3 Using the Winbind Profile

Configure the Winbind profile to work with Windows users and groups.

Winbind is a client-side service that resolves user and group information on a Windows server. Use the Winbind profile to let Oracle Linux work with Windows users and groups.

1. Install the required packages.

   Install the samba-winbind package:

   sudo dnf install samba-winbind -y

2. Select winbind to be the active profile and enable the required features.

   The following command selects the winbind profile and enables the with-faillock and with-mkhomedir features:

   sudo authselect select winbind with-faillock with-mkhomedir

   Profile "winbind" was selected.
   The following nsswitch maps are overwritten by the profile:
   - passwd
   - group
   
   Make sure that winbind service is configured and enabled. See winbind documentation for 
   more information.
    
   - with-mkhomedir is selected, make sure pam_oddjob_mkhomedir module
     is present and oddjobd service is enabled
     - systemctl enable oddjobd.service
     - systemctl start oddjobd.service

3. Satisfy the feature requirements of the profile.

   Using the output of the previous command, fulfill the requirements of the features you enabled for the profile.

4. Start the service.

   Start the winbind service and enable it to autostart when the system is rebooted.

   sudo systemctl enable --now winbind

Note:

If you change the features of a profile that's already active, the revised features replace whatever features were enabled before.