Displaying 14 results from an estimated 14 matches for "enablesssdauth".
2018 Jun 14
3
CentOS7: Setting up ldap over TLS in kickstart file
Hi,
I'm facing a problem with setting up LDAP+TLS client authentication in a
kickstart script on CentOS7 for several days.
Setting up manualy the config with system-config-authentication works but I need
to automate this in kickstart for deploying cluster nodes.
This show that the server side is running fine.
At this time the message is
#systemctl status sssd
|....
2019 Jun 11
2
AD authentication with separate LDAP authorization
...nctional on the
system)
- install packages samba, samba-client, samba-winbind,
samba-winbind-clients, and samba-winbind-krb5-locator
- net ads join -U 'user' (the domain allows non-admin creation of
machine accounts; net ads testjoin returns 'Join is OK')
- authconfig --enablesssd --enablesssdauth --disablemkhomedir --update
Here is the smb.conf with provisions for winbind (idmap lines), which
was (deliberately) not configured by authconfig above:
[global]
strict locking = no
workgroup = EXAMPLE
server string = Samba Server Version %v
disable netbios = yes
log file = /v...
2016 Jun 23
3
sssd.conf file missing
...gt; sssd-libwbclient-devel 1.13.0-40.el7_2.4 sssd-proxy 1.13.0-40.el7_2.4
>> sssd-tools 1.13.0-40.el7_2.4
>>
>> I ran the following commands to set up LDAP/AD authentication:
>>
>> # ln -s /bin/bash /bin/PHSshell
>> # ln -s /home /PHShome
>> # authconfig --enablesssdauth --enablemkhomedir --enablesssd -update
>> # chkconfig sssd on # service sssd restart
>>
>> Initially, I ran into problems because I had not created an sssd.conf file. Eventually I did create one, and its contents are the following:
>>
>> [<domain>.org]
>>...
2016 Jun 23
2
sssd.conf file missing
....4
sssd-ldap 1.13.0-40.el7_2.4
sssd-libwbclient 1.13.0-40.el7_2.4
sssd-libwbclient-devel 1.13.0-40.el7_2.4
sssd-proxy 1.13.0-40.el7_2.4
sssd-tools 1.13.0-40.el7_2.4
I ran the following commands to set up LDAP/AD authentication:
# ln -s /bin/bash /bin/PHSshell
# ln -s /home /PHShome
# authconfig --enablesssdauth --enablemkhomedir --enablesssd -update
# chkconfig sssd on
# service sssd restart
Initially, I ran into problems because I had not created an sssd.conf file. Eventually I did create one, and its contents are the following:
[<domain>.org]
enumate = true
cache_credentials = TRUE
id_provider...
2019 Mar 01
3
Can't authenticate to AD using Samba with SSSD
...tting up SSSD and Samba:
1) yum install -y sssd realmd adcli samba-common samba-common-tools krb5-workstation openldap-clients ntpdate ntp nss-pam-ldapd policycoreutils-python samba-client samba nano
2) realm join ... #shortened command; binding to specific OU; works as expected
3) authconfig --enablesssdauth --enablesssd --enablemkhomedir --update
4) nano /etc/samba/smb.conf
5) testparm
6) mkdir /testshare
7) id btp4 at yu.yale.edu #works as expected
8) chown -R root:pathology_its at yu.yale.edu /testshare/
9) chcon -Rt samba_share_t /testshare/
10) kinit btp4
11) net ads join -k
12) kinit -k...
2019 Apr 17
0
FYI: C 7, broken cron, sort of SOLVED
I was fighting this a few weeks ago, and asking here. I *finally* solved
it yesterday... and the answer isn't pleasant.
Running the command
authconfig --enablesssd --enablesssdauth --enablesmartcard
--smartcardmodule=sssd --smartcardaction=0 --updateall
breaks crond, as per bugzilla # Bug 1650314. The way that it breaks it is
to insert into /etc/pam.d/password-auth-ac two lines reading
auth required pam_deny.so
one as the third line in the auth stanza, so:
auth requ...
2019 Jun 11
0
AD authentication with separate LDAP authorization
...gt; - install packages samba, samba-client, samba-winbind,
> samba-winbind-clients, and samba-winbind-krb5-locator
> - net ads join -U 'user' (the domain allows non-admin creation of
> machine accounts; net ads testjoin returns 'Join is OK')
> - authconfig --enablesssd --enablesssdauth --disablemkhomedir --update
As you can join the machine to your AD domain, have you considered the
winbind 'rid' backend ?
Rowland
2016 Jun 23
1
sssd.conf file missing
....13.0-40.el7_2.4 sssd-proxy
>>> 1.13.0-40.el7_2.4 sssd-tools 1.13.0-40.el7_2.4
>>>
>>> I ran the following commands to set up LDAP/AD authentication:
>>>
>>> # ln -s /bin/bash /bin/PHSshell
>>> # ln -s /home /PHShome
>>> # authconfig --enablesssdauth --enablemkhomedir --enablesssd -update
>>> # chkconfig sssd on # service sssd restart
>>>
>>> Initially, I ran into problems because I had not created an
>>> sssd.conf file. Eventually I did create one, and its contents are the following:
>>>
>>&...
2019 Jun 12
0
AD authentication with separate LDAP authorization
...nt, samba-winbind,
> > > samba-winbind-clients, and samba-winbind-krb5-locator
> > > - net ads join -U 'user' (the domain allows non-admin creation of
> > > machine accounts; net ads testjoin returns 'Join is OK')
> > > - authconfig --enablesssd --enablesssdauth --disablemkhomedir --update
> > As you can join the machine to your AD domain, have you considered the
> > winbind 'rid' backend ?
>
I am not aware of it or how it can help to solve this problem. Is there any
resource you can point to online that detail how to use this "...
2016 Jun 23
0
sssd.conf file missing
...-libwbclient-devel 1.13.0-40.el7_2.4
>> sssd-proxy 1.13.0-40.el7_2.4
>> sssd-tools 1.13.0-40.el7_2.4
>>
>> I ran the following commands to set up LDAP/AD authentication:
>>
>> # ln -s /bin/bash /bin/PHSshell
>> # ln -s /home /PHShome
>> # authconfig --enablesssdauth --enablemkhomedir --enablesssd -update
>> # chkconfig sssd on
>> # service sssd restart
>>
>> Initially, I ran into problems because I had not created an sssd.conf file. Eventually I did create one, and its contents are the following:
>>
>> [<domain>.org]
&...
2014 Jan 03
1
SSSD and usermod
Hi!
How to get usermod working with SSSD/389DS ?
We have SSSD set up on our server and it uses 389DS.
SSSD was enabled with the following command:
authconfig --enablesssd --enablesssdauth --ldapbasedn=dc=example,dc=com
--enableshadow --enablemkhomedir --enablelocauthorize --update
Running for example "usermod -L username" returns:
usermod: user 'username' does not exist in /etc/passwd
Each time usermod is executed there is a query logged in 389DS, so SSSD
does...
2016 Jun 23
1
sssd.conf file missing
....4
sssd-ldap 1.13.0-40.el7_2.4
sssd-libwbclient 1.13.0-40.el7_2.4
sssd-libwbclient-devel 1.13.0-40.el7_2.4
sssd-proxy 1.13.0-40.el7_2.4
sssd-tools 1.13.0-40.el7_2.4
I ran the following commands to set up LDAP/AD authentication:
# ln -s /bin/bash /bin/PHSshell
# ln -s /home /PHShome
# authconfig --enablesssdauth --enablemkhomedir --enablesssd -update
# chkconfig sssd on
# service sssd restart
Initially, I ran into problems because I had not created an sssd.conf file. Eventually I did create one, and its contents are the following:
[<domain>.org]
enumate = true
cache_credentials = TRUE
id_provider...
2016 Jun 23
0
sssd.conf file missing
...1.13.0-40.el7_2.4 sssd-proxy 1.13.0-40.el7_2.4
>>> sssd-tools 1.13.0-40.el7_2.4
>>>
>>> I ran the following commands to set up LDAP/AD authentication:
>>>
>>> # ln -s /bin/bash /bin/PHSshell
>>> # ln -s /home /PHShome
>>> # authconfig --enablesssdauth --enablemkhomedir --enablesssd -update
>>> # chkconfig sssd on # service sssd restart
>>>
>>> Initially, I ran into problems because I had not created an sssd.conf
>>> file. Eventually I did create one, and its contents are the following:
>>>
>>>...
2019 Mar 04
0
Can't authenticate to AD using Samba with SSSD
...mmon samba-common-tools
> > krb5-workstation openldap-clients ntpdate ntp nss-pam-ldapd
> > policycoreutils-python samba-client samba nano
> >
> > 2) realm join ... #shortened command; binding to specific OU; works
> > as expected
> >
> > 3) authconfig --enablesssdauth --enablesssd
> --enablemkhomedir --update
> >
> > 4) nano /etc/samba/smb.conf
> >
> > 5) testparm
> >
> > 6) mkdir /testshare
> >
> > 7) id btp4 at yu.yale.edu #works as expected
> >
> > 8) chown -R root:pathology_its at yu.yale....