Displaying 20 results from an estimated 88 matches for "ticketflags".
2019 Oct 16
3
Can't setup kerberos auth for samba4 server?
...samba4-server. I've created /etc/krb5.conf:
[libdefaults]
default_realm = ADA.DE <http://ada.de/>
dns_lookup_realm = false
dns_lookup_kdc = true
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
fcc-mit-ticketflags = true
[realms]
ADA.DE <http://ada.de/> = {
kdc = ad01.ada.de
kdc = ad02.ada.de
admin_server = ad01.ada.de
chpasswd_server = ad01.ada.de
default_domain = ada.de
}
[domain_realm]
.ada.de =...
2016 Jun 28
2
Looking for GSSAPI config [was: Looking for NTLM config example]
...no joy :(
My /etc/krb5.conf:
------SNIP--------
[libdefaults]
default_realm = HPRS.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = true
[libdefaults]
default_realm = HPRS.LOCAL
dns_lookup_kdc = true
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
fcc-mit-ticketflags = true
[realms]
HPRS.LOCAL = {
default_domain = hprs.local
auth_to_local_names = {
Administrator = root
}
}
[domain_realm]
hprs.local = HPRS.LOCAL
# this is not a mistake
.hprs.local = HPRS.LOCAL
------PINS-----------
you wrote:
> You can remove the krb4_ stuff
I'...
2012 Jul 09
2
How do I get an ssh client to authenticate with samba4's kerberos GSSAPI?
...-crc des-cbc-md5
default_tgs_enctypes = arcfour-hmac-md5 des-cbc-crc des-cbc-md5
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
fcc-mit-ticketflags = true
[realms]
MYDOMAIN.NET = {
kdc = cofil01.mydomain.net:88
default_domain = mydomain.net
}
[domain_realm]
.mydomain.net = MYDOMAIN.NET
mydomain.net = MYDOMAIN.NET
[login]
krb4_convert = true
krb4_get_tickets = false
====================================...
2023 Apr 12
5
error trying to authenticate from Linux to AD
...b5.conf
> [logging]
> ???????Default = FILE:/var/log/krb5.log
>
> [libdefaults]
> ???????default_realm = HOME.RAHIM-DALE.ORG
> ???????ticket_lifetime = 24000
> ???????clock-skew = 300
> # The following libdefaults parameters are only for Heimdal Kerberos.
> ???????fcc-mit-ticketflags = true
> ?????? rdns = false
> [realms]
> ???????HOME.RAHIM-DALE.ORG = {
> ???????????????kdc = dc1.home.rahim-dale.org
> ???????????????admin_server = dc1.home.rahom-dale.org
> ???????}
>
> [domain_realm]
> ???????.rahim-dale.org = HOME.RAHIM-DALE.ORG
> ???????rahim-d...
2023 May 26
1
PAM Offline Authentication in Ubuntu 22.04...
...end = ad
idmap config * : range = 5000-9999
idmap config * : backend = tdb
printing = bsd
/etc/security/pam_winbind.conf
[global]
cached_login = yes
/etc/krb5.conf
[libdefaults]
default_realm = AD.FVG.LNF.IT
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
fcc-mit-ticketflags = true
/etc/nsswitch.conf
passwd: compat winbind
group: compat winbind
shadow: files
gshadow: files
hosts: files mdns4_minimal [NOTFOUND=return] dns
networks: files
protocols: db files
services: db files
ethers: db files
r...
2016 Jun 29
2
Looking for GSSAPI config [was: Looking for NTLM config example]
...gt;>> dns_lookup_kdc = true
>>>
>>> [libdefaults]
>>> default_realm = HPRS.LOCAL
>>> dns_lookup_kdc = true
>>> kdc_timesync = 1
>>> ccache_type = 4
>>> forwardable = true
>>> proxiable = true
>>> fcc-mit-ticketflags = true
>>>
>>> [realms]
>>> HPRS.LOCAL = {
>>> default_domain = hprs.local
>>> auth_to_local_names = {
>>> Administrator = root
>>> }
>>> }
>>>
>>> [domain_realm]
>>> hprs.local = HPRS...
2016 Jun 29
3
Looking for GSSAPI config [was: Looking for NTLM config example]
...lookup_realm = false
> > dns_lookup_kdc = true
> >
> > [libdefaults]
> > default_realm = HPRS.LOCAL
> > dns_lookup_kdc = true
> > kdc_timesync = 1
> > ccache_type = 4
> > forwardable = true
> > proxiable = true
> > fcc-mit-ticketflags = true
> >
> > [realms]
> > HPRS.LOCAL = {
> > default_domain = hprs.local
> > auth_to_local_names = {
> > Administrator = root
> > }
> > }
> >
> > [domain_realm]
> > hprs.local = HPRS.LOCAL
> > # this is...
2024 Feb 12
1
Samba, Kerberos, Autofs: Shares get disconnected
...l_xattr shadow_copy2
[work]
comment = IAP MW Work folder
path = /storage/work
read only = No
and on the server, the krb5.conf:
# cat /etc/krb5.conf
[libdefaults]
default_realm = <redacted>
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
fcc-mit-ticketflags = true
[realms]
<redacted> = {
kdc = <redacted>
admin_server =<redacted>
}
and on one client machine, i.e. workstation:
# testparm -s
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Weak crypto is allowed by GnuTLS (e.g. NTLM a...
2010 Oct 23
2
Samba 3.2 & IPv6
...nistrator"
It's ok.
With the same configuration but on IPv4 all works fine.
krb5.conf:
[libdefaults]
default_realm = DOMAIN.LOCAL
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
fcc-mit-ticketflags = true
[realms]
DOMAIN.LOCAL = {
kdc = kdc.domain.local
admin_server = kdc.domain.local
default_domain = domain.local
}
[domain_realm]
.domain.local = DOMAIN.LOCAL
domain.local = DOMAIN.LOCAL
[login]
krb4_convert = true
krb4_get_tickets = false
smb.conf:
[global]
workgrou...
2016 Apr 16
7
After Update to 4.2, Samba is unusuable as member server / No user and goup resolution
...***************************************
[libdefaults]
default_realm = AD.TEST.LOC
clockskew = 900
# The following libdefaults parameters are only for Heimdal Kerberos.
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
fcc-mit-ticketflags = true
[realms]
TEST.TEST.LOC = {
kdc = dc.ad.test.loc
kdc = dc1.ad.test.loc
kdc = dc2.ad.test.loc
kdc = dc3.ad.test.loc
admin_server = dc.test.loc
}
[domain_realm]
.test.loc = AD.TEST.LOC
[login]
krb4_convert = true
krb4_get_tickets = false
[logging]
kdc = FILE:/var/log/krb5/krb5kdc.log
admin_...
2010 Jan 28
1
Trouble getting past net join ads...
...v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
fcc-mit-ticketflags = true
[realms]
FS.UML.EDU = {
kdc = FSDC1.FS.UML.EDU
kdc = FSDC2.FS.UML.EDU
admin_server = FSDC1.FS.UML.EDU
}
STUDENT.UML.EDU = {
kdc = STDC1.STUDENT.UML.EDU
kdc = STDC2.STUDENT.UML.EDU...
2015 Nov 30
2
After joining domain, Samba uses the workgroup name, not the FQDN when running the net ads command
...lts]
default_realm = WINDOWS.CORP.XXX.COM
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
fcc-mit-ticketflags = true
[realms]
WINDOWS.CORP.XXX.COM = {
kdc = whiskey.windows.corp.XXX.com:88
kdc = wine.windows.corp.XXX.com:88
admin_server = whiskey.windows.corp.XXX.com:749
}
[appdefaults]
pam = {
ticket_lifetime = 1d
renew_lifetime = 1d
forwardable = true
proxiable = false
retain_after_close = false
minimu...
2014 May 09
1
samba4 : [kerberos part kinit work but no kpasswd
...?
????? v4_instance_resolve = false
??????? v4_name_convert = {
??????????????? host = {
??????????????????????? rcmd = host
??????????????????????? ftp = ftp
??????????????? }
??????????????? plain = {
??????????????????????? something = something-else
??????????????? }
??????? }
??????? fcc-mit-ticketflags = true
[realms]
??????? IETR.UNIV-RENNES1.FR = {
??????????????? kdc = admin.toto.fr:88
??????????????? admin_server = admin.toto.fr
??????? }
...
?
[domain_realm]
??????? .mit.edu = ATHENA.MIT.EDU
??????? mit.edu = ATHENA.MIT.EDU
??????? .media.mit.edu = MEDIA-LAB.MIT.EDU
??????? media.mit.edu...
2015 Jun 03
2
Cannot join Ubuntu12.04 Samba 4.1.17 to domain
On 03/06/15 21:29, ivenhov wrote:
> I reproduced error WERR_DEFAULT_JOIN_REQUIRED in two scenarios:
> - user account that is used to join machine to domain is not part of Domain
> Admin group.
> - OU path for computer (specified in createcomputer) is invalid
>
> In both of those cases I'm getting detailed error messages: 'insufficient
> access' and 'invalid
2013 Oct 26
2
lost with AD auth
...ync = 1
ccache_type = 4
forwardable = true
proxiable = true
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
fcc-mit-ticketflags = true
[realms]
RADIODJIIDO.NC = {
kdc = serveur
admin_server = serveur
}
[domain_realm]
.radiodjiido.nc = RADIODJIIDO.NC
radiodjiido.nc = RADIODJIIDO.NC
[login]
krb4_convert = true
krb4_get_tickets = false
syslog shows :
->
Oct 26 11:09:36 serveu...
2016 Jun 27
4
Looking for GSSAPI config [was: Looking for NTLM config example]
...is a *SAMPLE* configuration:
[libdefaults]
default_realm = YOUR.REALM
dns_lookup_kdc = true
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
fcc-mit-ticketflags = true
[realms]
YOUR.REALM = {
default_domain = your.domain.name
auth_to_local_names = {
Administrator = root
}
}
[domain_realm]
your.domain.name = YOUR.REALM
# this is not a mistake
.your.domain.na...
2015 Mar 12
0
samba 4.1.17 on raspberry pi as ad dc - internal dns problems
...v4_name_convert = {
> host = {
> rcmd = host
> ftp = ftp
> }
> plain = {
> something = something-else
> }
> }
> fcc-mit-ticketflags = true
.... to here.
>
> [realms]
> MY-DOMAIN.LOCAL = {
> kdc = adserver.my-domain.local <-- tried with adserver
> admin_server = adserver.my-domain.local and
> adserver.my-domain.local
add:
default_domain...
2015 Nov 17
2
Samba 4.1.6-Ubuntu on 14.04 domain join seems successful with caveats, testjoin reports no logon servers...
...ult_realm = HIJ.KLM.COM
dns_lookup_realm = false
dns_lookup_kdc = false
krb4_config = /etc/krb.conf
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
fcc-mit-ticketflags = true
[realms]
HIJ.KLM.COM = {
kdc = ad1.hij.klm.com
kdc = ad2.hij.klm.com
admin_server = ad.hij.klm.com
default_domain = hij.klm.com
}
[domain_realm]
.xyz.hij.klm.com = HIJ.KLM.COM
.hij.klm.com = HIJ.KLM.COM
[login]
krb4_convert = true
krb4_get_tickets = false
[logging]
kdc = FILE:/var/log/krb...
2009 Jul 30
1
krb5 + winbind + ads (back to ads)
...MIT Kerberos.
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
fcc-mit-ticketflags = true
[realms]
WIN-NET.DOMAIN.COM.BR = {
kdc = server.domain.com.br
kdc = server1.domain.com.br
default_domain = domain.com.br
kpasswd_server = server.domain.com.br
admin_server = server.domain.com.br
}
[domain_realm]
.domain.com.br = WIN-NET.DOMAIN.COM.BR
domain.com.br = WIN-NET.D...
2023 Apr 12
1
error trying to authenticate from Linux to AD
...og/krb5.log
>>>
>>> [libdefaults]
>>> ???????default_realm = HOME.RAHIM-DALE.ORG
>>> ???????ticket_lifetime = 24000
>>> ???????clock-skew = 300
>>> # The following libdefaults parameters are only for Heimdal Kerberos.
>>> ???????fcc-mit-ticketflags = true
>>> ?????? rdns = false
>>> [realms]
>>> ???????HOME.RAHIM-DALE.ORG = {
>>> ???????????????kdc = dc1.home.rahim-dale.org
>>> ???????????????admin_server = dc1.home.rahom-dale.org
>>> ???????}
>>>
>>> [domain_realm]
>&...