Hi,
I joined an Ubuntu Desktop to the AD domain. Now I want to have pam_mount mount the user’s home directory when a user logs in.
The home directories reside on a NS7 file server which is joined to the AD domain as well. But the pam_mount does not work.
When a user logs in, the attempt to automatically mount his home directory fails, and the file server reports:
“domain_client_validate: unable to validate password for user xx@ad.xy.de in domain to Domain controller DC.AD.XY.DE.
Error was NT_STATUS_WRONG_PASSWORD”.
I tried various options like “sec=ntlmv2” or “sec=ntlmssp”, nothing helps. The login itself succeds but not the mount process.
The Nethserver-dc is version 1.5.1-1.ns7.
Any help appreciated.
It was classified as #bug because of the expected results from the upgrade/migration procedure. However the fix was for migrated/upgraded systems, not for newly a installed NethServer. That’s because the NTLM auth is unsecure and should not be used for security reasons.
Haven said that, you can try to downgrade your authentication protocols (at your risk) to see if it solves your issue (perhaps the Ubuntu smb/cifs kernel module does not support other auth protocols?).
Add this line to /var/lib/machines/nsdc/etc/samba/smb.conf: