Displaying 10 results from an estimated 10 matches for "ldap_account_expire_policy".
2016 Sep 02
3
Samba4 and sssd authentication not working due "Transport encryption required."
...c=xx
ldap_user_object_class = user
ldap_user_home_directory = unixHomeDirectory
ldap_user_principal = userPrincipalName
ldap_group_search_base = dc=xx,dc=xx
ldap_group_object_class = group
ldap_group_member = memberOf
access_provider = simple
simple_allow_groups = IT
ldap_access_order = expire
ldap_account_expire_policy = ad
ldap_force_upper_case_realm = true
[domain/default]
cache_credentials = False
2016 Sep 02
4
Samba4 and sssd authentication not working due "Transport encryption required."
...> > ldap_group_search_base = dc=xx,dc=xx
> > ldap_group_object_class = group
> > ldap_group_member = memberOf
> > access_provider = simple
> >
> >
> >
> > simple_allow_groups = IT
> >
> >
> > ldap_access_order = expire
> > ldap_account_expire_policy = ad
> > ldap_force_upper_case_realm = true
> > [domain/default]
> > cache_credentials = False
> >
>
> The error message is pretty clear. Samba now requires SSL/TLS for LDAP
> binds. Once you have enabled TLS in sssd, everything should work.
> While you can tur...
2016 Sep 03
1
Samba4 and sssd authentication not working due "Transport encryption required."
...ject_class = group
>>>> ldap_group_member = memberOf
>>>> access_provider = simple
>>>>
>>>>
>>>>
>>>> simple_allow_groups = IT
>>>>
>>>>
>>>> ldap_access_order = expire
>>>> ldap_account_expire_policy = ad
>>>> ldap_force_upper_case_realm = true
>>>> [domain/default]
>>>> cache_credentials = False
>>>>
>>>
>>> The error message is pretty clear. Samba now requires SSL/TLS for LDAP
>>> binds. Once you have enabled TLS in...
2016 Sep 02
0
Samba4 and sssd authentication not working due "Transport encryption required."
...xHomeDirectory
> ldap_user_principal = userPrincipalName
> ldap_group_search_base = dc=xx,dc=xx
> ldap_group_object_class = group
> ldap_group_member = memberOf
> access_provider = simple
>
>
>
> simple_allow_groups = IT
>
>
> ldap_access_order = expire
> ldap_account_expire_policy = ad
> ldap_force_upper_case_realm = true
> [domain/default]
> cache_credentials = False
>
The error message is pretty clear. Samba now requires SSL/TLS for LDAP
binds. Once you have enabled TLS in sssd, everything should work. While
you can turn off the requirement in Samba, it's...
2014 Jul 28
0
[sssd] Not seeing Secondary Groups
...debug_level = 9
id_provider = ldap
access_provider = ldap
auth_provider = krb5
ldap_uri = ldap://ad.example.com
ldap_tls_reqcert = allow
ldap_schema = rfc2307bis
ldap_referrals = false
ldap_disable_referrals = true
ldap_force_upper_case_realm = true
ldap_page_size = 4000
ldap_access_order = expire
ldap_account_expire_policy = ad
ldap_default_bind_dn = CN=LINUXAUTH,DC=EXAMPLE,DC=COM
ldap_id_mapping = False
ldap_search_base = DC=EXAMPLE,DC=COM
ldap_user_search_base = DC=EXAMPLE,DC=COM?subtree?&(objectclass=user)(uidnumber=*)
ldap_user_search_scope = sub
ldap_user_object_class = user
ldap_user_name = cn
ldap_user_ho...
2016 Feb 02
3
Mac OS X and ACL's
...07bis ldap_referrals = false ldap_uri = ldap://dc01.auth.domain.com ldap_search_base = dc=auth,dc=domain,dc=com ldap_force_upper_case_realm = true # See man sssd-simple access_provider = simple # Uncomment to check for account expiration in DC # access_provider = ldap # ldap_access_order = expire # ldap_account_expire_policy = ad # Enumeration is discouraged for performance reasons. # enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = dc01$@AUTH.DOMAIN.COM krb5_realm = AUTH.DOMAIN.COM krb5_server = dc01.auth.domain.com krb5_kpasswd = dc01.auth.domain.com ldap_krb5_ke...
2016 Sep 03
0
Samba4 and sssd authentication not working due "Transport encryption required."
...; > > ldap_group_object_class = group
> > > ldap_group_member = memberOf
> > > access_provider = simple
> > >
> > >
> > >
> > > simple_allow_groups = IT
> > >
> > >
> > > ldap_access_order = expire
> > > ldap_account_expire_policy = ad
> > > ldap_force_upper_case_realm = true
> > > [domain/default]
> > > cache_credentials = False
> > >
> >
> > The error message is pretty clear. Samba now requires SSL/TLS for LDAP
> > binds. Once you have enabled TLS in sssd, everything sh...
2013 Apr 14
1
sssd getent problem with Samba 4.0
Version 4.0.6-GIT-4bebda4
Hi
I have sssd up and running. It works fine except that getent only
returns domain users if I specify the object e.g.
getent passwd
and
getent group
return only local users
but
getent passwd steve2
steve2:*:3000034:20513:steve2:/home/users/steve2:/bin/bash
and
getent group Domain\ Users
Domain Users:*:20513:
work fine.
/etc/nsswitch.conf
passwd: compat sss
group:
2016 Feb 02
0
Mac OS X and ACL's
...07bis ldap_referrals = false ldap_uri = ldap://dc01.auth.domain.com ldap_search_base = dc=auth,dc=domain,dc=com ldap_force_upper_case_realm = true # See man sssd-simple access_provider = simple # Uncomment to check for account expiration in DC # access_provider = ldap # ldap_access_order = expire # ldap_account_expire_policy = ad # Enumeration is discouraged for performance reasons. # enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = dc01$@AUTH.DOMAIN.COM krb5_realm = AUTH.DOMAIN.COM krb5_server = dc01.auth.domain.com krb5_kpasswd = dc01.auth.domain.com ldap_krb5_ke...
2016 Feb 02
2
Mac OS X and ACL's
...07bis ldap_referrals = false ldap_uri = ldap://dc01.auth.domain.com ldap_search_base = dc=auth,dc=domain,dc=com ldap_force_upper_case_realm = true # See man sssd-simple access_provider = simple # Uncomment to check for account expiration in DC # access_provider = ldap # ldap_access_order = expire # ldap_account_expire_policy = ad # Enumeration is discouraged for performance reasons. # enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = dc01$@AUTH.DOMAIN.COM krb5_realm = AUTH.DOMAIN.COM krb5_server = dc01.auth.domain.com krb5_kpasswd = dc01.auth.domain.com ldap_krb5_ke...