search for: gaio

Displaying 20 results from an estimated 401 matches for "gaio".

Did you mean: gain
2017 Dec 06
4
DM and ''offline'' PAM (and NSS?)...
I'm using samba 4.5 on a debian jessie (Louis packages). Rarely it happen that a power outgage tear down all the stuff, here. I've noticed that if the DM start before the DC, clearly all account data are inaccessible. To prevent or minimize that, the ''offline mode'' of winbind can be safely used also on DM servers? Or is tailoread against roaming client (portables,
2023 May 22
1
PAM Offline Authentication in Ubuntu 22.04...
...I would undo that, it appears to be wrong. OK, i've undo also i. > I have tested this on a Ubuntu 22.04 computer and it works, so I have > updated the wiki page: > https://wiki.samba.org/index.php/PAM_Offline_Authentication Apparently works as expected: root at dane:~# wbinfo -K gaio Enter gaio's password: plaintext kerberos password authentication for [gaio] succeeded (requesting cctype: FILE) credentials were put in: FILE:/tmp/krb5cc_0 root at dane:~# smbcontrol winbind offline root at dane:~# wbinfo -K gaio Enter gaio's password: plaintext kerberos password...
2017 Nov 10
1
[Curiosity] Default domain, DC and DM...
In my DC, without setting explicitly a 'winbind default domain', i can check logins domainless: root at vdcsv1:~# id gaio uid=10000(LNFFVG\gaio) gid=10513(LNFFVG\domain users) gruppi=10513(LNFFVG\domain users),11001(LNFFVG\sir),10999(LNFFVG\unixadm),3000008(LNFFVG\domain admins),3000005(LNFFVG\denied rodc password replication group),3000005(LNFFVG\denied rodc password replication group),3000009(BUILTIN\users),3000000...
2017 Dec 18
3
DM and ''offline'' PAM (and NSS?)...
...a little strange thing, i think related to the fact > that in my DM i've set 'winbind use default domain = yes'. > > > Folowing the wiki, i've enabled offline logon and then done: > > ['smbcontrol winbind online' > root at vdmsv1:~# wbinfo -K LNFFVG\\gaio > Enter LNFFVG\gaio's password: > plaintext kerberos password authentication for [LNFFVG\gaio] > succeeded (requesting cctype: FILE) credentials were put in: > FILE:/tmp/krb5cc_0 > > ['smbcontrol winbind offline'] > root at vdmsv1:~# wbinfo -K LNFFVG\\gaio >...
2017 Nov 29
2
LDAP query and result: better field for username?
Currently for my user: root at vdmsv1:/etc/exim4# ldbsearch -H ldap://vdcsv1 -P -b DC=ad,DC=fvg,DC=lnf,DC=it "(cn=gaio)" | grep ": gaio$" cn: gaio name: gaio sAMAccountName: gaio uid: gaio msSFU30Name: gaio what field is betetr to use for querying for user 'gaio'? 'uid' no (because RFC2307 data can be missing), so? 'sAMAccountName'? or 'cn'? Thanks. PS: cle...
2023 May 22
2
PAM Offline Authentication in Ubuntu 22.04...
...; OK, i've undo also i. > > >> I have tested this on a Ubuntu 22.04 computer and it works, so I have >> updated the wiki page: >> https://wiki.samba.org/index.php/PAM_Offline_Authentication > > Apparently works as expected: > > root at dane:~# wbinfo -K gaio > Enter gaio's password: > plaintext kerberos password authentication for [gaio] succeeded (requesting cctype: FILE) > credentials were put in: FILE:/tmp/krb5cc_0 > root at dane:~# smbcontrol winbind offline > root at dane:~# wbinfo -K gaio > Enter gaio's passw...
2017 Oct 20
2
Some hint reading password expiration data...
...d policies seems to ''get written'' to user data. EG, if i set: pdbedit -P "maximum password age" -C 7776000 and i change my password, 'Password must change' have a meningful value, eg 90 days more then the last password change: root at armitage:~# pdbedit -v gaio Unix username: gaio NT username: gaio Account Flags: [U ] User SID: S-1-5-21-1458177777-355997386-270368766-1087 Primary Group SID: S-1-5-21-1458177777-355997386-270368766-1009 Full Name: Marco Gaiarin Home Directory: \\ARMITAGE...
2023 Nov 28
1
Setting up Profiles share... 777?!
...ailing to create profiles for users; after fiddling a bit, i was forced to have '/srv/samba/profiles' as 775 :unixadm (a group member of 'Domain Aministrators') and profile folders get created '777': root at vdmacpn1:~# ls -la /srv/samba/profiles/ totale 16 drwxrwxr-x 7 gaio unixadm 92 28 nov 15.49 . drwxrwxr-x 5 root root 54 2 nov 19.24 .. drwxrwxrwx 2 daniela segreteria 6 4 nov 10.57 daniela.V2 drwxrwxrwx 16 daniela segreteria 281 25 nov 11.59 daniela.V6 drwxrwxrwx 15 gaio domain users 272 28 nov 15.49 gaio.V2 drwxrwxrwx 15...
2019 Jan 28
2
Winbind, cached logons and 'user persistency'...
On Mon, 28 Jan 2019 12:52:45 +0100 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > Mandi! Rowland Penny via samba > In chel di` si favelave... > > > > Strictly speaking, why winbind cache ''PAM'' data and not ''NSS'' > > > one (seems to me)? > > The problem is (for myself anyway), I do not understand the >
2019 Jan 29
0
Winbind, cached logons and 'user persistency'...
...if I > haven't been anywhere. This is what i supposed to work mee too. Seems not. You have also your user in /etc/passwd? O;-) > You seem to be doing something wrong ;-) Probably. But i don't understand what. Authentication works as expected: root at vdmsv2:~# wbinfo -K LNFFVG\\gaio Enter LNFFVG\gaio's password: plaintext kerberos password authentication for [LNFFVG\gaio] succeeded (requesting cctype: FILE) credentials were put in: FILE:/tmp/krb5cc_0 root at vdmsv2:~# smbcontrol winbind offline root at vdmsv2:~# wbinfo -K LNFFVG\\gaio Enter LNFFVG\gaio's passwor...
2018 Nov 22
2
NTP strangeness...
...with clock differences. Some machine have effectively some troubles, eg have NO 'Windows Time' service defined, probably some glitches happened when moving from our old NT-like domain. Anyway, catching for that, we have found some other strangeness. Windows time service run: C:\Users\gaio>sc query w32time NOME_SERVIZIO: w32time TIPO : 20 WIN32_SHARE_PROCESS STATO : 4 RUNNING (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN) CODICE_USCITA_WIN32 : 0 (0x0) CODICE_USCITA_SERVIZIO : 0...
2023 May 20
1
PAM Offline Authentication in Ubuntu 22.04...
On 19/05/2023 12:02, Marco Gaiarin via samba wrote: > > I'm trying to enable offline auth in a Ubuntu 22.04 box, following: > > https://wiki.samba.org/index.php/PAM_Offline_Authentication > > using standard ubuntu samba package (4.15.13+dfsg-0ubuntu1.1). > I've enabled workaround 'lock directory = /var/cache/samba'. I would undo that, it appears to be
2017 Dec 18
2
DM and ''offline'' PAM (and NSS?)...
...} Interesting! I've looked at that in the past, but i was not interested in SSO so i've probably skipped. Anyway, i've tried to comment out 'winbind use default domain = yes' and add this stanza to /etc/krb5.conf but seems does not work, eg: root at vdmsv1:~# getent passwd gaio root at vdmsv1:~# getent passwd LNFFVG\\gaio LNFFVG\gaio:*:10000:10513:Marco Gaiarin:/home/gaio:/bin/bash only the 'domainful' version of the account work. > Now, since im not sure this works ok, i dont use it on my debian servers, i use option2. > option2 is ignore the "no...
2017 Dec 18
0
DM and ''offline'' PAM (and NSS?)...
...as expected. I've only found a little strange thing, i think related to the fact that in my DM i've set 'winbind use default domain = yes'. Folowing the wiki, i've enabled offline logon and then done: ['smbcontrol winbind online' root at vdmsv1:~# wbinfo -K LNFFVG\\gaio Enter LNFFVG\gaio's password: plaintext kerberos password authentication for [LNFFVG\gaio] succeeded (requesting cctype: FILE) credentials were put in: FILE:/tmp/krb5cc_0 ['smbcontrol winbind offline'] root at vdmsv1:~# wbinfo -K LNFFVG\\gaio Enter LNFFVG\gaio's password: p...
2017 Dec 18
0
DM and ''offline'' PAM (and NSS?)...
...a little strange thing, i think related to the fact > that in my DM i've set 'winbind use default domain = yes'. > > > Folowing the wiki, i've enabled offline logon and then done: > > ['smbcontrol winbind online' > root at vdmsv1:~# wbinfo -K LNFFVG\\gaio > Enter LNFFVG\gaio's password: > plaintext kerberos password authentication for [LNFFVG\gaio] > succeeded (requesting cctype: FILE) > credentials were put in: FILE:/tmp/krb5cc_0 > > ['smbcontrol winbind offline'] > root at vdmsv1:~# wbinfo -K LNFFVG\\gaio &g...
2017 Nov 09
2
Best practice for creating an RO LDAP User in AD...
...> > Eh. «De gustibus non disputandum est». ;-) > > > > The setup for the Ad in the link below is the same but if you want > > access without auth, Have you tried to query the GC ports. ( 3268 > > or 3269 ) > > No, but now yes and does not work: > > gaio at albus:~$ ldapsearch -x -H ldap://vdcsv1:3268/ -b > DC=ad,DC=fvg,DC=lnf,DC=it "(uid=gaio)" Try: ldbsearch -H ldap://vdcsv1:3268 -P -b DC=ad,DC=fvg,DC=lnf,DC=it '(uid=gaio)' You will have to do this as root. Rowland
2017 Oct 30
2
Password change question/1: smbpasswd does not propagate passwords?!
Doing some test i've done, as root, in one DC: root at vdcpp1:~# smbpasswd gaio New SMB password: Retype new SMB password: root at vdcpp1:~# pdbedit -v gaio Unix username: gaio NT username: Account Flags: [U ] User SID: S-1-5-21-160080369-3601385002-3131615632-1105 Primary Group SID: S-1-5-21-160080369-3601385002-31316156...
2019 Jan 29
2
Winbind, cached logons and 'user persistency'...
...ou have also your user in /etc/passwd? O;-) No, you cannot have a user in /etc/passwd and AD. > > > > You seem to be doing something wrong ;-) > > Probably. But i don't understand what. Authentication works as > expected: > > root at vdmsv2:~# wbinfo -K LNFFVG\\gaio > Enter LNFFVG\gaio's password: > plaintext kerberos password authentication for [LNFFVG\gaio] > succeeded (requesting cctype: FILE) credentials were put in: > FILE:/tmp/krb5cc_0 root at vdmsv2:~# smbcontrol winbind offline > root at vdmsv2:~# wbinfo -K LNFFVG\\gaio > Ent...
2018 Nov 22
0
NTP strangeness...
Hi Marco, As far i can see here. Are all your ADDC servers set to the same source NTP ( preffered a stratum 1 or 2 ) server. ( and not pool ntp sources ) Because below i see stratum 4 and stratum 3 servers and a timeout on one server. When i look at this. > C:\Users\gaio>w32tm /query /peers > N. peer: 1 > Peer: vdcpp2.ad.fvg.lnf.it > Stato: Attivo > Tempo rimanente: 914.2880000s...
2017 Oct 23
0
Some hint reading password expiration data...
Sorry, i came back on this, but: > In another, more generic, way: how password policies are enforced? still i need an answer on this question. I've done some tests, using my account, that pdbedit say: root at vdcsv1:~# LANG=C pdbedit -v gaio Unix username: gaio NT username: Account Flags: [U ] User SID: S-1-5-21-160080369-3601385002-3131615632-1105 Primary Group SID: S-1-5-21-160080369-3601385002-3131615632-513 Full Name: Marco Gaiarin Home Directory: HomeDir Dri...