similar to: group names with longer names than 30 chars [winbind 3.4.7]

Hi, We hava a bunch of machines that needs to have the ability to look up users and groups (like with libnss_winbind) but we need to have the Kerberos and PAM stuff. We really don't want to join them to the AD. Are there any way to use one server as a proxy for name and group lookups? [dumb-node] --> [master-node-with-winbind] --> [AD] Best regards Emil Assarsson Sony Ericsson

Hi all, I have some problems with dynamic DNS updating. Samba 3.4.7 Windows 2003 sp2 # net ads dns register -P DNS Update failed! With debug ( -d9 ) I get this: ------ [2010/10/26 09:28:44, 3] libads/sasl.c:780(ads_sasl_spnego_bind) ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10 [2010/10/26 09:28:44, 3] libads/sasl.c:789(ads_sasl_spnego_bind) ads_sasl_spnego_bind: got server

Hi all, I'm trying to get pam_winbind to create ticket cache on login if the AD is available. Please note that this is an Ubuntu Lucid system. When trace this with wireshark it receives a TGT ticket for the user. The current solution is to use pam_krb5 before attempting winbind. That gives me a ticket cache. The main problem is that if the user enters the wrong password it does two login

Hi, Are there any way to add options to /var/run/samba/smb_krb5/krb5.conf_DOMAIN? I need to add udp_preference_limit and maybe have a better control on which kdc's are used. Best regards Emil Assarsson Sony Ericsson Mobile Communications AB "The information in this email, and attachment(s) thereto, is strictly confidential and may be legally privileged. It is intended solely for the

On 10/21/2015 2:34 PM, Eero Volotinen wrote: > Remember that rhel/centos backports fixes, so just looking version > number is not reliable way to detect security issues. > > Eero Indeed, though I can say on CentOS 5 the required configuration to be PCI compliand is not valid in apache, and httpd will not start. -- ----------------------------------------------- - Nick Bright

Signed-off-by: Adalbert Laz?r <alazar at bitdefender.com> --- arch/x86/kvm/mmu/mmu.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 97766f34910d..f3ba4d0452c9 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -2573,6 +2573,7 @@ static struct kvm_mmu_page *kvm_mmu_get_page(struct kvm_vcpu *vcpu,

Greetings, I'm running Dovecot 2.0.9 on my CentOS 6 server, for several thousand mailboxes. Recently, I've had several reports of "my mailbox is suddenly empty, where'd my mail go?" I've enabled debug logging, but I'd like to make sure I have the best level of debug to see things like "delete message" commands? I've configured in logging:

Hello,, Is there anything I can do to our Samba servers to make Windows passwords longer than 8 characters work? Thanks. Our Samba servers use SERVER security, and authenticate against the same Windows 2K logon server (PDC) that serves all our Windows 2K & XP desktops. Any of us with a Windows network password less than or equal to 8 characters long can mount the Samba shares seamlessly,

Hi, Samba list readers, I am forwarding these mails from one of the Linuxprinting.org lists to you (with the $SUBJECT changed by me), because surely some of you must have been bitten by this too.... This problem is verified on W2K (but not yet for NT/ME/XP/9x). Cheers, Kurt ################# problem description by Elena Khan #################### -------- Original Message -------- To:

I'm still learning firewalld obviously, and I am having trouble groking the documentation to understand how to do this. I know I could do an iptables direct, but that doesn't seem like the "right" way to do it. What I'm trying to do is allow a specific service, only for a specific ip. Effectively, SNMP should be allowed form a specific IP address (the systems monitor).

Greetings, I'm working with a new CentOS 7 installation, moving a system up from CentOS 5 due to OpenSSL version 0.9.8e not meeting PCI Compliance requirements. However, while setting up the CentOS 7 environment one of the closed source applications is requiring 0.9.8. The software vendor has advised installing package openssl098e from yum; but I'm hesitant to do so from a

Personally I would go round to that particular vendors office with a pipe wrench and encourage them to do better however, unless this software is transmitting credit card information then it seems that you could be safe(ish) from the regulation standpoint. It really depends on the location of the machine. Is it deep in the bowels of your high security nuclear bunker on an air gap network or is is

Remember that rhel/centos backports fixes, so just looking version number is not reliable way to detect security issues. Eero 2015-10-21 21:18 GMT+03:00 Nick Bright <nick.bright at valnet.net>: > Greetings, > > I'm working with a new CentOS 7 installation, moving a system up from > CentOS 5 due to OpenSSL version 0.9.8e not meeting PCI Compliance > requirements. >

Is there any information available about what packages are being planned for the SCL? For example, will PHP 5.6 be made available & maintained? By "maintained" I mean kept up to date with back ported security patches and such. -- ----------------------------------------------- - Nick Bright - - Vice President of Technology - -

On 11/6/2015 3:58 PM, James Hogarth wrote: > I have a couple of relevant articles you may be interested in ... > > On assigning the zone via NM: > https://www.hogarthuk.com/?q=node/8 > > Look down to the "Specifying a particular firewall zone" bit ... > remember that if you edit the files rather than using nmcli you must > reload NM (or do nmcli reload) for that

On 11/17/2015 8:18 AM, James B. Byrne wrote: > This behaviour is congruent with SELinux. One utility adjusts the > permanent configuration, the one that will be applied at startup. > Another changes the current running environment without altering the > startup config. From a sysadmin point of view this is desirable since > changes to a running system are often performed for

On 11/17/2015 11:12 AM, Nick Bright wrote: > firewall-cmd --zone=monitoring --add-source=1.2.3.4/32 > firewall-cmd --zone=monitoring --add-service=snmp > firewall-cmd --zone=monitoring --add-interface=ens192 > firewall-cmd --runtime-to-permanent I went ahead and tried this and found that the zone and service must first be created, which requires use of: firewall-cmd

Full_Name: Otto Shtirlitz Version: 2.3.1 OS: Win XP SP2 Submission from: (NULL) (71.102.102.246) I believe it's the same situation as described in bug 9248. R script editor cannot open file exceeding 1000 characters even if created in the same editor. File is all ANSI with symbols < 128 and with window line endings CR/LF (0x0D 0x0A). The trick is the local settings : even if the OS is US

On 10/21/2015 1:55 PM, Andrew Holway wrote: > Personally I would go round to that particular vendors office with a pipe > wrench and encourage them to do better however, unless this software is > transmitting credit card information then it seems that you could be > safe(ish) from the regulation standpoint. It really depends on the location > of the machine. Is it deep in the bowels

Can you help please? All file und dir funktions and also basename() do not work in R under Windows OS if the path is longer than?260?characters. The problem seems to be, that the manifest for all R executables do not have the longPathAware switch in the manifest. (The registry and or the group policy for the long path name support are enabled) This is the correct extension for the manifest of