Displaying 15 results from an estimated 15 matches for "ldap_user_name".
2016 Nov 09
3
samba with customized ldap backend (fwd)
Sir,
As you suggested I have already done this settings ('ldap_user_name
=username') 3 year back and due to this our users are able to login in
various service like ssh, imap, pop by sssd service but not able to
connect/authenticate by samba.
As you know in my case due to our customized ldap which start
'uid=numericID' instead of 'uid=username'...
2020 Oct 05
2
Samba SSSD authentication via userPrincipalName does not work because samba claims that the username does not exist.
...n't authenticate against a Samba (as Active-Directory Member) using the userPrincipalName (UPN). (Using Samba and sAMAccountName works fine.)
After some research I'm quite sure that winbind is limited to the sAMAccountName and can't use UPN. So I deciced to use SSSD and configured the `ldap_user_name = userPrincipalName` in the sssd.conf
Example:
* sAMAccountName: timfin01
* userPrincipalName: tim.finnigan
"getent passwd tim.finnigan" works, i.e. returns "tim.finnigan:*:1238402723:1238400513:Tim Finnigan:/home/tim.finnigan at ad.adtest.de:/bin/bash", so I guess SSSD authe...
2016 Nov 10
0
samba with customized ldap backend (fwd)
...ldapd-users/
If what you are trying to do is possible with sssd or nslcd, then
one of the links should help you, I am fairly sure you do not have a
Samba problem.
Rowland
________
On Wed, 9 Nov 2016, Arun Gupta wrote:
> Sir,
>
> As you suggested I have already done this settings ('ldap_user_name
> =username') 3 year back and due to this our users are able to login in
> various service like ssh, imap, pop by sssd service but not able to
> connect/authenticate by samba.
>
> As you know in my case due to our customized ldap which start 'uid=numericID'
> inste...
2013 Apr 14
1
sssd getent problem with Samba 4.0
...e
ldap_uri = ldap://hh16.hh3.site/
ldap_search_base = dc=hh3,dc=site
ldap_tls_cacertdir = /usr/local/samba/private/tls
ldap_id_use_start_tls = False
ldap_default_bind_dn = cn=lynn2,cn=Users,dc=hh3,dc=site
ldap_default_authtok = xx
ldap_default_authtok_type = password
ldap_user_object_class = person
ldap_user_name = samAccountName
ldap_user_uid_number = uidNumber
ldap_user_gid_number = gidNumber
ldap_user_home_directory = unixHomeDirectory
ldap_user_shell = loginShell
ldap_group_object_class = group
#ldap_user_search_filter =(&(objectCategory=User)(uidNumber=*))
I've tried
enumerate = true
and it wo...
2020 Oct 05
0
Samba SSSD authentication via userPrincipalName does not work because samba claims that the username does not exist.
...uthenticate against a Samba (as Active-Directory Member) using the userPrincipalName (UPN). (Using Samba and sAMAccountName works fine.)
>
> After some research I'm quite sure that winbind is limited to the sAMAccountName and can't use UPN. So I deciced to use SSSD and configured the `ldap_user_name = userPrincipalName` in the sssd.conf
>
> Example:
>
> * sAMAccountName: timfin01
> * userPrincipalName: tim.finnigan
>
> "getent passwd tim.finnigan" works, i.e. returns "tim.finnigan:*:1238402723:1238400513:Tim Finnigan:/home/tim.finnigan at ad.adtest.de:/bin/b...
2014 Jul 23
1
sssd problems after dc1 is no longer online
...#krb5_kpasswd = dc2.samba.company.com, dc3.samba.company.com
krb5_kpasswd = x.y.143.15, x.y.143.16
ldap_krb5_keytab = /etc/krb5.sssd.keytab
ldap_krb5_init_creds = true
ldap_uri = ldap://x.y.143.15, ldap://x.y.143.16
ldap_search_base = dc=samba,dc=merit,dc=unu,dc=edu
ldap_user_object_class = user
ldap_user_name = samAccountName
ldap_user_uid_number = uidNumber
ldap_user_gid_number = gidNumber
ldap_user_home_directory = unixHomeDirectory
ldap_user_shell = loginShell
ldap_group_object_class = group
ldap_group_name = cn
ldap_group_member = member
I hope this is enough info, and one of the sssd guru's h...
2013 Oct 01
1
Should I forget sssd ?
..._kpasswd = serveur.radiodjiido.nc
> #next line only lists users with uidNumber/gidNumber entered via ldbedit
> ldap_id_mapping = false
> ldap_referrals = false
> ldap_uri = ldap://serveur.radiodjiido.nc
> ldap_search_base = dc=radiodjiido,dc=nc
> ldap_user_object_class = user
> ldap_user_name = samAccountName
> ldap_user_uid_number = uidNumber
> ldap_user_gid_number = gidNumber
> ldap_user_home_directory = unixHomeDirectory
> ldap_user_shell = loginShell
> ldap_group_object_class = group
> ldap_group_search_base = dc=radiodjiido,dc=nc
> ldap_group_name = cn
> lda...
2014 Jul 28
0
[sssd] Not seeing Secondary Groups
...xpire
ldap_account_expire_policy = ad
ldap_default_bind_dn = CN=LINUXAUTH,DC=EXAMPLE,DC=COM
ldap_id_mapping = False
ldap_search_base = DC=EXAMPLE,DC=COM
ldap_user_search_base = DC=EXAMPLE,DC=COM?subtree?&(objectclass=user)(uidnumber=*)
ldap_user_search_scope = sub
ldap_user_object_class = user
ldap_user_name = cn
ldap_user_home_directory = unixHomeDirectory
ldap_user_principal = userPrincipalName
ldap_user_shell = loginShell
ldap_user_uid_number = uidNumber
ldap_user_gid_number = gidNumber
ldap_user_objectsid = objectSid
ldap_user_member_of = memberOf
ldap_user_gecos = cn
ldap_group_search_base = DC=E...
2016 Feb 02
3
Mac OS X and ACL's
...# enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = dc01$@AUTH.DOMAIN.COM krb5_realm = AUTH.DOMAIN.COM krb5_server = dc01.auth.domain.com krb5_kpasswd = dc01.auth.domain.com ldap_krb5_keytab = /etc/krb5.sssd.keytab ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_user_shell = loginShell ldap_group_object_class = group
-----------------------------------------------------------------------------------------------------------------
Here is the getf...
2014 Feb 18
0
sssd + samba4 not working (yet)
...one.earth.local
krb5_kpasswd = bubba3-one.earth.local
ldap_krb5_keytab = /etc/krb5.sssd.keytab
ldap_krb5_init_creds = true
ldap_referrals = false
ldap_uri = ldap://bubba3-one.earth.local
ldap_search_base = dc=earth,dc=local
dyndns_update=false
ldap_id_mapping=false
ldap_user_object_class = user
ldap_user_name = samAccountName
ldap_user_uid_number = uidNumber
ldap_user_gid_number = gidNumber
ldap_user_home_directory = unixHomeDirectory
ldap_user_shell = loginShell
ldap_group_object_class = group
ldap_group_name = cn
ldap_group_member = member
Any idea what I am missing? Can I enable some debugging some...
2016 Nov 08
3
samba with customized ldap backend (fwd)
Hello Sir,
I have also tried with nslcd and didn't succeeded.
kindly advice.
Regards,
Arun
--------------
Have you asked on the sssd-users mailing list about this ???
If you are using sssd then Samba ISN'T doing the authentication, SSSD
is.
Rowland
---------- Forwarded message ----------
Date: Mon, 7 Nov 2016 18:30:51 +0530 (IST)
From: Arun Gupta <arung at cdac.in>
To:
2016 Feb 02
0
Mac OS X and ACL's
...# enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = dc01$@AUTH.DOMAIN.COM krb5_realm = AUTH.DOMAIN.COM krb5_server = dc01.auth.domain.com krb5_kpasswd = dc01.auth.domain.com ldap_krb5_keytab = /etc/krb5.sssd.keytab ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_user_shell = loginShell ldap_group_object_class = group
>
>
>
> -----------------------------------------------------------------------------------------------------------------
&g...
2017 Aug 28
2
Issues with mounting Samba shares after update
Actually it isn't part of AD at all. We are using FreeIPA and Samba. We
just finally figured this out with the help of some folks at Red Hat. It
turned out there was a bug in one of the libraries that came along with
sssd (sssd-libwbclient I believe). Their suggestion to use winbind and the
version of the same library that came with it seems to have solved our
problem instantly. It
2016 Feb 02
2
Mac OS X and ACL's
...# enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = dc01$@AUTH.DOMAIN.COM krb5_realm = AUTH.DOMAIN.COM krb5_server = dc01.auth.domain.com krb5_kpasswd = dc01.auth.domain.com ldap_krb5_keytab = /etc/krb5.sssd.keytab ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_user_shell = loginShell ldap_group_object_class =
g
roup
>
>
>
> ----------------------------------------------------------------------------------------------------------...
2018 Jul 20
2
SSSD on CentOS 7 failing to start when connecting to 4.8.3 AD via LDAP
...che
reconnection_retries = 3
#entry_cache_timeout = 300
entry_cache_nowait_percentage = 75
[domain/AD.COMPANY.COM]
enumerate = false
cache_credentials = true
id_provider = ldap
#auth_provider = ldap
ldap_schema = rfc2307bis
ldap_user_principal = userPrincipalName
ldap_user_fullname = displayName
ldap_user_name = sAMAccountName
ldap_user_object_class = user
ldap_user_home_directory = unixHomeDirectory
ldap_user_shell = loginShell
ldap_group_object_class = group
ldap_force_upper_case_realm = True
ldap_uri = ldap://192.168.192.50
ldap_search_base = dc=ad,dc=company,dc=com
ldap_id_use_start_tls = false
lda...