Enable ssh for CentOS system bound to Active Directory?
Can I throw in $0.02 for Likewise Open? It's available for free at http://www.powerbrokeropen.org/ and since I've implemented it, I swear, it has saved me more time than anything I've ever used. I can't tell enough people about it.
You basically download the package, install it, and then run the command
domainjoin-cli join mydomain.com adminusername
You can edit the configuration in /etc/likewise-open/ and setup things like "use default domain", and change the home directory and default shell to whatever you want at your site, and it's over. All authentication works perfectly. PAM works fine. Samba and Apache auth are both easy. It's really like butter.
If you're having problems getting your Linux machines on the domain, I can't recommend this highly enough.
Related videos on Youtube
royco
Updated on September 17, 2022Comments
-
royco almost 2 years
I have a CentOS 5.4 system successfully bound to Active Directory. "net ads testjoin" says it's OK. I can run "id username" for AD users and see their accounts. However, I cannot log in remotely via SSH. /var/log/secure says the password is incorrect, but I know it's correct.
I suspect my /etc/pam.d/sshd is incorrect. What should it look like?
Does anything in /etc/security need to be changed?
-
tobi1805 over 14 years...also check your /etc/security/pam_winbind.conf to ensure the settings are right for your domain (Kerberos, etc.). That config also includes a handy debug statement to get nerdy.