How to log in to TrueOS as a user from AD?

L

LordNicky2017-03-13 23:57:46

FreeBSD

LordNicky, 2017-03-13 23:57:46

Good day!
I'm trying to solve a very strange, but no less important problem. I want to log in to my working computer with an account from AD. TrueOS system, latest. The reason is that in this way I immediately receive a Kerberos ticket and without additional problems I go to local http and nfs services.
What is already there:
1. Samba44 is installed and the machine is successfully added to the domain.
2. I get an adequate response to requests, such as wbinfo -u, net rpc infoetc. I see the machine in the list of domain computers.
3. I can either get a ticket using kinit or log in using a su usernamepassword. And I get a ticket right away.
The part of the task remains completely incomprehensible, where I log in with a domain account initially, on the PCDM (PC-BSD® Display Manager) screen. On such attempts I get a message that the user does not exist.
From what should have worked, but so far only getent refuses. On requests, type getent passwd I receive the list only of local users.
Thank you in advance.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

C

CityCat4, 2017-03-14
@LordNicky

pam_winibnd? If the DM is using PAM (and now only lazy people don't use it), add a pam_winbind call to the auth section.
FreeBSD in a Windows domain The article is certainly old, but the technology for using samba in AD is also about the same age.

R

res2001, 2017-03-14
@res2001

The system is not configured to authorize local users in AD. Samba, in your case, works solely as a network client.
Google something like: FreeBSD kerberos AD authorization
For example, here: serverfault.com/questions/599200/how-to-integrate-... is a good recipe.