Converting SSSD to Winbind #
After following the steps fro mmy last post to install and configure Winbind and Samba the following changes are needed to all users to log in via Winbind and not SSSD.
You need to remove references of pam_sss.so from the following 4 files. You will either need to comment out or delete the offending lines.
sudo nano /etc/nsswitch.conf
passwd: compat winbind
group: compat winbind
shadow: compat
gshadow: files
hosts: files myhostname mdns4_minimal [NOTFOUND=return] dns mdns4
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
sudo nano /etc/pam.d/common-auth
auth [success=3 default=ignore] pam_krb5.so minimum_uid=1000
auth [success=2 default=ignore] pam_unix.so nullok try_first_pass
auth [success=1 default=ignore] pam_winbind.so krb5_auth krb5_ccache_type=FILE cached_login try_first_pass
sudo nano /etc/pam.d/common-session
session optional pam_krb5.so minimum_uid=1000
session required pam_unix.so
session optional pam_winbind.so
session optional pam_systemd.so
sudo nano /etc/pam.d/common-account
account required pam_krb5.so minimum_uid=1000