Displaying 15 results from an estimated 15 matches for "enablesssd".
2018 Jun 14
3
CentOS7: Setting up ldap over TLS in kickstart file
Hi,
I'm facing a problem with setting up LDAP+TLS client authentication in a
kickstart script on CentOS7 for several days.
Setting up manualy the config with system-config-authentication works but I need
to automate this in kickstart for deploying cluster nodes.
This show that the server side is running fine.
At this time the message is
#systemctl status sssd
|....
2019 Jun 11
2
AD authentication with separate LDAP authorization
...ookups are functional on the
system)
- install packages samba, samba-client, samba-winbind,
samba-winbind-clients, and samba-winbind-krb5-locator
- net ads join -U 'user' (the domain allows non-admin creation of
machine accounts; net ads testjoin returns 'Join is OK')
- authconfig --enablesssd --enablesssdauth --disablemkhomedir --update
Here is the smb.conf with provisions for winbind (idmap lines), which
was (deliberately) not configured by authconfig above:
[global]
strict locking = no
workgroup = EXAMPLE
server string = Samba Server Version %v
disable netbios = yes...
2016 Jun 23
3
sssd.conf file missing
...gt; sssd-libwbclient-devel 1.13.0-40.el7_2.4 sssd-proxy 1.13.0-40.el7_2.4
>> sssd-tools 1.13.0-40.el7_2.4
>>
>> I ran the following commands to set up LDAP/AD authentication:
>>
>> # ln -s /bin/bash /bin/PHSshell
>> # ln -s /home /PHShome
>> # authconfig --enablesssdauth --enablemkhomedir --enablesssd -update
>> # chkconfig sssd on # service sssd restart
>>
>> Initially, I ran into problems because I had not created an sssd.conf file. Eventually I did create one, and its contents are the following:
>>
>> [<domain>.org]
>&...
2016 Jun 23
2
sssd.conf file missing
....4
sssd-ldap 1.13.0-40.el7_2.4
sssd-libwbclient 1.13.0-40.el7_2.4
sssd-libwbclient-devel 1.13.0-40.el7_2.4
sssd-proxy 1.13.0-40.el7_2.4
sssd-tools 1.13.0-40.el7_2.4
I ran the following commands to set up LDAP/AD authentication:
# ln -s /bin/bash /bin/PHSshell
# ln -s /home /PHShome
# authconfig --enablesssdauth --enablemkhomedir --enablesssd -update
# chkconfig sssd on
# service sssd restart
Initially, I ran into problems because I had not created an sssd.conf file. Eventually I did create one, and its contents are the following:
[<domain>.org]
enumate = true
cache_credentials = TRUE
id_provi...
2019 Mar 01
3
Can't authenticate to AD using Samba with SSSD
...tting up SSSD and Samba:
1) yum install -y sssd realmd adcli samba-common samba-common-tools krb5-workstation openldap-clients ntpdate ntp nss-pam-ldapd policycoreutils-python samba-client samba nano
2) realm join ... #shortened command; binding to specific OU; works as expected
3) authconfig --enablesssdauth --enablesssd --enablemkhomedir --update
4) nano /etc/samba/smb.conf
5) testparm
6) mkdir /testshare
7) id btp4 at yu.yale.edu #works as expected
8) chown -R root:pathology_its at yu.yale.edu /testshare/
9) chcon -Rt samba_share_t /testshare/
10) kinit btp4
11) net ads join -k
12) kini...
2019 Apr 17
0
FYI: C 7, broken cron, sort of SOLVED
I was fighting this a few weeks ago, and asking here. I *finally* solved
it yesterday... and the answer isn't pleasant.
Running the command
authconfig --enablesssd --enablesssdauth --enablesmartcard
--smartcardmodule=sssd --smartcardaction=0 --updateall
breaks crond, as per bugzilla # Bug 1650314. The way that it breaks it is
to insert into /etc/pam.d/password-auth-ac two lines reading
auth required pam_deny.so
one as the third line in the auth stanza, so:...
2019 Jun 11
0
AD authentication with separate LDAP authorization
...gt; system)
> - install packages samba, samba-client, samba-winbind,
> samba-winbind-clients, and samba-winbind-krb5-locator
> - net ads join -U 'user' (the domain allows non-admin creation of
> machine accounts; net ads testjoin returns 'Join is OK')
> - authconfig --enablesssd --enablesssdauth --disablemkhomedir --update
As you can join the machine to your AD domain, have you considered the
winbind 'rid' backend ?
Rowland
2014 Aug 06
1
sssd and authconfig and ldap database lookups
...ss.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/about-sssd.conf.html
implies that if I want to use sssd I need to create the sssd.conf file
first. Any reason why?
2. I also noticed if sssd.conf is not there, authconfig won't create
it even if you tell it to --enablesssd. How so? I thought that if you
are using sssd, it would have stuff like kerberos and ldap (to pick a
couple of examples) configured there.
3. It seems if I want to, say, define ldap_user_search_base I must do
it directly in sssd.conf instead of passing some kind of argument to
authconfig. Am I cor...
2016 Jun 23
1
sssd.conf file missing
....13.0-40.el7_2.4 sssd-proxy
>>> 1.13.0-40.el7_2.4 sssd-tools 1.13.0-40.el7_2.4
>>>
>>> I ran the following commands to set up LDAP/AD authentication:
>>>
>>> # ln -s /bin/bash /bin/PHSshell
>>> # ln -s /home /PHShome
>>> # authconfig --enablesssdauth --enablemkhomedir --enablesssd -update
>>> # chkconfig sssd on # service sssd restart
>>>
>>> Initially, I ran into problems because I had not created an
>>> sssd.conf file. Eventually I did create one, and its contents are the following:
>>>
>&...
2019 Jun 12
0
AD authentication with separate LDAP authorization
...a, samba-client, samba-winbind,
> > > samba-winbind-clients, and samba-winbind-krb5-locator
> > > - net ads join -U 'user' (the domain allows non-admin creation of
> > > machine accounts; net ads testjoin returns 'Join is OK')
> > > - authconfig --enablesssd --enablesssdauth --disablemkhomedir --update
> > As you can join the machine to your AD domain, have you considered the
> > winbind 'rid' backend ?
>
I am not aware of it or how it can help to solve this problem. Is there any
resource you can point to online that detail how...
2016 Jun 23
0
sssd.conf file missing
...-libwbclient-devel 1.13.0-40.el7_2.4
>> sssd-proxy 1.13.0-40.el7_2.4
>> sssd-tools 1.13.0-40.el7_2.4
>>
>> I ran the following commands to set up LDAP/AD authentication:
>>
>> # ln -s /bin/bash /bin/PHSshell
>> # ln -s /home /PHShome
>> # authconfig --enablesssdauth --enablemkhomedir --enablesssd -update
>> # chkconfig sssd on
>> # service sssd restart
>>
>> Initially, I ran into problems because I had not created an sssd.conf file. Eventually I did create one, and its contents are the following:
>>
>> [<domain>.or...
2014 Jan 03
1
SSSD and usermod
Hi!
How to get usermod working with SSSD/389DS ?
We have SSSD set up on our server and it uses 389DS.
SSSD was enabled with the following command:
authconfig --enablesssd --enablesssdauth --ldapbasedn=dc=example,dc=com
--enableshadow --enablemkhomedir --enablelocauthorize --update
Running for example "usermod -L username" returns:
usermod: user 'username' does not exist in /etc/passwd
Each time usermod is executed there is a query logged in 389D...
2016 Jun 23
1
sssd.conf file missing
....4
sssd-ldap 1.13.0-40.el7_2.4
sssd-libwbclient 1.13.0-40.el7_2.4
sssd-libwbclient-devel 1.13.0-40.el7_2.4
sssd-proxy 1.13.0-40.el7_2.4
sssd-tools 1.13.0-40.el7_2.4
I ran the following commands to set up LDAP/AD authentication:
# ln -s /bin/bash /bin/PHSshell
# ln -s /home /PHShome
# authconfig --enablesssdauth --enablemkhomedir --enablesssd -update
# chkconfig sssd on
# service sssd restart
Initially, I ran into problems because I had not created an sssd.conf file. Eventually I did create one, and its contents are the following:
[<domain>.org]
enumate = true
cache_credentials = TRUE
id_provi...
2016 Jun 23
0
sssd.conf file missing
...1.13.0-40.el7_2.4 sssd-proxy 1.13.0-40.el7_2.4
>>> sssd-tools 1.13.0-40.el7_2.4
>>>
>>> I ran the following commands to set up LDAP/AD authentication:
>>>
>>> # ln -s /bin/bash /bin/PHSshell
>>> # ln -s /home /PHShome
>>> # authconfig --enablesssdauth --enablemkhomedir --enablesssd -update
>>> # chkconfig sssd on # service sssd restart
>>>
>>> Initially, I ran into problems because I had not created an sssd.conf
>>> file. Eventually I did create one, and its contents are the following:
>>>
>>...
2019 Mar 04
0
Can't authenticate to AD using Samba with SSSD
...mmon samba-common-tools
> > krb5-workstation openldap-clients ntpdate ntp nss-pam-ldapd
> > policycoreutils-python samba-client samba nano
> >
> > 2) realm join ... #shortened command; binding to specific OU; works
> > as expected
> >
> > 3) authconfig --enablesssdauth --enablesssd
> --enablemkhomedir --update
> >
> > 4) nano /etc/samba/smb.conf
> >
> > 5) testparm
> >
> > 6) mkdir /testshare
> >
> > 7) id btp4 at yu.yale.edu #works as expected
> >
> > 8) chown -R root:pathology_its at yu.y...