How-To authenticate to an NT domain

From Netatalk Wiki
Revision as of 09:45, 1 March 2010 by Franklahm (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search



Setup winbind by editing your smb.conf file with these settings:

winbind separator = /
#winbind separator = +
#winbind separator = \
winbind cache time = 10
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
obey pam restrictions = no
winbind nested groups = yes
winbind use default domain = yes
template shell = /bin/bash

Then join the domain:

net rpc join -U<adminstrator> -S<pdc>
/etc/init.d/winbind restart

To check to see if winbind is working:

wbinfo -t
getent passwd
getent group

You should see all the users and groups that are in the domain


Now to PAM setup. Create a file in the pam.d folder (/etc/pam.d/ or equivilant) called netatalk with this data:

auth       required
account    required
session    required

Restart the atalk and winbind service. You should now be able to login with your domain username and password though appletalk and have more than 8 chars ;-)

Personal tools