[OpenIndiana-discuss] AD Authentication and Samba 4 Active Directory

Predrag Zecevic [Unix Systems Administrator] Predrag.Zecevic at 2e-systems.com
Wed Sep 17 06:30:49 UTC 2014 

Hi Martin,

I guess that LDAP/Kerberos authentication depends on PAM setup, so take a look (me, personally never used it on OI as server).

HTH,
Regards
Predrag Zečević

On 09/16/14 11:44 PM, Andrew Martin wrote:
> Hello,
>
> I have been attempting to follow this guide for setting up Active Directory
> authentication on OpenIndiana using LDAP+Kerberos:
> http://wiki.openindiana.org/oi/Kerberos+and+LDAP
>
> Note that this connecting to a Samba 4 Active Directory server.
>
> I am able to successfully view AD users via "getent passwd" and other tools that
> utilize the nsswitch hooks, however AD users are unable to login to the
> OpenIndiana server. I have read in a few places that the unixUserPassword field
> may be used for this purpose, however the above guide specifically instructs you
> to disable the "Password Sync" Windows component. Here's some more information
> on this field:
> http://blogs.technet.com/b/sfu/archive/2010/01/08/using-unixuserpassword-attribute-properly.aspx
>
> How does the LDAP+Kerberos method authenticate a user's password? What else can
> I do to debug this setup? I do not see any authentication errors in /var/log.
>
> Thanks,
>
> Andrew Martin
>
> _______________________________________________
> openindiana-discuss mailing list
> openindiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss
>

-- 
Predrag Zečević, Technical Support Analyst, 2e Systems GmbH

Telephone: +49 6196 9505 815, Facsimile: +49 6196 9505 894
Mobile:    +49  174 3109 288,     Skype: predrag.zecevic
E-mail:    predrag.zecevic at 2e-systems.com

Headquarter:          2e Systems GmbH, Königsteiner Str. 87,
                       65812 Bad Soden am Taunus, Germany
Company registration: Amtsgericht Königstein (Germany), HRB 7303
Managing director:    Phil Douglas

http://www.2e-systems.com/ - Making your business fly!

[***]===---
"Necessity is the mother of invention" is a silly proverb. "Necessity is the mother of futile dodges" is much nearer the truth. -- 
Alfred North Whitehead

More information about the openindiana-discuss mailing list