similar to: authentication to ADS via Kerberos at login?

Hi, We're trying to set up a Red Hat 9 box as a BDC for a domain, the PDC for that domain is another RH9 machine. To do it we're using samba 2.2.7a and openLDAP 2.0.7 in both machines. We've followed the instructions from the Samba-PDC-Howto and Samba-BDC-Howto from the samba.org. The PDC works fine but when I try to list the shares of the BDC using my user I get a NT_LOGON_FAILURE

Hi all I'm actually trying to setup an AD authentication on linux workstations. - I've setup an windows AD 2003 server, which work fine. - I've setup linux redhat 4 enterprise server (used as a workstation for the moment) - On the redhat, I already have setup smb.conf, krb5.conf, nsswitch.conf, pam.d/login, pam.d/system_auth. I have pasted all these files below. ==> I get

Sorry for the cross lists post, but my problem seems to involve several areas, and one may be affecting the other. Problem: When logging on with a Windows XP client to the Samba domain I get the error : [2004/08/16 15:38:12, 0] rpc_server/srv_netlog_nt.c:get_md4pw(218) get_md4pw: Workstation ALDEBURGH$: no account in domain Anyone got any ideas ? Heres what I have got most of the config

Hi, we've got a samba-3.0.21a-1 systems that's set up w/ winbind to query AD to authenticate users w/out Unix accts. The system is also set up to support our LDAP'd UNIX accts. After setting the [global] section like this: [global] realm = WIN.OURDOMAIN.COM security = ads password server = thebes balsam encrypt passwords = yes log file = /var/log/samba/log.%m

Hello, I am have some interesting problems with the pam_winbind portion of samba 3.1. wbinfo -u and getent passwd works but when I login I get the following messages in /var/log/messages. Jan 5 11:09:36 hermes pam_winbind[9014]: write to socket failed! Jan 5 11:09:36 hermes pam_winbind[9014]: internal module error (retval = 3, user = `CSQ+shane' Jan 5 11:09:36 hermes PAM_pwdb[9014]: check

Hi, I have installed samba 3.5.4 on Centos 6 and have set it up to authenticate to a Windows 2008 Domain Controller. When I do a "su - some-domain-user", the home directory gets created. However, I want the home directory to be created when a user accesses the samba shares(no shell access). Following are the relevant configurations. What are the PAM changes I need to make? Help is much

Hello, I am having a small issue with LDAP, and I hope someone here might be able to provide a few tips. I am unable to authenticate as user 'testuser' on server 'storage' and the following errors appear in /var/log/messages on server 'storage' Sep 19 16:56:17 storage sshd(pam_unix)[3124]: check pass; user unknown Sep 19 16:56:17 storage sshd(pam_unix)[3124]:

Hi all, I am a bit confused about the usage of pam_mount. Here is my /etc/pam.d/system-auth: auth required pam_env.so auth required pam_mount.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_krb5.so use_first_pass auth required pam_deny.so account

Having issues adapting our 3.4 configuration that worked very well using idmap rid in 3.3. It seems like winbind does not cache the credentials despite all of the settings being present. I can set winbind offline via smbcontrol and have it work, but if I reboot the machine (important for my laptops) off the network winbind complains that it can't find the logon server. When disconnected and

So I have Samba 3.5 set up to use pam to authenticate against kerberos. This seems to be working fine when I connect to the from a linux system using smbclient. However, when I try to connect from a windows system, it fails. I cranked up the debug level, but I'm unable to figure why this does not work. I feel I'm missing a component to this. I use samba on a handful of our servers,

Dear Samba Team/Readers: I have been reading the mailing lists looking for a solution to a particular problem that I am having: The Setup: centos 4.3 (redhat enterprise server clone) running kerberos, samba Version 3.0.10-1.4E.2, 32 bit system. Running stock kernel 2.6.9-22. I am authenticating to a windows 2003 server, standard edition, with all service packs and patches applied. I am using

I'm running CentOS 4.3 with the most recent samba-client and samba-common rpms. I've managed to configure samba/winbind to allow me to join the box to the AD, create the UID and GID mappings, etc. However, when I try to connect via ssh, the account cannot log in. /var/log/messages says the following: Sep 5 17:15:25 kdcdmz sshd[6263]: error: Could not get shadow information for

Hi All, I've been trying for quite some time now, but feel that there's just that one situation that doesn't work, and that's probably the one thing I'd like to use. I've got a simple samba server (3.0.23c) on RHEL5 that only has one large share. That share is to be used by a certain number of users, that can exchange large amounts of data using that share, but not

So I have this centos 5.10 box which authenticates network users against ldap(authorizing)+kerberos(authentication). And I now would like to have sudo be able to allow admins (netgroup chinbeards) to sudo about. I am not using sssd though (yet). Here is the output of me trying sudo (debug on): [raub at centos5-x64 ~]$ sudo pwd LDAP Config Summary =================== uri

Hi, I've successfully joined a CentOS server to our AD domain: AD: Windows Server 2008 RC2 with Windows Services for UNIX AD member: CentOS 6.6, sernet-samba-4.1.14-9, authentication via Kerberos and Winbind >From time to time the following entries show up in the messages file: Apr 2 11:54:15 barbarella nss_wins[4254]: [2015/04/02 11:54:15.339983, 0]

Hello Samba List, I am struggling with connecting samba to our AD servers. Thought it will be easy as before but I was wrong. DCs: Windows Server 2012 (2x) with AD Domain Forest/Level 2003 NATIVE. + SBS 2003 (will be removed, migrating from SBS AD to new 2012 servers) -standard AD schema with exchange attributes DID NOT INSTALL UNIX attributes. This is required for SSSD. Thought i would go

Hi When I enable a box to do authentication using LDAP it breaks cron for users like jboss. I get the following in /var/log/secure Sep 14 15:25:01 exoipatest01 crond[7214]: pam_access(crond:account): access denied for user `jboss' from `cron' I have the following in /etc/ldap.conf nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,tomcat,radiusd,news,mailman,nscd,jboss

Ok, I've been literally throwing things in my effort to fix this. Please help me from damaging something valueable! :) I've installed Samba 3.0.22 and OpenLDAP etc. I've used the IDEALX scripts to create the LDAP tree etc. Everything goes swimmingly until I try to check and see if NSS/PAM is working right. I use the following command as shown in SBE to check NSS/PAM working. getent

Short version: Why does my domain member server create a sambaDomainName entry in LDAP? Long Version: I have created a Domain Member Server for a "NT4 style" Samba domain with an LDAP backend. It is a print server, running Winbind (because it solved a group SID mapping problem and an 'invalid SID' error in syslog), and it works fine in all other respects, but this: After

Hello everyone I have reached the end of my rope and desperately need help. I recently installed two Samba4 Active Directory Domain Controllers on CentOS 6.3 which are working perfectly, and I had joined a Samba3 Server to this domain and everything went well. I could authenticate users on samba3 server and could see all the groups in the domain, but I was having permissions problem accessing the