I have successfully configured my server as an AD Slave and it does appear to receive all of the required user & group accounts.
- In the LDAP Settings on the server I enabled the PAM setting and set the Default Login Shell to Bash prior to synchronizing with AD.
- The firewall rules are enabled as required.
- Password complexity is enabled in the AD's Default Domain Policy
- The Migration Tool v2.2 is installed and appears to function as expected. (i.e. I can view the sync behaviour in the log files on both the AD Master and Zentyal Slave servers and they appear to complete without error.)
The problem is that no matter which AD account I use, nor how many times I change the password on that account, I
CANNOT LOGIN at the console or via the browser. The auth.log file reports "Authentication Failure" on every attempt. Note: I can run ldapsearch and successfully authenticate against ldap with one of the sync'd accounts. I just can't login via the browser or at the server console.
What am I missing???
I have many years of MS/AD experience but am a Linux/Ubuntu/Zentyal rookie. Any help/guidance would be much appreciated.