ian351c
Patron
- Joined
- Oct 20, 2011
- Messages
- 219
Hello all,
I have set up a test environment with the most recent 9.3-STABLE and a separate SAMBA 4.2 AD Domain Controller. It all seems to be working fine, right up until I enable "UNIX Extensions" in my AD config on my test NAS. This causes all of my AD users to fail authentication when using local services (SSH, FTP, etc.) but using CIFS still works.
With UNIX Extensions enabled, I see these messages in /var/log/messages:
I can make the error go away by disabling UNIX Permissions in the AD config, but I'd like to keep it if possible to specify a shell/home dir for AD users. This allows me to deny SSH/FTP access to the NAS to selected AD accounts (while permitting access to others). If there's an easier way to do that that doesn't involve creating local users and/or groups, that would work too.
Thanks!
I have set up a test environment with the most recent 9.3-STABLE and a separate SAMBA 4.2 AD Domain Controller. It all seems to be working fine, right up until I enable "UNIX Extensions" in my AD config on my test NAS. This causes all of my AD users to fail authentication when using local services (SSH, FTP, etc.) but using CIFS still works.
With UNIX Extensions enabled, I see these messages in /var/log/messages:
Code:
Jun 30 19:19:35 nastest proftpd: Request to sssd failed. Connection refused Jun 30 19:19:48 nastest sshd[33198]: Request to sssd failed. Connection refused
I can make the error go away by disabling UNIX Permissions in the AD config, but I'd like to keep it if possible to specify a shell/home dir for AD users. This allows me to deny SSH/FTP access to the NAS to selected AD accounts (while permitting access to others). If there's an easier way to do that that doesn't involve creating local users and/or groups, that would work too.
Thanks!