search for: authonly

Displaying 18 results from an estimated 18 matches for "authonly".

2006 Feb 09
6
chown DOMAIN+mylogin /dir fails (Please help)
...kerberos is working net ads join works fine wbinfo -t shows secret is fine aix does not have getent so I can't run getent passwd -- is there something equivalent on aix? /usr/lib/security/methods.cfg has: WINBIND: program = /usr/lib/security/WINBIND (set with chmod 444) options =authonly /etc/security/user has for SYSTEM = WINBIND OR WINBIND[FAILURE] AND COMPAT my clock syncs with same ntp as ad server and seems fine I am so tired....been working on this for two days. Please help me figure out why this is not working now. David David Shapiro Unix Team Lead 919-765-2011
2006 Feb 06
0
SAMBA Winbind and AIX and chown not showing ad user id
...nally. However, when I run chown DOMAIN+mylogin testdir, testdir is not set to DOMAIN+mylogin, it is set to tempfn (temporary id is what the gecos/description says). In aix land, what do I need to do to get it to use WINBIND to set the diretory ownership now? My /usr/lib/security/methods.cfg has authonly for WINBIND. I take it that is not enough? I saw something where they wanted me to change SYSTEM=compat to SYSTEM = "WINBIND OR WINBIND[UNAVAIL] AND compat", but when I do that, nobody can log in to the system anymore. My smb.conf now looks like the following: [global] w...
2010 Apr 27
1
Samba ADS on AIX 6.1 TL04
...d 64bit of samba, neither of them has worked for me. ADS join is ok, I am able to see all good ouput for wbinfo -t/-m/-p etc. I have copied the WINBIND module under /usr/lib/security and changed /usr/lib/security/methods.cfg as WINBIND: program = /usr/lib/security/WINBIND options = authonly the /etc/security/user the default stanza with SYSTEM = "WINBIND OR compat" The errors I have repeatedly encountered is -- Could not trigger lookup sid sid2gid returned an error Could not lookup name for user MYDOMAIN\USER1 Some other errors are Error GID range is full!! No matter I...
2006 Feb 09
0
SAMBA configuration nightmare (AIX) - idmaps do not work (core dump), ldap/nss_ldap and pam fail
...finally. However, when I run chown DOMAIN+mylogin testdir, testdir is not set to DOMAIN+mylogin, it is set to tempfn (temporary id is what the gecos/description says). In aix land, what do I need to do to get it to use WINBIND to set the diretory ownership now? My /usr/lib/security/methods.cfg has authonly for WINBIND. I take it that is not enough? I saw something where they wanted me to change SYSTEM=compat to SYSTEM = "WINBIND OR WINBIND[UNAVAIL] AND compat", but when I do that, nobody can log in to the system anymore. My smb.conf now looks like the following: [global]...
2004 May 06
0
Samba 3 Operational Question
...Users and such. Will this be complicated by the use of three DC's accessing this info? 4) Assuming I do need winbindd, AIX has LDAP method already, but Andrew's WINBIND method looks equally exciting especially if we can implement the extentions that allow WINBIND to have options for "authonly,db=LDAP" or "auth=KRB5,db=LDAP". The former allows winbindd to do the AIX auth and gather user info from LDAP. The latter one would allow for AIX to auth against KRB, lookup user info from LDAP (which allows the use of secldapclntd and the AIX, RFC2307 or RFC2307AIX mappings allowe...
2014 Feb 27
1
AIX 7.1 Winbind Module Problems
All, I am having a winbind module load error on aix 7.1 trying to load winbind module for 3.6.0. methods.cfg WINBIND: program_64 = /usr/lib/security/WINBIND_64 (have tried authonly here) NIS: program = /usr/lib/security/NIS program_64 = /usr/lib/security/NIS_64 DCE: program = /usr/lib/security/DCE [root] on [barrow] on [/rehash/samba-3.6.0] {932} /security | grep WINBIND < lrwxrwxrwx 1 root staff 33 Feb 19 14:34 WINBIND_64...
2019 May 21
0
Debugging Samba is a total PITA and this needs to improve
...anged.. For example https://support.microsoft.com/nl-nl/help/3181029/smb-file-server-share-access-is-unsuccessful-through-dns-cname-alias I would preffer also to see a clear difference in settings in manuals for samba-AD-DC samba-AD-Member-file server samba-AD-Member-Print server samba-AD-Member-authonly server Samba-NT4-PDC Samba-NT4-BDC Samba-NT4-Member Samba-Standalone Now, add to this the problem Rowland and i are looking into, found recently. A "renamed" computer, might have or is missing or has wrong settings in AD. A common problem we found yesterday, that also exists in wind...
2014 Feb 27
0
AIX WINBIND ISSUES
All, I am having a winbind module load error on aix 7.1 trying to load winbind module for 3.6.0. methods.cfg WINBIND: program_64 = /usr/lib/security/WINBIND_64 (have tried authonly here) NIS: program = /usr/lib/security/NIS program_64 = /usr/lib/security/NIS_64 DCE: program = /usr/lib/security/DCE [root] on [barrow] on [/rehash/samba-3.6.0] {932} /security | grep WINBIND < lrwxrwxrwx 1 root staff 33 Feb 19 14:34 WINBIND_64 -&gt...
2014 Feb 27
0
AIX 7.1 Winbind Module Load Issues
All, I am having a winbind module load error on aix 7.1 trying to load winbind module for 3.6.0. methods.cfg WINBIND: program_64 = /usr/lib/security/WINBIND_64 (have tried authonly here) NIS: program = /usr/lib/security/NIS program_64 = /usr/lib/security/NIS_64 DCE: program = /usr/lib/security/DCE [root] on [barrow] on [/rehash/samba-3.6.0] {932} /security | grep WINBIND < lrwxrwxrwx 1 root staff 33 Feb 19 14:34 WINBIND_64...
2010 Apr 01
3
AIX 5.3 Active Directory Synchronisation using Winbind
...s. That is I edited the /etc/security/user file and changed the SYSTEM and registry variables to: SYSTEM = "WINBIND or compat" registry = WINBIND I also edited the /usr/lib/security/methods.cfg and added at the end: WINBIND: program = /usr/lib/security/WINBIND options = authonly Hopefully I am telling AIX, that from now on it should use winbind as the authentication method for users (default users). Users that are already defined on the system and are not on AD will be able to log in. I also left the compat method on the default stanza so if winbind fails it will check lo...
2009 Nov 12
2
Looking for AIX Users of Winbind -- Authorization and SSH Problems
Hi all, I've got Samba with Winbind working on AIX 5.3 and 6.1 fairly well with Active Directory 2003. In fact, I'd say short of 2 very important services, it's working almost perfectly. Unfortunately, these 2 services are quite critical, and without them I'm afraid we'll have to resort to some sort of proprietary identity solution like Novell, which I'm not crazy about.
2005 Feb 17
0
cannot login as with domain userid's on AIX
...ble to join to windows Domain and able to fetch list of windows domain users with the command /usr/local/samba/bin/wbinfo -u and also the groups with usr/local/samba/bin/wbinfo -g . I have added the below line methods.cfg WINBIND program = /usr/lib/security/WINBIND options = authonly Also included Default: SYSTEM = "WINBIND or compat" in /etc/security/user file. /usr/local/samba/bin/smbclient -k -U administrator -L mailsrvr.restore.com - works fine too Kinit works fine. Output of klist is : Ticket cache: FILE:/tmp/krb5cc_0 Default princ...
2013 Jul 22
0
AIX, Samba and ADS issue
...use_first_pass /etc/security/user Changed SYSTEM= SYSTEM = "compat" to SYSTEM = "DCE OR DCE[UNAVAIL] AND compat" /usr/lib/security/methods.cfg WINDBIND: program = /opt/pware64/lib/security/WINBIND program_64 = /opt/pware64/lib/security/WINBIND options = authonly LDAP: program = /usr/lib/security/LDAP program_64 = /usr/lib/security/LDAP_64 I?ve been combing the documentation to try and figure this out, but my head is spinning right now and I just haven?t been able to put things together to get this to work. Thanks for any help? -- Jim T...
2006 Feb 25
4
Building 3.0.21x on AIX 5.2
I've followed the instructions in the README at http://us4.samba.org/samba/ftp/Binary_Packages/AIX/ for building 3.0.21x on AIX 5.2 ('oslevel -r' reports '5200-07'). The last version I was able to build on the system was 3.0.14a. 3.0.21c's configure completes with no errors, but the make immediately bombs with: # make Using FLAGS = -O -D_SAMBA_BUILD_ -I./popt
2004 Nov 11
0
Mini HowTo AIX4.3.3-AD-Winbind
...ND file from where is was created when you compiled Samba to /usr/lib/security: cp /path/to/samba-3.0.8pre2/nsswitch/WINBIND /usr/lib/security Next you will need to add a stanza to the file /usr/lib/security/methods.cfg: WINBIND: program = /usr/lib/security/WINBIND options = authonly Finally you will need to edit /etc/security/users and make sure under the default stanza that SYSTEM is set to WINBIND: default: admin = false login = true su = true daemon = true rlogin = true sugroups = ALL admgroups = t...
2008 Dec 02
2
Samba ADS Error "Session setup failed: Call returned zero bytes (EOF)"
...k.domain.net } [domain_realm] .uk.domain.net = UK.DOMAIN.NET uk.domain.net = UK.DOMAIN.NET $ cat /usr/lib/security/methods.cfg WINBIND: program = /usr/lib/security/WINBIND options = debug KRB5A: program = /usr/lib/security/KRB5A options = authonly KRB5Afiles: options = db=BUILTIN,auth=KRB5A ## WINBIND copied in from /usr/local/samba/sbin $ ls -l /usr/lib/security/WINBIND -rwxr-xr-x 1 root system 9381212 25 Nov 09:57 /usr/lib/ security/WINBIND $ grep -p WINBIND /etc/security/user default: admin = false l...
2008 Nov 26
3
AIX 53TL8 Samba 3.2.4 Active Directory Win2k3 - "session setup failed: Call returned zero bytes (EOF)"
...k.domain.net } [domain_realm] .uk.domain.net = UK.DOMAIN.NET uk.domain.net = UK.DOMAIN.NET $ cat /usr/lib/security/methods.cfg WINBIND: program = /usr/lib/security/WINBIND options = debug KRB5A: program = /usr/lib/security/KRB5A options = authonly KRB5Afiles: options = db=BUILTIN,auth=KRB5A ## WINBIND copied in from /usr/local/samba/sbin $ ls -l /usr/lib/security/WINBIND -rwxr-xr-x 1 root system 9381212 25 Nov 09:57 /usr/lib/ security/WINBIND $ grep -p WINBIND /etc/security/user default: admin = false l...
2019 May 21
11
Debugging Samba is a total PITA and this needs to improve
Once again, something with Samba thirty bazillion components broke. Once again, my choices for logging are "nothing" or "15 MB/s spread of ten different files, because 'client authentication failed' totally needs to be lower priority than malloc debug info". Once again, none of these messages is actually able to convey what broke, where, why. Why is it impossible for