Linux Mint login to Active Directory
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Linux Mint login to Active Directory
Hello,
i use Linux Mint 21.3 Virginia base: Ubuntu 22.04 jammy - and i ad it to an active directory (Synology Directory Server) - everything OK
i test the connection - everything OK (with: "realm discover")
i don`t now how can login with User from active directory on the logon screen on Linux Mint (XFCE and Cinnamon) (User@Domain doesn`t work)
what can i do, to login with a user account?
sorry for my bad english
i hope you can easy help me
thanks
i use Linux Mint 21.3 Virginia base: Ubuntu 22.04 jammy - and i ad it to an active directory (Synology Directory Server) - everything OK
i test the connection - everything OK (with: "realm discover")
i don`t now how can login with User from active directory on the logon screen on Linux Mint (XFCE and Cinnamon) (User@Domain doesn`t work)
what can i do, to login with a user account?
sorry for my bad english
i hope you can easy help me
thanks
Re: Linux Mint login to Active Directory
Are you using sssd ?
If so, I cannot help you, but I can assure you that you can log into a domain joined Linux Mint Cinnamon computer with the UPN if you use Samba.
If so, I cannot help you, but I can assure you that you can log into a domain joined Linux Mint Cinnamon computer with the UPN if you use Samba.
Re: Linux Mint login to Active Directory
Hello and good evening,
thanks for the tip
yes, i am using sssd.
Today check my active directory domain with: id user@domain -> OK
my sssd.conf (etc/sssd/)
[nss]
filter_groups = root
filter_users = root
reconnection_retries = 3
[pam]
reconnection_retries = 3
[sssd]
domains = ad.my.domain.local
config_file_version = 2
services = nss, pam
[domain/ad.my.domain.local]
default_shell = /bin/bash
krb5_store_password_if_offline = True
cache_credentials = True
krb5_realm = AD.MY.DOMAIN.LOCAL
realmd_tags = manages-system joined-with-adcli
id_provider = ad
fallback_homedir = /home/%u@%d
ad_domain = ad.my.domain.local
use_fully_qualified_names = False
ldap_id_mapping = True
access_provider = ad
Any idea? About the problem?
thanks for the tip
yes, i am using sssd.
Today check my active directory domain with: id user@domain -> OK
my sssd.conf (etc/sssd/)
[nss]
filter_groups = root
filter_users = root
reconnection_retries = 3
[pam]
reconnection_retries = 3
[sssd]
domains = ad.my.domain.local
config_file_version = 2
services = nss, pam
[domain/ad.my.domain.local]
default_shell = /bin/bash
krb5_store_password_if_offline = True
cache_credentials = True
krb5_realm = AD.MY.DOMAIN.LOCAL
realmd_tags = manages-system joined-with-adcli
id_provider = ad
fallback_homedir = /home/%u@%d
ad_domain = ad.my.domain.local
use_fully_qualified_names = False
ldap_id_mapping = True
access_provider = ad
Any idea? About the problem?
Re: Linux Mint login to Active Directory
Sorry, but I do not have a clue about sssd, I do not use it.
However, if you need help with using Samba, then I can talk you through that.
However, if you need help with using Samba, then I can talk you through that.
Re: Linux Mint login to Active Directory
If all you are trying to do is mount a share from your synology in mint you do NOT need active directory. Read my posts here:
viewtopic.php?p=2224687&hilit=synology+fstab#p2224687
You need to install samba which you can do from software manager, or in a terminal:
viewtopic.php?p=2224687&hilit=synology+fstab#p2224687
You need to install samba which you can do from software manager, or in a terminal:
Code: Select all
apt install samba
Thinkcentre M720Q - LM21.3 cinnamon, 4 x T430 - LM21.3 cinnamon, Homebrew desktop i5-8400+GTX1080 Cinnamon 19.0
Re: Linux Mint login to Active Directory
Not to nitpick but you don't need to install samba ( the server package ) on a Linux client to connect to someone else's SMB server.
You certainly don't need it if using mount.cifs to do the connection. CIFS doesn't use any samba client routines. It doesn't even know smb.conf exists. It's all in th Linux Kernel.
You certainly don't need it if using mount.cifs to do the connection. CIFS doesn't use any samba client routines. It doesn't even know smb.conf exists. It's all in th Linux Kernel.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
Re: Linux Mint login to Active Directory
My link shows connecting with
nemo smb://diskstation.local
as well as how to connect via fstab with cifs. Thought you needed samba for that? Happy to be corrected.Thinkcentre M720Q - LM21.3 cinnamon, 4 x T430 - LM21.3 cinnamon, Homebrew desktop i5-8400+GTX1080 Cinnamon 19.0
Re: Linux Mint login to Active Directory
nemo calls gvfs-backends which ... I'm going to use the term "oversees" ... the connection and mounting of the SMB share of another host. ( this is where most if not all of the bugs in this process are located )nemo smb://diskstation.local
gvfs-backends calls out libsmbclient which does the actual connection.
libsmbclinet is installed by default in all OS's that rely on gvfs-backends to do it's thing because it is a dependency of that package.
So a samba client process is already present on the system. You can install the smbclient package if you want a CLI capability. But the samba package itself enables a samba server on the system.
None of this has any impact on mount.cifs.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
Re: Linux Mint login to Active Directory
I stand corrected and have learnt something
Thinkcentre M720Q - LM21.3 cinnamon, 4 x T430 - LM21.3 cinnamon, Homebrew desktop i5-8400+GTX1080 Cinnamon 19.0
Re: Linux Mint login to Active Directory
That link shows that Avahi is involved in the connection and Samba when connecting to a an AD domain relies on dns, not Avahi. You normally have to join the computer to a domain when using Samba (note: I am not referring to cifs-utils here), but you can, I believe, get sssd to authenticate from AD without joining the domain, I personally don't see the point in that, you might as well just nslcd.
Re: Linux Mint login to Active Directory
Hello and thanks for your help,
but my problem ist not using a share, all my windows and linux shares are working fine in my linux mint system.
I have only a problem to using my useraccount from my own (linux) active directory server.
nemo smb://my.domian.local ist working fine
Because of my little and easy question: How ca I use my useraccount (userlogin) from my AD server with linux mint?
Maybe is the answer sooo simple .... whatever ....
but my problem ist not using a share, all my windows and linux shares are working fine in my linux mint system.
I have only a problem to using my useraccount from my own (linux) active directory server.
nemo smb://my.domian.local ist working fine
Because of my little and easy question: How ca I use my useraccount (userlogin) from my AD server with linux mint?
Maybe is the answer sooo simple .... whatever ....
Re: Linux Mint login to Active Directory
If you have a Linux active directory server, then you have a Samba active directory server and you shouldn't really be using sssd with it.
If your AD TLD is really '.local' , then it shouldn't be, '.local' is reserved for Bonjour and Avahi.
It is, stop using sssd, set up Samba correctly (this includes installing winbind) and you will be able to login with:
username
username@REALM
NetBIOS_name\username
Would you like me to talk you through the setup ?
-
- Level 8
- Posts: 2240
- Joined: Wed Aug 14, 2019 1:02 am
Re: Linux Mint login to Active Directory
Offtopic: .local were once upon a time a recommendation/suggestion as Active Directory domain name for small business private network by Microsoft. Active Directory technology is older than Bonjour. It is just that Microsoft didn't register .local to the standard bodies, letting Apple took advantage of it.
Re: Linux Mint login to Active Directory
My understanding was that Microsoft recommend '.local' for a short period until it was pointed out to them that it was reserved for Bonjour, it wasn't that they didn't register it, they couldn't, it had already been taken.billyswong wrote: ⤴Fri Apr 05, 2024 6:38 amOfftopic: .local were once upon a time a recommendation/suggestion as Active Directory domain name for small business private network by Microsoft. Active Directory technology is older than Bonjour. It is just that Microsoft didn't register .local to the standard bodies, letting Apple took advantage of it.
-
- Level 8
- Posts: 2240
- Joined: Wed Aug 14, 2019 1:02 am
Re: Linux Mint login to Active Directory
Active Directory is first released in Windows 2000 Server edition. Bonjour is first released in OSX by 2002.