Bonsoir à tous,
J’ai installé debian 9.5 (32 bits) sur ma machine virtuelle. J’ai mis cette machine dans un domaine Active Directory (Windows Server 2008R2) avec succès.
Dans ce domaine, des utilisateurs ont été créés. Mais je ne parviens pas à me connecter avec l’un des ces utilisateurs sur ma machine debian.
Je rappelle que je me connecte avec succès en utilisant tous ces utilisateurs à l’aide d’un PC Windows du domaine.
Veuillez trouver ci-dessous mes config.
Merci d’avance de votre aide.

#

# /etc/pam.d/common-auth - authentication settings common to all services

#

# This file is included from other service-specific PAM config files,

# and should contain a list of the authentication modules that define

# the central authentication scheme for use on the system

# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the

# traditional Unix authentication mechanisms.

#

# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.

# To take advantage of this, it is recommended that you configure any

# local modules either before or after the default block, and use

# pam-auth-update to manage selection of other modules. See

# pam-auth-update(8) for details.

# here are the per-package modules (the "Primary" block)

auth sufficient pam_unix.so nullok_secure

auth sufficient pam_winbind.so krb5_ccache_type=FILE cached_login try_first_pass

# here's the fallback if no module succeeds

auth requisite pam_deny.so

# prime the stack with a positive return value if there isn't one already;

# this avoids us returning an error just because nothing sets a success code

# since the modules above will each just jump around

auth required pam_permit.so

# and here are more per-package modules (the "Additional" block)

# end of pam-auth-update config

#

# /etc/pam.d/common-account - authorization settings common to all services

#

# This file is included from other service-specific PAM config files,

# and should contain a list of the authorization modules that define

# the central access policy for use on the system. The default is to

# only deny service to users whose accounts are expired in /etc/shadow.

#

# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.

# To take advantage of this, it is recommended that you configure any

# local modules either before or after the default block, and use

# pam-auth-update to manage selection of other modules. See

# pam-auth-update(8) for details.

#

# here are the per-package modules (the "Primary" block)

account sufficient pam_winbind.so

account sufficient pam_unix.so

# here's the fallback if no module succeeds

account requisite pam_deny.so

# prime the stack with a positive return value if there isn't one already;

# this avoids us returning an error just because nothing sets a success code

# since the modules above will each just jump around

account required pam_permit.so

# and here are more per-package modules (the "Additional" block)

# end of pam-auth-update config

# /etc/pam.d/common-session - session-related modules common to all services

#

# This file is included from other service-specific PAM config files,

# and should contain a list of modules that define tasks to be performed

# at the start and end of sessions of *any* kind (both interactive and

# non-interactive).

#

# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.

# To take advantage of this, it is recommended that you configure any

# local modules either before or after the default block, and use

# pam-auth-update to manage selection of other modules. See

# pam-auth-update(8) for details.

# here are the per-package modules (the "Primary" block)

session [default=1] pam_permit.so

# here's the fallback if no module succeeds

session requisite pam_deny.so

# prime the stack with a positive return value if there isn't one already;

# this avoids us returning an error just because nothing sets a success code

# since the modules above will each just jump around

session required pam_permit.so

# and here are more per-package modules (the "Additional" block)

session required pam_unix.so

session required pam_mkhomedir.so umask=0022 skel=/etc/skel

session optional pam_winbind.so

# end of pam-auth-update config

/etc/nsswitch.conf

#

# Example configuration of GNU Name Service Switch functionality.

# If you have the `glibc-doc-reference' and `info' packages installed, try:

# `info libc "Name Service Switch"' for information about this file.

passwd: compat winbind

group: compat winbind

shadow: compat

gshadow: files

hosts: files dns

networks: files

protocols: db files

services: db files

ethers: db files

rpc: db files

netgroup: nis

Bonjour patsondj,

J'ai regardé tes fichiers de conf, il y a peut-être une ligne en trop dans le fichier /etc/nsswitch.conf.

Tu peux retirer la ligne

gshadow: files

Sinon j'ai trouvé ce lien :

https://www.supinfo.com/articles/single/324-installer-configuer-ajouter-une-machine-linux-debian-domaine-windows-ad