Displaying 20 results from an estimated 83 matches for "config_file_version".
2016 Jun 23
3
sssd.conf file missing
Hello --
I made the suggested changes to the sssd.conf file, and the results are the same.
Just to make sure my syntax is correct:
The following section was added to the end of the file:
[sssd]
debug_level = 4
config_file_version = 2
domains = company/company.org
-----Original Message-----
From: l at avc.su [mailto:l at avc.su]
Sent: Thursday, June 23, 2016 9:08 AM
To: Kaplan, Andrew H.; CentOS mailing list
Subject: Re: [CentOS] sssd.conf file missing
OK, lets dig further.
Does your sssd.conf have [sssd] section?
Some...
2013 Apr 14
1
sssd getent problem with Samba 4.0
...wd
and
getent group
return only local users
but
getent passwd steve2
steve2:*:3000034:20513:steve2:/home/users/steve2:/bin/bash
and
getent group Domain\ Users
Domain Users:*:20513:
work fine.
/etc/nsswitch.conf
passwd: compat sss
group: compat sss
/etc/sssd/sssd.conf
[sssd]
services = nss, pam
config_file_version = 2
domains = default
[nss]
[pam]
[domain/default]
access_provider = simple
#simple_allow_users = myuser
enumerate = false
cache_credentials = True
id_provider = ldap
auth_provider = krb5
chpass_provider = krb5
krb5_realm = HH3.SITE
krb5_server = hh16.hh3.site
krb5_kpasswd = hh16.hh3.site
ldap_u...
2016 Sep 02
3
Samba4 and sssd authentication not working due "Transport encryption required."
...9;not working'
ri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [sdap_id_op_connect_done] (1):
Failed to connect, going offline (5 [Input/output error])
(Fri Sep 2 18:22:13 2016) [sssd[be[xxx.xxx]]] [be_run_offline_cb] (3):
Going offline. Running callbacks.
my sssd configuation is bellow
[sssd]
config_file_version = 2
domains = xxx.xxx
services = nss, pam
debug_level = 5
[nss]
[pam]
[domain/xxx.xx]
ldap_referrals = false
enumerate = true
id_provider = ldap
#access_provider = ldap
auth_provider = ldap
ldap_uri = ldap://xxx-DC-A.xxx.xxx:389
ldap_id_use_start_tls = False
ldap_auth_disable_tls_never_use_i...
2015 May 11
2
sssd on a DC
...; these two machines are
different builds actually) but I'm happy enough that the UIDs and GIDs
are now identical across these two machines.
In case anyone needs it, my sssd.conf is very simple. I'm using the
standard sssd that comes with CentOS 6.6 (which is 1.11.6). Conf file
is:
[sssd]
config_file_version = 2
domains = domain.tld
services = nss, pam
[domain/domain.tld]
id_provider = ad
auth_provider = ad
access_provider = ad
chpass_provider = ad
ldap_id_mapping = True
ldap_schema = ad
default_shell = /bin/bash
fallback_homedir = /home/%d/%u
--
"If we knew what it was we were doing, it would...
2016 Jun 23
1
sssd.conf file missing
...ng
Kaplan, Andrew H. wrote:
> Hello --
>
> I made the suggested changes to the sssd.conf file, and the results
> are the same.
>
> Just to make sure my syntax is correct:
>
> The following section was added to the end of the file:
>
> [sssd]
> debug_level = 4
> config_file_version = 2
> domains = company/company.org
>
One little detail you may have missed: have you edited /etc/idmapd.conf?
mark
>
> -----Original Message-----
> From: l at avc.su [mailto:l at avc.su]
> Sent: Thursday, June 23, 2016 9:08 AM
> To: Kaplan, Andrew H.; CentOS mailing...
2023 Nov 24
1
Sudoers in Samba LDAP
Hi,
I have a DC on samba 4.17.12
I want store sudoers in LDAP, and use sssd for get rules from LDAP.
I was configured sssd.conf
[sssd]
config_file_version = 2
services = nss, pam, sudo
user = _sssd
domains = TEST.ALT
[nss]
[sudo]
[pam]
[domain/TEST.TLD]
dyndns_update = true
id_provider = ad
auth_provider = ad
chpass_provider = ad
access_provider = ad
default_shell = /bin/bash
fallback_homedir = /home/%d/%u
debug_level = 0
ad_gpo_ignore_unreadable =...
2014 Aug 27
2
sssd with ad backend and "ldap_id_mapping = false" refuse to start
...ith Sernet-Samba
Packages 4.1.11. Samba runs as a single AD DC
We have removed the complete openSUSE samba stuff before testing. sssd
runs on the same machine as samba.
Our sssd config:
--------------------------------------------------------------------------------
[sssd]
services = nss, pam
config_file_version = 2
domains = invis-ad.loc
debug_level = 0x0370
# globale Cache Steuerung
# alle Angaben in Sekunden
# default = 120
enum_cache_timeout = 10
# default = 15
entry_negative_timeout = 5
[nss]
[pam]
[domain/invis-ad.loc]
# Domain bezogene Cache Steuerung
# Alle Angaben in Sekunden
# Default = entr...
2015 Feb 26
2
Samba4 SSH SSSD-AD Problem
...en I try to connect/logon to another linux client with ssh
it is possible, but klist shows:
klist: Credentials cache file '/run/user/$UID$/krb5cc/tkt' not found.
So the ticket cache is not created during logon.
I'm using sssd with the following sssd.conf:
[sssd]
services = nss, pam
config_file_version = 2
domains = $DOMAINNAME$
[nss]
[pam]
[domain/$DOMAINNAME$]
id_provider = ad
access_provider = ad
ldap_id_mapping=false
krb5_keytab=/etc/krb5.keytab
And sshd with to following sshd_config:
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
GSSAPIAuthentication yes
GSSAPICl...
2014 Jul 23
1
sssd problems after dc1 is no longer online
...an:auth):
authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
user=heupink
Jul 23 21:04:47 epo xrdp-sesman: pam_sss(xrdp-sesman:auth): received for
user heupink: 9 (Authentication service cannot retrieve authentication info)
Finally, here is my sssd.conf:
[sssd]
services = nss, pam
config_file_version = 2
domains = default
# enable or disable the below
# debug_level = 3
# debug_level = 5
debug_level = 8
[nss]
[pam]
[domain/default]
debug_level = 8
ldap_schema = rfc2307bis
id_provider = ldap
access_provider = simple
ldap_referrals = false
ldap_force_upper_case_realm = true
# on large directo...
2023 Nov 24
1
Sudoers in Samba LDAP
On Fri, 24 Nov 2023 13:30:13 +0500
Anton Shevtsov via samba <samba at lists.samba.org> wrote:
> Hi,
>
> I have a DC on samba 4.17.12
>
> I want store sudoers in LDAP, and use sssd for get rules from LDAP.
>
> I was configured sssd.conf
>
> [sssd]
> config_file_version = 2
> services = nss, pam, sudo
> user = _sssd
> domains = TEST.ALT
>
> [nss]
> [sudo]
> [pam]
>
> [domain/TEST.TLD]
> dyndns_update = true
> id_provider = ad
> auth_provider = ad
> chpass_provider = ad
> access_provider = ad
> default_shell = /bin/bas...
2016 Sep 02
4
Samba4 and sssd authentication not working due "Transport encryption required."
...(1): Failed to connect, going offline (5
> > [Input/output error]) (Fri Sep 2 18:22:13 2016)
> > [sssd[be[xxx.xxx]]] [be_run_offline_cb] (3): Going offline. Running
> > callbacks.
> >
> >
> > my sssd configuation is bellow
> >
> > [sssd]
> > config_file_version = 2
> > domains = xxx.xxx
> > services = nss, pam
> > debug_level = 5
> >
> >
> > [nss]
> >
> >
> > [pam]
> >
> >
> > [domain/xxx.xx]
> > ldap_referrals = false
> > enumerate = true
> >
> > id_pro...
2015 Jul 02
2
Secondary groups not recognized by Samba
...cdscan19,cdscan18,.....
Anybody have any recommendations? I've been buried in this for two days!
:) Configs are below:
#!==============================================================
sssd.conf
#!==============================================================
[sssd]
domains = mydomain.com
config_file_version = 2
services = nss, pam, pac
[domain/mydomain.com]
ad_server = dc01.mydomain.com
ad_domain = mydomain.com
krb5_realm = MYDOMAIN.COM
cache_credentials = True
id_provider = ad
auth_provider = ad
chpass_provider = ad
access_provider = ad
ldap_schema = ad
krb5_store_password_if_offline = True
default_...
2023 Nov 24
1
Sudoers in Samba LDAP
...> Anton Shevtsov via samba<samba at lists.samba.org> wrote:
>
>> Hi,
>>
>> I have a DC on samba 4.17.12
>>
>> I want store sudoers in LDAP, and use sssd for get rules from LDAP.
>>
>> I was configured sssd.conf
>>
>> [sssd]
>> config_file_version = 2
>> services = nss, pam, sudo
>> user = _sssd
>> domains = TEST.ALT
>>
>> [nss]
>> [sudo]
>> [pam]
>>
>> [domain/TEST.TLD]
>> dyndns_update = true
>> id_provider = ad
>> auth_provider = ad
>> chpass_provider = ad
>&...
2013 Oct 01
1
Should I forget sssd ?
...an login via UltraVNC to all workstation
What needs to be done:
Linux services to auth to AD
From what I've read, sssd is the more secure solution to achieve this,
but ...
Using sssd 1.11.1 : files configuration:
1)
> sudo cat /etc/sssd/sssd.conf
> [sssd]
> services = nss, pam
> config_file_version = 2
> domains = radiodjiido.nc
> [nss]
> [pam]
> [domain/radiodjiido.nc]
> dyndns_update = false
> ad_hostname = serveur.radiodjiido.nc
> ad_server = serveur.radiodjiido.nc
> ad_domain = radiodjiido.nc
> ldap_schema = ad
> id_provider = ad
> access_provider = simple...
2015 Jan 07
1
Password Must Change using SSSD in Samba 4.1.10
...and allowing user to login after changing the password.
3. As far as the CentOS client is concerned, it was not honoring the
password must change and allowing user to login without asking for password
change using sssd with current password.
Here is the configuration file of sssd service,
[sssd]
config_file_version = 2
services = nss, pam
domains = EXAMPLE
sbus_timeout = 30
[nss]
filter_users = root
filter_groups = root
reconnection_retries = 3
[pam]
reconnection_retries = 3
offline_credentials_expiration = 0
[domain/EXAMPLE]
entry_cache_timeout = 600
entry_cache_group_timeout = 600
min_id = 1000
id_provid...
2016 Jun 23
0
sssd.conf file missing
Kaplan, Andrew H. wrote:
> Hello --
>
> I made the suggested changes to the sssd.conf file, and the results are
> the same.
>
> Just to make sure my syntax is correct:
>
> The following section was added to the end of the file:
>
> [sssd]
> debug_level = 4
> config_file_version = 2
> domains = company/company.org
>
One little detail you may have missed: have you edited /etc/idmapd.conf?
mark
>
> -----Original Message-----
> From: l at avc.su [mailto:l at avc.su]
> Sent: Thursday, June 23, 2016 9:08 AM
> To: Kaplan, Andrew H.; CentOS mailing...
2016 Jun 23
2
sssd.conf file missing
Hello ?
Thank-you for your e-mail. I corrected the syntax in the file, and I have confirmed the permissions are correct:
-rw-------. 1 root root 266 Jun 23 08:45 sssd.conf
Unfortunately, the error condition and messages listed in my initial e-mail are still present.
From: l at avc.su [mailto:l at avc.su]
Sent: Thursday, June 23, 2016 8:34 AM
To: CentOS mailing list; Kaplan, Andrew H.
2017 Apr 21
2
samba, sssd, Active Directory, NT_STATUS_NO_LOGON_SERVERS, NT_STATUS_ACCESS_DENIED
...mv2 auth = yes
restrict anonymous = 2
load printers = no
sssd.conf
==========================================================================
[nss]
filter_groups = root
filter_users = root
reconnection_retries = 3
# debug_level = 7
[pam]
reconnection_retries = 3
# debug_level = 7
[sssd]
config_file_version = 2
reconnection_retries = 3
sbus_timeout = 30
services = nss, pam, pac
config_file_version = 2
domains = CORP.CELADONSYSTEMS.COM
debug_level = 7
[domain/CORP.CELADONSYSTEMS.COM]
id_provider = ad
auth_provider = ad
access_provider = ad
chpass_provider = ad
cache_credentials = true
debug_level = 7...
2015 May 11
2
ldap host attribute is ignored
...hpass_provider = ldap
> auth_provider = ldap
> ldap_tls_reqcert = never
> ldap_user_search_base = ou=YYY,o=XXX
> access_provider = ldap
> ldap_access_order = host
> ldap_user_authorized_host = host
> autofs_provider = ldap
>
> [sssd]
> services = nss, pam, autofs
> config_file_version = 2
> domains = default
>
> [nss]
>
> [pam]
>
> [sudo]
>
> [autofs]
>
> [ssh]
>
>
>
> My /etc/pam.d/system-auth
> #%PAM-1.0
> # This file is auto-generated.
> # User changes will be destroyed the next time authconfig is run.
> auth...
2016 Aug 23
2
Use of specific DCs within smb.conf
... admin_server = dc01.example.domain.com
}
/etc/samba/smb.conf
[global]
workgroup = SHORT-NAME
client signing = yes
client use spnego = yes
kerberos method = secrets and keytab
realm = EXAMPLE.DOMAIN.COM
security = ads
/etc/sssd/sssd.conf
[sssd]
services = nss, pam
config_file_version = 2
domains = EXAMPLE.DOMAIN.COM
[nss]
[pam]
[domain/EXAMPLE.DOMAIN.COM]
id_provider = ad
access_provider = ad
ad_domain = example.domain.com
ad_server = dc01.example.domain.com, dc02.example.domain.com, dc03.example.domain.com
default_shell = /bin/bash
override_homedir = /hom...