Olá, Comunidade Ubuntu: D
Eu tenho um problema com o ubuntu 14.04 e ldap :( aqui está o meu arquivo de configuração:
/etc/ldap.conf:
base dc=ad,dc=school,dc=fr
uri ldap://dcad1.ad.school.fr
ldap_version 3
binddn CN=app,OU=admin,DC=ad,DC=school,DC=fr
bindpw mypassword
nss_map_objectclass posixAccount user
nss_map_objectclass shadowAccount user
nss_map_attribute uid sAMAccountName
nss_map_attribute homeDirectory unixHomeDirectory
nss_map_attribute shadowLastChange pwdLastSet
nss_map_objectclass posixGroup group
nss_map_attribute uniqueMember member
pam_login_attribute sAMAccountName
pam_filter objectclass=User
nss_base_passwd ou=people,dc=ad,dc=school,dc=fr?sub
nss_base_group ou=etp,ou=uds,ou=groups,dc=ad,dc=school,dc=fr?sub
/etc/nsswitch.conf:
passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
/etc/krb5.conf:
[libdefaults]
default_realm = AD.SCHOOL.FR
dns_lookup_realm = true
dns_lookup_kdc = true
[domain_realm]
.u-SCHOOL.fr = AD.SCHOOL.FR
u-SCHOOL.fr = AD.SCHOOL.FR
.SCHOOL.fr = AD.SCHOOL.FR
SCHOOL.fr = AD.SCHOOL.FR
.app.ad.SCHOOL.fr = AD.SCHOOL.FR
app.ad.SCHOOL.fr = AD.SCHOOL.FR
[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/krbadmin.log
default = FILE:/var/log/krb5lib.log
/ etc / ssh / sshd_config:
KerberosAuthentication yes
KerberosOrLocalPasswd yes
/etc/pam.d/common-account:
account sufficient pam_krb5.so ignore_root realm=AD.SCHOOL.FR
account required pam_unix.so
Despeje /etc/pam.d/common-auth:
auth sufficient pam_krb5.so ignore_root realm=AD.SCHOOL.FR
auth required pam_unix.so nullok_secure try_first_pass
/etc/pam.d/common-password:
password required pam_unix.so nullok obscure sha512
/etc/pam.d/common-session:
session sufficient pam_krb5.so ignore_root realm=AD.UNISTRA.FR
session required pam_unix.so
Esta configuração funciona bem com o Ubuntu 10.04 mas com o ubuntu 14.04 eu tenho um problema: a sessão abre e fecha imediatamente. Obrigado :)
var / log / auth.log:
Feb 24 08:58:12 ubuntu-VM2 lightdm: PAM adding faulty module: pam_kwallet.so
Feb 24 08:59:26 ubuntu-VM2 lightdm: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "baillard"
Feb 24 08:59:32 ubuntu-VM2 lightdm: pam_krb5(lightdm:auth): user baillard authenticated as [email protected]
Feb 24 08:59:36 ubuntu-VM2 lightdm: pam_unix(lightdm-greeter:session): session closed for user lightdm
Feb 24 08:59:41 ubuntu-VM2 lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
Feb 24 08:59:41 ubuntu-VM2 lightdm: PAM adding faulty module: pam_kwallet.so
Feb 24 08:59:46 ubuntu-VM2 lightdm: pam_unix(lightdm-greeter:session): session opened for user lightdm by (uid=0)
Feb 24 08:59:46 ubuntu-VM2 systemd-logind[534]: New session c5 of user lightdm.
Feb 24 08:59:56 ubuntu-VM2 lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
Feb 24 08:59:56 ubuntu-VM2 lightdm: PAM adding faulty module: pam_kwallet.so
Você consegue fazer login na mudança para um tty textual?
Se sim, você recebe avisos sobre uma casa perdida? Nesse caso, verifique as permissões em /home/<your username> . Caso contrário
tente editar da seguinte forma: %código%. Observe a barra final