使用pbis ,成功将Linux(Ubuntu 14.04)节点join到域中。
# /opt/pbis/bin/get-status LSA Server Status: Compiled daemon version: 8.2.1.2979 Packaged product version: 8.2.2979.68390 Uptime: 0 days 20 hours 50 minutes 29 seconds [Authentication provider: lsa-activedirectory-provider] Status: Online
当我们运行getent passwd时,它也按预期列出了所有域用户。
# getent passwd ttuser ttuser:x:1124089581:1124073985:Test User:/home/<domain>/ttuser:/bin/bash
但是,当我们尝试通过su或ssh作为域用户login时,由于pamauthentication失败而失败。
当试图使用su从同一台机器login时:
su[7024]: pam_unix(su:auth): check pass; user unknown su[7024]: pam_unix(su:auth): authentication failure; logname=ubuntu uid=1000 euid=0 tty=/dev/pts/1 ruser=ubuntu rhost= su[7024]: pam_authenticate: Authentication failure su[7024]: FAILED su for <Domain>\ttuser by ubuntu su[7024]: - /dev/pts/1 ubuntu:<Domain>\ttuser
当试图使用ssh从不同的机器login时:
sshd[7031]: error: Could not load host key: /etc/ssh/ssh_host_ed25519_key sshd[7038]: pam_unix(sshd:auth): check pass; user unknown sshd[7038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-172-21-3-42.eu-west-1.compute.internal sshd[7031]: error: PAM: Authentication failure for <Domain>\\ttuser from ip-172-21-3-42.eu-west-1.compute.internal