Hello all,
I've followed the Red Hat "[url=http://www.redhat.com/rhecm/rest-rhecm/jcr/repository/collaboration/jcr:system/jcr:versionStorage/ae40084d0a052601783f1ea42715cdef/8/jcr:frozenNode/rh:resourceFile]Integrating Red Hat Enterprise Linux 6 with Active Directory[/url]" document to configure my CentOS 6.3 workstation to join to the 2008 R2 server Active Directory domain. To be more specific, the "6.2 Configuration 2 Samba/Winbind (idmap_ad)" setup is what I've attempted to implement. I've gotten as far as running the net join command with a successful join to domain response, but I am completely unable to login using domain credentials at all. I've tried via su - , login via ssh, nor logging in via standard GUI, all attempts fail fail with an authentication failure or unknown user. Checking /var/log/messages and /var/log/secure only shows that the user does not exist, but I don't see any hits on pam_winbind (but I'm not sure if I should be seeing any).
Running wbinfo -u and wbinfo -g both work properly and list the groups and users in AD and I am able to generate a kerberos ticket via kinit and verify them with klist. I'm completely at a loss as to why this system is not allowing me to login using a domain credential.
What really has me confused is that I followed the same procedure on another machine and it does work properly, but checking the config files /etc/krb5.conf /etc/samba/smb.conf /etc/pam.d/passwordd-auth and /etc/pam.d/system-auth all are identical; so any help with how to trouble shoot this issue would be greatly appreciated!
Thank you for your time and help!
Joining to AD successful, but unable to login via domain credentials with CentOS 6.3 + 2k8 R2
Re: Joining to AD successful, but unable to login via domain credentials with CentOS 6.3 + 2k8 R2
Hi,
have you tried logging in with your domain-username in the "username@domain.com" format? This should work, if wbinfo shows the correct connection to the AD.
Good luck
have you tried logging in with your domain-username in the "username@domain.com" format? This should work, if wbinfo shows the correct connection to the AD.
Good luck