使用pbis,成功将 Linux(Ubuntu 14.04)节点加入域。
# /opt/pbis/bin/get-status
LSA Server Status:
Compiled daemon version: 8.2.1.2979
Packaged product version: 8.2.2979.68390
Uptime: 0 days 20 hours 50 minutes 29 seconds
[Authentication provider: lsa-activedirectory-provider]
Status: Online
当我们运行时,它还会按预期列出所有域用户getent passwd。
# getent passwd ttuser
ttuser:x:1124089581:1124073985:Test User:/home/<domain>/ttuser:/bin/bash
但是,当我们尝试通过 su 或 ssh 以域用户身份登录时,由于 pam 身份验证失败而失败。
当尝试使用 su 从同一台机器登录时:
su[7024]: pam_unix(su:auth): check pass; user unknown
su[7024]: pam_unix(su:auth): authentication failure; logname=ubuntu uid=1000 euid=0 tty=/dev/pts/1 ruser=ubuntu rhost=
su[7024]: pam_authenticate: Authentication failure
su[7024]: FAILED su for <Domain>\ttuser by ubuntu
su[7024]: - /dev/pts/1 ubuntu:<Domain>\ttuser
当尝试使用 ssh 从不同的机器登录时:
sshd[7031]: error: Could not load host key: /etc/ssh/ssh_host_ed25519_key
sshd[7038]: pam_unix(sshd:auth): check pass; user unknown
sshd[7038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-172-21-3-42.eu-west-1.compute.internal
sshd[7031]: error: PAM: Authentication failure for <Domain>\\ttuser from ip-172-21-3-42.eu-west-1.compute.internal