Differences

This shows you the differences between two versions of the page.

--- linux:ad_integration:sssd [2021/03/29 14:11] – created - external edit 127.0.0.1
+++ linux:ad_integration:sssd [2025/07/03 13:31] (current) – tplecko
@@ Line 1: / Line 1: @@
-====== Ubuntu 20.04 and Samba integration with Active Directory using SSSD ======
+====== Ubuntu 24.04 and Samba integration with Active Directory using SSSD ======
+Update:
+When using Proxmox LXC, make sure to create a privileged container, and enable nesting:
+<code>
+pct set <CTID> -features nesting=1,keyctl=1
+pct restart <CTID>
+</code>
 ===== Join Ubuntu to Active Directory =====
 <code bash>
@@ Line 44: / Line 51: @@
 # set use_fully_qualified_names to false id you want to login using username only - otherwise you must use user@example.com
 # modify fallback_homedir to change user home folder - I prefer /home/%d/%u
+# make sure that the file is readable only by root
+sudo chmod 600 /etc/sssd/sssd.conf
+sudo chown root:root /etc/sssd/sssd.conf
 # enable auto create of home folders
 su@fs:~$ sudo pam-auth-update --enable mkhomedir
+# make sure this line exists in /etc/pam.d/common-session
+session required pam_mkhomedir.so skel=/etc/skel umask=0022
 # add users to sudo group
@@ Line 112: / Line 126: @@
 </code>
 ===== SAMBA integration =====
+<code bash>
+sudo apt install samba cifs-utils winbind libnss-winbind libpam-winbind krb5-user
+</code>
 This part needs review since it is broken in the fresh versions
 <code bash>
-su@fs:~$ sudo apt install samba cifs-utils libwbclient-sssd
+# su@fs:~$ sudo apt install samba cifs-utils libwbclient-sssd
+# libwbclient-sssd was dropped in Ubuntu/Debian because the SSSD project stopped maintaining the libwbclient support long ago. The functionality it provided (integration of Samba/Winbind with SSSD) is now considered obsolete. Samba now directly handles libwbclient on its own
+su@fs:~$ sudo apt install samba cifs-utils
 su@fs:~$ sudo vim /etc/samba/smb.conf
 [global]