam_deny.so
  account required            pam_permit.so
  /etc/pam.d/common-auth
  auth    [success=2 default=ignore]      pam_unix.so nullok_secure
  auth    [success=1 default=ignore]      pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass
  auth    requisite              pam_deny.so
  auth    required            pam_permit.so
  /etc/pam.d/common-session
  session [default=1]          pam_permit.so
  session requisite              pam_deny.so
  session required            pam_permit.so
  session optional            pam_umask.so
  session required    pam_unix.so
  session required    pam_mkhomedir.so skel=/etc/skel/ umask=0022
  session optional            pam_winbind.so

  I proceeded with the installation of Kerberos (apt-get install
  krb5-user libkrb5-3) in the same way that I performed on active Ubuntu
  server 12.4.4.

  Because I have not succeeded to login in the test server, I decided to
  recreate the active server (Ubuntu server 12.4.4) and upgrade him with
  the command do-release-upgrade-d.

  Despite I succeeded to install and set up the server test Ubuntu
  server 12.4.4the problem reappeared after the upgrade. I could no
  longer access the server with a domain user while still able to read
  the list of users and groups via wbinfo-u and wbinfo-g command.

  I installed libnss-winbind package (apt-get install libnss-winbind)
  and then I get success to login to the server with a domain user.

  Noteworthy that with a clean install of Ubuntu server 14.4, the
  installation of this library did not solved the problem.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-docs/+bug/1341544/+subscriptions

References

[Bug 1341544] [NEW] Winbind: domain user doesn't login on Ubuntu server 14.4
From: Tecoberg, 2014-07-14