Displaying 20 results from an estimated 2000 matches similar to: "Not Obeying "require_membership_of" winbind.so when "User must change password at next logon""
2019 Jun 14
0
AD home drive
On 14/06/2019 07:40, Praveen Ghimire wrote:
> Hi Rowland,
>
> I've added the bit to the pam.d and rebooted the server but still no go
>
> The following is from the log file for the machine (user is testhome2)
>
> adding home's share [VM-WIN7-01$] for user 'LIN\VM-WIN7-01$' at '/home/%U/samba'
>
> get_auth_event_server: Failed to find
2019 Jun 14
2
AD home drive
Hi Rowland,
I've added the bit to the pam.d and rebooted the server but still no go
The following is from the log file for the machine (user is testhome2)
adding home's share [VM-WIN7-01$] for user 'LIN\VM-WIN7-01$' at '/home/%U/samba'
get_auth_event_server: Failed to find 'auth_event' registered on the message bus to send JSON authentication events to:
2019 Jun 14
3
AD home drive
Hi Rowland,
Initially I deposited the line towards the bottom but then it didn't work. The line wasn't getting enough attention so it decided to creep up a bit :)
As suggested in the initial email, the box was a NT4 PDC which had the all the shares. The home drive pointed to /home/%U/samba.
Looking at the logs, to me it looks like the default smb.conf template (as suggested by Louis)
2020 Sep 24
1
helping whith pam_mount
Hello I try to implement pam_mount and I have errors.
When I login to ubuntu desktop client I have an error with "mounting
read-only" but if later to logon on domain I go to the files application
and map the resource shares manually, work fine.
Attach the syslog trace:
Sep 24 10:22:13 ubuntucliente lightdm[708]: (pam_mount.c:365): pam_mount
2.14: entering auth stage
Sep 24 10:22:20
2010 Oct 26
1
Every user in LDAP queried when one user logs on.
Hi
I have configured a machine to authenticate against LDAP. When I log onto the box using the newly created user I see a LDAP search request for every user that exist in the directory. If I have only 20 users even a 100 that is not a problem but when I start going to 10000 users I start getting some weird errors and timeouts because of the time it takes to download the data to the client.
I
2019 Jun 14
1
AD home drive
2 things.
Hai,
Change [homes] to [users] and create the folder /home/LIN AD-DC's dont like [homes]
Share /home/LIN as [users]
Now, in the AD DC smb.conf, the templates settings are used by default.
template homedir = /home/%D/%U
Which results in your case to : /home/LIN/testhome2
That should do it, but rethink this part of you setup.
You might need to change the pam part a bit, but
2016 Oct 12
0
Replacement pdc samba3 to samba4 nt classic
Am Mittwoch, 12. Oktober 2016 schrieben Sie:
> Thanks to your help, earned.
>
> 1. I reinstalled ldap
>
> 2. remove all entries except sambaDomainName
According to your logs, you have had three entries
> 2. smbldap-populate
>
> 3. /usr/local/sbin/smbldap-passwd -s root
>
> 4. net rpc join -S 127.0.0.1 -U root%secret
>
> 5. restore from a backup of users,
2015 May 09
0
ldap host attribute is ignored
On May 8, 2015, at 11:14 AM, Ulrich Hiller <hiller at mpia-hd.mpg.de> wrote:
>
> /etc/pam.d/system-auth:
> -----------------------
> #%PAM-1.0
> # This file is auto-generated.
> # User changes will be destroyed the next time authconfig is run.
> auth required pam_env.so
> auth sufficient pam_unix.so nullok try_first_pass
> auth
2015 May 08
4
ldap host attribute is ignored
>> But instead i get
>> centos: sshd[7929]: pam_unix(sshd:session): session opened for user
>> <username>
>
> "pam_unix" should be an indication that <username> appears in the local
> unix password files. Make sure that it doesn't.
Nope. None of the usernames i tried is in /etc/passwd or /etc/shadow
>
> What do /etc/pam.d/sshd and
2016 Oct 12
2
Replacement pdc samba3 to samba4 nt classic
On 11.10.2016 17:22, Harry Jede via samba wrote:
> Am Dienstag, 11. Oktober 2016 schrieben Sie:
>> On 11.10.2016 13:52, Harry Jede via samba wrote:
>>> On 10:43:49 wrote Gavrilov Aleksey via samba:
>>> Until now, you have destroyed your domain.
>>> Is the ldap directory on localhost in production or is this pc in a
>>> test lab?
>> a copy of the
2008 Aug 06
1
winbindd behaving oddly
Hello folks,
Been beating my head with an winbind and pam just behaving oddly. I have following
various HOW-TO's, wiki's, and docs, and just can't seem to get past a wall. Here a
some of the issues:
- the 1st attempt at ssh'ing to a server gives me a 'Wrong Password' in the logs. Here's
an exact snippet:
Aug 6 18:45:40 mia21654bcu001 sshd[5371]: pam_winbind(sshd):
2011 Oct 26
1
Weird issue with samba 3.4.7
Hello All,
I have samba version 3.3.2 installed on a system running Ubuntu Server 9.04 (32-bit). The users trying to mount the samba shares authenticate over the LDAP server.
Here is how my configuration files look like,
1. /etc/samba/smb.conf
[global]
server string = %h server (Samba, Ubuntu)
map to guest = Bad User
obey pam restrictions = Yes
pam password change = Yes
passwd program
2020 Jul 28
0
kerberos ticket on login problem
On 7/28/2020 3:59 PM, Jason Keltz via samba wrote:
> I'm experimenting with smb + winbind.
>
> My host is joined to AD and I can login to my host fine using my AD
> credentials via SSH.?? The only issue is that I don't get a Kerberos
> ticket generated.
>
> In /etc/security/pam_winbind.conf I have:
>
> krb5_auth = yes
>
> krb5_ccache_type = KEYRING
>
2011 Mar 03
1
/etc/pam.d/dovecot missing? during high load
This morning on our newly built server, the following was logged twice:
auth: Error: pam(username,127.0.0.1): pam_authenticate() failed: Authentication failure (/etc/pam.d/dovecot missing?)
This also happened to be during a time of 100+ imap-login processes, where we were seeing:
master: Warning: service(imap-login): process_limit reached, client connections are being dropped
The initial error
2010 Mar 28
0
Problems logging in when authenticating against Active Directory
Greetings! I am having a bit of an issue using Ubuntu 9.10 and AD 2003.
AD domain = dacrib.local
AD server = dim-2300.dacrib.local
IP = 10.0.0.60
Samba server = workhorse.dacrib.local
IP = 10.0.0.20
I joined the server to AD, and I can see all the domain users and groups
when I do a "getent passwd" and "getent group". "wbinfo -u" lists all
domain users, and
2013 Nov 28
4
SSH - Winbind and Keybased Auth
Hi Team,
We have a weird issue that we are trying to understand. We have winbind set up and working successfully for user authentication with passwords via ssh. We have pam.d/system-auth-ac and password-auth-ac (symlinked) set to require membership of a group which works great via password authentication.
However, if the user has a ssh key set up, they seem to bypass the group membership
2020 Sep 11
1
entering password twice
I might be asking this question the incorrect group but, here goes.
I have successfully added a Debian 10 member (workstation) and made the
/etc/pam.d files adjustments per the Debianwiki page
https://wiki.debian.org/AuthenticatingLinuxWithActiveDirectory and Debian
is allowing me to login with AD users and passwords except for one thing. I
have to enter the password twice to login.
Here are the
2015 Oct 12
1
getting error Ignoring parameter browse directory and winbind sequence directory
On 12/10/15 08:27, VigneshDhanraj G wrote:
> Hi Rowland,
>
> Thanks for the help.
>
> Yes, Joined to the domain, ftp uses pam authentication. After
> upgrading samba i found ftp pam authentication not working
>
> /etc/pam.d/ftp contains
>
> #%PAM-1.0
> auth sufficient /lib/security/pam_smbpass.so
> auth sufficient /lib/security/pam_winbind.so
2018 Aug 24
1
login a Linux client to a Samba NT4 style domain
Hi,
I would like to do what I mentioned in the subject
on an Ububtu 18.04. I tried it with the following steps:
https://lists.samba.org/archive/samba/2011-March/161372.html
My files on the client:
smb.conf
[global]
;Workstation Settings
workgroup = PM
netbios name = DS1223
server string = %h
security = domain
idmap backend = tdb
idmap uid = 15000-20000
idmap gid = 15000-20000
wins server =
2002 Dec 26
1
changing passwords from win2k
I having been trouble by this for a few days now and was wondering if anyone
else has had any luck with this?
I am currently running Samba 2.2.6pre2 on FreeBSD 4.7-RELEASE
I have successfully set up samba to be the PDC
I am unsuccessfully trying to change the passwords on the W2k box and I am
recieving the error that the user name/password are incorrect make sure the
caps lock is not on.
When I