You are not logged in.
Dear all
I have an up and running Samba (AD DC) setup running on Debian, but it is my intention to migrate it to Arch.
In order to test the water, firstly I tried to integrate an Arch machine as Backup DC and promote it to PDC (https://wiki.archlinux.org/index.php/Active_Directory_integration), then I tried to create a completely new domain from scratch (https://wiki.archlinux.org/index.php/Samba/Active_Directory_domain_controller), but in both cases I ended up with AD users not being able to login (remotely or phisically) to the Arch AD DC (regardless whether it was the 'old' domain or the 'new' one created from scratch).
There must be something wrong in pam modules, but I am definitely not an expert there, and the combination used here https://wiki.archlinux.org/index.php/Ac … figure_NSS does not work. I read about switching from winbind to SSSD, but since I am dealing with a server, this is not possible imho.
Any suggestion from your side pls?
Thanks
Offline
The users most likely didn't pull over the same.
Most likely tcpdump or wireshark might help here.
But if you have a golden ticket, you can just get to be an administrator.
https://us-cert.cisa.gov/ncas/current-a … -2020-1472
Arch is already 4.12 and 4.8 and older need server schannels = yes or auto.
Last edited by nomorewindows (2020-09-22 22:38:44)
I may have to CONSOLE you about your usage of ridiculously easy graphical interfaces...
Look ma, no mouse.
Offline
Thanks for the tip
but the issue is not related to AD User from other machines, which can easily authenticate through this AD DC. The issue is within the arch AD DC server itself: on this server, No AD User can't connect/login, only local linux users can...
Offline