Thought I would share some problems I was running into while
setting up Active Directory authentication on my freenas
box. I hope it is helpful to others.
My Configuration:
* FreeNAS 8.3.1
* SSH enabled
* Active Directory configured and service started (Active
Directory Server has Unix Services)
* Active Directory user with unix login shell of /bin/bash
Summary:
My user's login shell was set to /bin/bash in active
directory.
For some reason, I could log in as that user, but the shell
could
not figure out what my username was (just my user id).
Symptoms (myaduser is an active directory user with unix id
of 8826):
[root@freenas-test ~]# wbinfo -t
checking the trust secret for domain USERS via RPC calls
succeeded
[root@freenas-test ~]# getent passwd myaduser
myaduser:*:8826:5:myaduser:/home/myaduser:/bin/bash
[root@freenas-test ~]# ssh myaduser@localhost
[I have no name!@freenas-test ~]$ whoami
8826
[I have no name!@freenas-test ~]$ ldapwhoami
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error (-2)
additional info: SASL(-1):
generic failure: GSSAPI Error: Miscellaneous failure
(see text) (open(/tmp/krb5cc_8826): No such file or
directory)
[I have no name!@freenas-test ~]$ getent passwd myaduser
[I have no name!@freenas ~]$ /bin/csh
[myaduser@freenas] ~> #aha!
Now I just need to figure out how to get ftp authentication to work with active directory.
setting up Active Directory authentication on my freenas
box. I hope it is helpful to others.
My Configuration:
* FreeNAS 8.3.1
* SSH enabled
* Active Directory configured and service started (Active
Directory Server has Unix Services)
* Active Directory user with unix login shell of /bin/bash
Summary:
My user's login shell was set to /bin/bash in active
directory.
For some reason, I could log in as that user, but the shell
could
not figure out what my username was (just my user id).
Symptoms (myaduser is an active directory user with unix id
of 8826):
[root@freenas-test ~]# wbinfo -t
checking the trust secret for domain USERS via RPC calls
succeeded
[root@freenas-test ~]# getent passwd myaduser
myaduser:*:8826:5:myaduser:/home/myaduser:/bin/bash
[root@freenas-test ~]# ssh myaduser@localhost
[I have no name!@freenas-test ~]$ whoami
8826
[I have no name!@freenas-test ~]$ ldapwhoami
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error (-2)
additional info: SASL(-1):
generic failure: GSSAPI Error: Miscellaneous failure
(see text) (open(/tmp/krb5cc_8826): No such file or
directory)
[I have no name!@freenas-test ~]$ getent passwd myaduser
[I have no name!@freenas ~]$ /bin/csh
[myaduser@freenas] ~> #aha!
Now I just need to figure out how to get ftp authentication to work with active directory.