documentation-packages team mailing list archive
Mailing list archive
[Bug 1341544] Re: Winbind: domain user doesn't login on Ubuntu server 14.4
Thanks for your report. However you filed it as a bug against the Ubuntu
desktop documentation, which it is not.
To me it sounds like you are asking for help with a server configuration
issue, and http://askubuntu.com/ is one good place to ask for help with
** Changed in: ubuntu-docs (Ubuntu)
Status: New => Invalid
You received this bug notification because you are a member of
Documentation Packages, which is subscribed to ubuntu-docs in Ubuntu.
Winbind: domain user doesn't login on Ubuntu server 14.4
Status in “ubuntu-docs” package in Ubuntu:
I set up successfully an Ubuntu server 12.4.4 to be a Member Serve of
the Windows Domain and to allow Domain Users to login.
I created an Ubuntu 14.4 server to test with the same purpose and I
tried to set up with the same way, but I cannot login to the server
with a domain user.
Ubuntu server 14.4 can read the list of domain user and domain group
via wbinfo-u and wbinfo-g command like in Ubuntu server 12.4.4.
The wbinfo-t command indicates successful communication via rpc
between Ubuntu server 14.4 and the Domain Controller.
The interesting thing is when I installed the Samba and Winbind
packets (apt-get install samba winbind), the PAM configuration files
(common-account, common-auth, common-session) in /etc/pam.d/ are
automatically set up in Ubuntu server 12.4.4, but in Ubuntu 14.4 are
Below are the list files configured automatically in Ubuntu server
12.4.4 and adjusted manually in Ubuntu 14.4:
account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so
account [success=1 new_authtok_reqd=done default=ignore] pam_winbind.so
account requisite pam_deny.so
account required pam_permit.so
auth [success=2 default=ignore] pam_unix.so nullok_secure
auth [success=1 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass
auth requisite pam_deny.so
auth required pam_permit.so
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session optional pam_umask.so
session required pam_unix.so
session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
session optional pam_winbind.so
I proceeded with the installation of Kerberos (apt-get install
krb5-user libkrb5-3) in the same way that I performed on active Ubuntu
Because I have not succeeded to login in the test server, I decided to
recreate the active server (Ubuntu server 12.4.4) and upgrade him with
the command do-release-upgrade-d.
Despite I succeeded to install and set up the server test Ubuntu
server 12.4.4the problem reappeared after the upgrade. I could no
longer access the server with a domain user while still able to read
the list of users and groups via wbinfo-u and wbinfo-g command.
I installed libnss-winbind package (apt-get install libnss-winbind)
and then I get success to login to the server with a domain user.
Noteworthy that with a clean install of Ubuntu server 14.4, the
installation of this library did not solved the problem.
To manage notifications about this bug go to: