Questions tagged [winbind]

Winbind is part of the Samba suite and provides an NSS and PAM layer for Unix/Linux systems to integrate authentication with a Windows domain

133 questions
15
votes
6 answers

Linux + Active directory authentication + only letting certain groups login

I have some linux boxes that use Windows Active Directory authentication, that works just fine (Samba + Winbind). What I would like to do now though is only allow certain people or certain groups to login using Active Directory credentials.…
Luma
  • 1,440
  • 4
  • 19
  • 31
8
votes
4 answers

Joining Ubuntu Server 17.04 to Windows AD: Likewise vs Centrify vs Winbind vs SSSD

I have quite a few Ubuntu Server 17.04 hosts that must be joined to an existing Windows AD domain (Windows Server 2016). I've never done it before, but I'm aware about several ways to achieve this, such as: Likewise, Centrify, SSSD and…
Ashton R.
  • 83
  • 1
  • 1
  • 4
8
votes
6 answers

Samba Winbind User Resolution

We have successfully deployed AD authentication using Samba and Winbind (idmap_ad) across six Centos 6 servers and have been running happily for a few months now. One of the servers has stopped resolving one particular username (# id username), this…
malco
  • 465
  • 1
  • 7
  • 14
6
votes
2 answers

Linux machine is in a windows domain, but domain logon isn't working

We have a small network in our department 2 Win Server 2008 Domain Controller 1 debian webserver a number of win7 Clients My predecssor tried to add the webserver to our domain in order to login there with user accounts from our domain (mostly…
Simon Lenz
  • 191
  • 2
  • 6
6
votes
2 answers

How do Active Directory domain joined computers (native MS Windows or Linux with winbind) determine the closest password server?

How do Active Directory domain joined computers (native MS Windows or Linux with winbind) determine the closest password server? This question implies a cluster with 2+ Active Directory servers in different locations. On Windows there is no apparent…
Alex
  • 1,768
  • 4
  • 30
  • 51
6
votes
5 answers

Linux authentication via ADS -- allowing only specific groups in PAM

I'm taking the samba / winbind / PAM route to authenticate users on our linux servers from our Active Directory domain. Everything works, but I want to limit what AD groups are allowed to authenticate. Winbind / PAM currently allows any enabled…
Kenaniah
  • 213
  • 1
  • 3
  • 8
5
votes
1 answer

Inconsistent winbind info on Samba 4 AD domain controller

I've setup a Samba 4 AD domain controller on Debian Jessie (samba 4.2.10). Everything's working fine, except that winbind gives wrong user/group information. I have a sample user "testuser" and a security group "people". Their UNIX attributes are…
MasterM
  • 1,031
  • 2
  • 11
  • 18
5
votes
2 answers

Groupmapping does not work for AD groups

We have an ActiveDirectory where we get our users from. So authentication on the linux machine works over pam. We managed this part to work so far, but we need all users to be part of the local group "users". This works as far as I understand with…
Alexander Baltasar
  • 109
  • 1
  • 1
  • 6
5
votes
6 answers

OS X: Finder error -36 when using SMB shares on a Samba server bound to AD

We're looking at deploying SMB homes on Debian (5.0.3) for our mac clients rather than purchasing four new Xserves. We've got our test servers built and functioning properly. Windows clients behave perfectly, but we've run into an issue with OS X…
Frenchie
  • 1,272
  • 9
  • 14
4
votes
0 answers

Configure ntlm_auth for offline operations

We currently have a NAC server set up to authenticate against a Samba4 AD using the ntlm_auth utility and would like to make it more tolerant to network outages. Currently, when the NAC loses connectivity to the Samba4 Active Directory, every login…
Antoine Benkemoun
  • 7,314
  • 3
  • 41
  • 60
4
votes
1 answer

FreeRADIUS using Active Directory integration broken without any traces

I've a FreeBSD 10.0 server running FreeRADIUS 3 and things got broken without any apparent reason. I'm using Winbind from Samba4 to authenticate with ntlm_auth. I've done some debug to solve the problem, but I was unable to find where is the…
Vinícius Ferrão
  • 5,400
  • 10
  • 52
  • 91
4
votes
1 answer

Linux - How to control Winbind Authentication cache timeout

I have configured my linux machines (running CentOS 5.2) to authenticate against a Windows server running Active Directory. I have even enabled winbind offline logon. Everything works as expected, however I'm also looking to impose a TTL for the…
cybervedaa
  • 161
  • 1
  • 1
  • 5
4
votes
1 answer

Managing UID/GID of dual Samba / Winbind to AD

I have two Linux servers connected to an Active Directory Windows 2008 server using Samba/Winbind, and here is my samba config workgroup = COMPANY realm = COMPANY.COM server string = SAMBA-AD Server security = ADS password server…
Shiroi98
  • 273
  • 4
  • 5
  • 12
4
votes
2 answers

Active directory integration not working properly with winbind and samba

I'm trying to get my linux box to use active directory authentication. I believe I have almost everything setup correctly. I'm able to issue wbinfo -g and wbinfo -u and see all the groups and users respectively. Brief intro to my setup: The…
nwalke
  • 643
  • 2
  • 12
  • 31
4
votes
1 answer

Import Active Directory users into Unix/Linux/FreeBSD group

I need to have FreeBSD 8.2 RELEASE p9 (running FreeNAS) import or associate Active Directory users (or Security Group) with a Unix/FreeBSD group. This way I can use FreeBSD group(s) security on a specific file/directory tree yet still allow AD users…
Allen
  • 41
  • 1
  • 3
1
2 3
8 9