search for: krb5_kpasswd

...ices = nss, pam config_file_version = 2 domains = default [nss] [pam] [domain/default] access_provider = simple #simple_allow_users = myuser enumerate = false cache_credentials = True id_provider = ldap auth_provider = krb5 chpass_provider = krb5 krb5_realm = HH3.SITE krb5_server = hh16.hh3.site krb5_kpasswd = hh16.hh3.site ldap_uri = ldap://hh16.hh3.site/ ldap_search_base = dc=hh3,dc=site ldap_tls_cacertdir = /usr/local/samba/private/tls ldap_id_use_start_tls = False ldap_default_bind_dn = cn=lynn2,cn=Users,dc=hh3,dc=site ldap_default_authtok = xx ldap_default_authtok_type = password ldap_user_object_...

...ble enumeration for performance reasons # enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = EPO$@SAMBA.COMPANY.COM krb5_realm = SAMBA.COMPANY.COM #krb5_server = dc2.samba.company.com, dc3.samba.company.com krb5_server = x.y.143.15, x.y.143.16 #krb5_kpasswd = dc2.samba.company.com, dc3.samba.company.com krb5_kpasswd = x.y.143.15, x.y.143.16 ldap_krb5_keytab = /etc/krb5.sssd.keytab ldap_krb5_init_creds = true ldap_uri = ldap://x.y.143.15, ldap://x.y.143.16 ldap_search_base = dc=samba,dc=merit,dc=unu,dc=edu ldap_user_object_class = user ldap_user_name...

...iido.nc > ad_domain = radiodjiido.nc > ldap_schema = ad > id_provider = ad > access_provider = simple > enumerate = true > cache_credentials = true > auth_provider = krb5 > chpass_provider = krb5 > krb5_realm = RADIODJIIDO.NC > krb5_server = serveur.radiodjiido.nc > krb5_kpasswd = serveur.radiodjiido.nc > #next line only lists users with uidNumber/gidNumber entered via ldbedit > ldap_id_mapping = false > ldap_referrals = false > ldap_uri = ldap://serveur.radiodjiido.nc > ldap_search_base = dc=radiodjiido,dc=nc > ldap_user_object_class = user > ldap_use...

...cess_order = expire # ldap_account_expire_policy = ad # Enumeration is discouraged for performance reasons. # enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = dc01$@AUTH.DOMAIN.COM krb5_realm = AUTH.DOMAIN.COM krb5_server = dc01.auth.domain.com krb5_kpasswd = dc01.auth.domain.com ldap_krb5_keytab = /etc/krb5.sssd.keytab ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_user_shell = loginShell ldap_group_object_class = group -----------------------...

...ccess_provider = simple # on large directories, you may want to disable enumeration for performance reasons enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = bubba3-one$@EARTH.LOCAL krb5_realm = EARTH.LOCAL krb5_server = bubba3-one.earth.local krb5_kpasswd = bubba3-one.earth.local ldap_krb5_keytab = /etc/krb5.sssd.keytab ldap_krb5_init_creds = true ldap_referrals = false ldap_uri = ldap://bubba3-one.earth.local ldap_search_base = dc=earth,dc=local dyndns_update=false ldap_id_mapping=false ldap_user_object_class = user ldap_user_name = samAccountN...

...cess_order = expire # ldap_account_expire_policy = ad # Enumeration is discouraged for performance reasons. # enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = dc01$@AUTH.DOMAIN.COM krb5_realm = AUTH.DOMAIN.COM krb5_server = dc01.auth.domain.com krb5_kpasswd = dc01.auth.domain.com ldap_krb5_keytab = /etc/krb5.sssd.keytab ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_user_shell = loginShell ldap_group_object_class = group > > > > -------...

...cess_order = expire # ldap_account_expire_policy = ad # Enumeration is discouraged for performance reasons. # enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = dc01$@AUTH.DOMAIN.COM krb5_realm = AUTH.DOMAIN.COM krb5_server = dc01.auth.domain.com krb5_kpasswd = dc01.auth.domain.com ldap_krb5_keytab = /etc/krb5.sssd.keytab ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_user_shell = loginShell ldap_group_object_class = g roup > > > &g...

>> But instead i get >> centos: sshd[7929]: pam_unix(sshd:session): session opened for user >> <username> > > "pam_unix" should be an indication that <username> appears in the local > unix password files. Make sure that it doesn't. Nope. None of the usernames i tried is in /etc/passwd or /etc/shadow > > What do /etc/pam.d/sshd and