Vielen Dank für alle HInweise!
Mona Meyer
Code: Alles auswählen
/etc/pam.d/common-auth:
auth sufficient pam_winbind.so
auth required pam_unix.so use_first_pass nullok_secure
Code: Alles auswählen
/etc/pam.d/common-account:
account sufficient pam_winbind.so
account required pam_unix.so
Code: Alles auswählen
/etc/pam.d/common-password:
password required pam_unix.so nullok obscure min=4 max=8 md5
password sufficient pam_winbind.so use_authok
Code: Alles auswählen
/etc/samba/smb.conf:
workgroup = DOMAIN
realm = INT.DOMAIN.DE
server string = %h
security = ADS
winbind separator = +
winbind cache time = 10
password server = 192.0.0.2
encrypt passwords = true
client use spnego = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
template homedir = /home/%U
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
dns proxy = no
log level = 3
debug timestamp = yes
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
socket options = TCP_NODELAY
Code: Alles auswählen
/etc/nsswitch.conf
passwd: compat winbind
group: compat winbind
shadow: compat winbind
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
Code: Alles auswählen
[libdefaults]
default_realm = INT.DOMAIN.DE
[realms]
INT.DOMAIN.DE = {
kdc = DC.int.domain.de
admin_server = DC.int.DOMAIN.de
default_domain = DOMAIN
dns_lookup_realm = false
dns_lookup_kdc = true
}
[domain_realm]
.int.DOMAIN.de = DOMAIN
int.DOMAIN.de = DOMAIN
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}