similar to: dovecot-auth hangs with IO leak

Hi Rowland, This is a CentOS 6.7 server. I was able to make some progress. I have edited /etc/pam.d/system-auth, and now it looks like: auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_ldap.so use_first_pass auth required pam_deny.so account

I have removed use_auhtok from /etc/pam.d/system-auth and now passwd is "kind of" working... I am still able to login with my old password and the new one also. But only on the linux servers that are authenticating through LDAP. On my workstation only the old password (the one I was trying to change through passwd(ssh)) works. I have noticed that my user now has a userPassword

I am trying to configure NIS, PAM, & LDAP on a CentOS 6.2 host. I've previously installed a similar configuration on RHEL4, but CentOS now uses nss-pam-ldapd and nslcd instead of nss_ldap, so the configurations are a little different. Currently, local users and groups are showing up but not LDAP users. When I do a /getent passwd/ and/getent group/ I don't get LDAP users. When I do

Hello, I am having a small issue with LDAP, and I hope someone here might be able to provide a few tips. I am unable to authenticate as user 'testuser' on server 'storage' and the following errors appear in /var/log/messages on server 'storage' Sep 19 16:56:17 storage sshd(pam_unix)[3124]: check pass; user unknown Sep 19 16:56:17 storage sshd(pam_unix)[3124]:

I am installing smb 3.5 on a CentOS 6.2 host using smbldap-tools. I've previously installed a similar configuration on RHEL4 using smb 3.0 but CentOS now uses nss-pam-ldapd and nslcd instead of nss_ldap, so the configurations cannot be moved straight across. When I do a listing of a share directory that should have user and group ownership determined by LDAP, I get the uidNumbers and

Hi, I am authenticating users on our linux servers using nslcd/pam_ldap. Authentication is fine, however, it is not possible for the user to change the password from the server. Is there a way to make it work ? [Guilherme at server ~]$ passwd Changing password for user Guilherme. passwd: Authentication token manipulation error Oct 8 14:37:53 server passwd: pam_unix(passwd:chauthtok): user

Yes, it is an AD DC. The thing is, the only way I know to change the user password is from a Windows workstation (CTRL+ALT+DEL and go to Change password). I was trying to achieve the same thing through another Linux server that is not the AD DC. So I thought that it would be possible for them to change their AD passwords through "passwd", but it didn't seem to work properly, because

On 11.10.2016 17:22, Harry Jede via samba wrote: > Am Dienstag, 11. Oktober 2016 schrieben Sie: >> On 11.10.2016 13:52, Harry Jede via samba wrote: >>> On 10:43:49 wrote Gavrilov Aleksey via samba: >>> Until now, you have destroyed your domain. >>> Is the ldap directory on localhost in production or is this pc in a >>> test lab? >> a copy of the

I've configured dovecot to authenticate against a Fedora Directory Server. The mail server on which dovecot is installed has the nss_ldap and pam_ldap packages installed, and /etc/dovecot.conf has the following two lines: auth_userdb = ldap /etc/dovecot-ldap.conf auth_passdb = pam In other words, I want dovecot to use LDAP to access the user database, but PAM for authentication. This part is

Hi When I enable a box to do authentication using LDAP it breaks cron for users like jboss. I get the following in /var/log/secure Sep 14 15:25:01 exoipatest01 crond[7214]: pam_access(crond:account): access denied for user `jboss' from `cron' I have the following in /etc/ldap.conf nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,tomcat,radiusd,news,mailman,nscd,jboss

Ok, I've been literally throwing things in my effort to fix this. Please help me from damaging something valueable! :) I've installed Samba 3.0.22 and OpenLDAP etc. I've used the IDEALX scripts to create the LDAP tree etc. Everything goes swimmingly until I try to check and see if NSS/PAM is working right. I use the following command as shown in SBE to check NSS/PAM working. getent

hi, first of all, thanks to all the samba team for your great work and documentation. Well done! I have followed the 'By Example' guide, everything is working fine, except one thing. As indicated on chapter 5, point 14 of Configuration of smbldap-tools, when I try: # getent passwd | grep root I have 2 results, both id 0 root:x:0:0:root:/root:/bin/bash root:x:0:512:Netbios Domain

http://bugzilla.mindrot.org/show_bug.cgi?id=1065 Summary: password expiration and SSH keys don't go well together Product: Portable OpenSSH Version: 4.1p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: PAM support AssignedTo: bitbucket at mindrot.org

Thanks a lot for looking over the config. I am at the topic "user data is available" id <username> and getent passwd and ldapsearch -x -b "ou=XXX,o=YYY" uid=<username> give the correct results ldapsearch gives also the correct host attribute i have set in the ldap server. Regarding the manpage of sssd.conf the lines access_provider = ldap ldap_access_order =

Hi, I have searched all over and I am at a deep loss. I have Openldap setup and it works fine holding users and is searchable, etc. I have samba setup to auth via LDAP and it works. I can NOT for the life of me get system password stuff to work. The strange thing is, that my "testuser" can telnet to the computer and login and can login with samba fine. I can not ssh into the

Hello, I'm trying to configure Samba to work with SuSE 9.1. I followed The Linux Samba-OpenLDAP Howto (Revision: 1.6 ) from http://samba.idealx.org/smbldap-howto.en.html - but I'm stuck - in SuSE there is no /etc/pam.d/system-auth. Should I just add this file (I doubt it), or put these values into another files (which ones)? auth required /lib/security/pam_env.so auth

Has anyone gotten Active Directory user passwords changed from a Linux (Ubuntu 8.04) client? I used https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto as a guide, so I'm using Kerberos and Winbind (all apt-get). Samba version is 3.0.28a with a Windows Sever 2008 R2 DC, but running AD 2003 native. The client box is an LTSP box, and I'm able to ssh in with AD accounts.

I might be asking this question the incorrect group but, here goes. I have successfully added a Debian 10 member (workstation) and made the /etc/pam.d files adjustments per the Debianwiki page https://wiki.debian.org/AuthenticatingLinuxWithActiveDirectory and Debian is allowing me to login with AD users and passwords except for one thing. I have to enter the password twice to login. Here are the

>> But instead i get >> centos: sshd[7929]: pam_unix(sshd:session): session opened for user >> <username> > > "pam_unix" should be an indication that <username> appears in the local > unix password files. Make sure that it doesn't. Nope. None of the usernames i tried is in /etc/passwd or /etc/shadow > > What do /etc/pam.d/sshd and

Hi, I would like to do what I mentioned in the subject on an Ububtu 18.04. I tried it with the following steps: https://lists.samba.org/archive/samba/2011-March/161372.html My files on the client: smb.conf [global] ;Workstation Settings workgroup = PM netbios name = DS1223 server string = %h security = domain idmap backend = tdb idmap uid = 15000-20000 idmap gid = 15000-20000 wins server =