search for: ldap_user_object_class

...site krb5_kpasswd = hh16.hh3.site ldap_uri = ldap://hh16.hh3.site/ ldap_search_base = dc=hh3,dc=site ldap_tls_cacertdir = /usr/local/samba/private/tls ldap_id_use_start_tls = False ldap_default_bind_dn = cn=lynn2,cn=Users,dc=hh3,dc=site ldap_default_authtok = xx ldap_default_authtok_type = password ldap_user_object_class = person ldap_user_name = samAccountName ldap_user_uid_number = uidNumber ldap_user_gid_number = gidNumber ldap_user_home_directory = unixHomeDirectory ldap_user_shell = loginShell ldap_group_object_class = group #ldap_user_search_filter =(&(objectCategory=User)(uidNumber=*)) I've tried en...

...ap://xxx-DC-A.xxx.xxx:389 ldap_id_use_start_tls = False ldap_auth_disable_tls_never_use_in_production = true ldap_default_bind_dn = CN=ldapadmin,cn=Users,dc=xxx,dc=xxx ldap_default_authtok_type = password ldap_default_authtok = xxxxxxxx ldap_schema = rfc2307bis ldap_user_search_base = dc=xx,dc=xx ldap_user_object_class = user ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_group_search_base = dc=xx,dc=xx ldap_group_object_class = group ldap_group_member = memberOf access_provider = simple simple_allow_groups = IT ldap_access_order = expire ldap_account_expire_policy...

...ver_use_in_production = true > > ldap_default_bind_dn = CN=ldapadmin,cn=Users,dc=xxx,dc=xxx > > ldap_default_authtok_type = password > > ldap_default_authtok = xxxxxxxx > > > > ldap_schema = rfc2307bis > > > > ldap_user_search_base = dc=xx,dc=xx > > ldap_user_object_class = user > > ldap_user_home_directory = unixHomeDirectory > > ldap_user_principal = userPrincipalName > > ldap_group_search_base = dc=xx,dc=xx > > ldap_group_object_class = group > > ldap_group_member = memberOf > > access_provider = simple > > > > &g...

...erver = x.y.143.15, x.y.143.16 #krb5_kpasswd = dc2.samba.company.com, dc3.samba.company.com krb5_kpasswd = x.y.143.15, x.y.143.16 ldap_krb5_keytab = /etc/krb5.sssd.keytab ldap_krb5_init_creds = true ldap_uri = ldap://x.y.143.15, ldap://x.y.143.16 ldap_search_base = dc=samba,dc=merit,dc=unu,dc=edu ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_uid_number = uidNumber ldap_user_gid_number = gidNumber ldap_user_home_directory = unixHomeDirectory ldap_user_shell = loginShell ldap_group_object_class = group ldap_group_name = cn ldap_group_member = member I hope this is enough info, and one of...

...lt_bind_dn = CN=ldapadmin,cn=Users,dc=xxx,dc=xxx >>>> ldap_default_authtok_type = password >>>> ldap_default_authtok = xxxxxxxx >>>> >>>> ldap_schema = rfc2307bis >>>> >>>> ldap_user_search_base = dc=xx,dc=xx >>>> ldap_user_object_class = user >>>> ldap_user_home_directory = unixHomeDirectory >>>> ldap_user_principal = userPrincipalName >>>> ldap_group_search_base = dc=xx,dc=xx >>>> ldap_group_object_class = group >>>> ldap_group_member = memberOf >>>> access_...

...= serveur.radiodjiido.nc > krb5_kpasswd = serveur.radiodjiido.nc > #next line only lists users with uidNumber/gidNumber entered via ldbedit > ldap_id_mapping = false > ldap_referrals = false > ldap_uri = ldap://serveur.radiodjiido.nc > ldap_search_base = dc=radiodjiido,dc=nc > ldap_user_object_class = user > ldap_user_name = samAccountName > ldap_user_uid_number = uidNumber > ldap_user_gid_number = gidNumber > ldap_user_home_directory = unixHomeDirectory > ldap_user_shell = loginShell > ldap_group_object_class = group > ldap_group_search_base = dc=radiodjiido,dc=nc > ld...

...ls = False > ldap_auth_disable_tls_never_use_in_production = true > ldap_default_bind_dn = CN=ldapadmin,cn=Users,dc=xxx,dc=xxx > ldap_default_authtok_type = password > ldap_default_authtok = xxxxxxxx > > ldap_schema = rfc2307bis > > ldap_user_search_base = dc=xx,dc=xx > ldap_user_object_class = user > ldap_user_home_directory = unixHomeDirectory > ldap_user_principal = userPrincipalName > ldap_group_search_base = dc=xx,dc=xx > ldap_group_object_class = group > ldap_group_member = memberOf > access_provider = simple > > > > simple_allow_groups = IT >...

...ldap access_provider = ldap ldap_uri = ldap://xxxxA.companydomain.acc:389 ldap_default_bind_dn = CN=ldapadmin,cn=Users,dc=companydomain,dc=acc ldap_default_authtok_type = password ldap_default_authtok = 5ER3zx:V ldap_schema = rfc2307bis ldap_user_search_base = dc=companydomain,dc=acc ldap_user_object_class = user ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_group_search_base = dc=companydomain,dc=acc ldap_group_object_class = group Can any one please help me to fix the authentication ?? Kind Regards

...assicupgrade my machine accounts are placed in a separate CN=Computers, with objectclasses: - posixAccount - person - organisationalPerson - user - computer Taking my sssd configuration from https://wiki.samba.org/index.php/Local_user_management_and_authentication/sssd, I have this config: ... ldap_user_object_class = user ... Meaning all my computer accounts are included in getent passwd, etc. If possible I would like to stay with stock wheezy/sssd 1.8.4, but I would like my machine accounts to be excluded from sssd... Is that possible, or do I want too much? ;-) (or related... is the classicupgrade corr...

...e = 4000 ldap_access_order = expire ldap_account_expire_policy = ad ldap_default_bind_dn = CN=LINUXAUTH,DC=EXAMPLE,DC=COM ldap_id_mapping = False ldap_search_base = DC=EXAMPLE,DC=COM ldap_user_search_base = DC=EXAMPLE,DC=COM?subtree?&(objectclass=user)(uidnumber=*) ldap_user_search_scope = sub ldap_user_object_class = user ldap_user_name = cn ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_user_shell = loginShell ldap_user_uid_number = uidNumber ldap_user_gid_number = gidNumber ldap_user_objectsid = objectSid ldap_user_member_of = memberOf ldap_user_gecos = cn ldap_gr...

...raged for performance reasons. # enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = dc01$@AUTH.DOMAIN.COM krb5_realm = AUTH.DOMAIN.COM krb5_server = dc01.auth.domain.com krb5_kpasswd = dc01.auth.domain.com ldap_krb5_keytab = /etc/krb5.sssd.keytab ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_user_shell = loginShell ldap_group_object_class = group --------------------------------------------------------------------------------------------------------------...

...TH.LOCAL krb5_server = bubba3-one.earth.local krb5_kpasswd = bubba3-one.earth.local ldap_krb5_keytab = /etc/krb5.sssd.keytab ldap_krb5_init_creds = true ldap_referrals = false ldap_uri = ldap://bubba3-one.earth.local ldap_search_base = dc=earth,dc=local dyndns_update=false ldap_id_mapping=false ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_uid_number = uidNumber ldap_user_gid_number = gidNumber ldap_user_home_directory = unixHomeDirectory ldap_user_shell = loginShell ldap_group_object_class = group ldap_group_name = cn ldap_group_member = member Any idea what I am missing? Can I enab...

...> ldap_default_bind_dn = CN=ldapadmin,cn=Users,dc=xxx,dc=xxx > > > ldap_default_authtok_type = password > > > ldap_default_authtok = xxxxxxxx > > > > > > ldap_schema = rfc2307bis > > > > > > ldap_user_search_base = dc=xx,dc=xx > > > ldap_user_object_class = user > > > ldap_user_home_directory = unixHomeDirectory > > > ldap_user_principal = userPrincipalName > > > ldap_group_search_base = dc=xx,dc=xx > > > ldap_group_object_class = group > > > ldap_group_member = memberOf > > > access_provider = s...

...raged for performance reasons. # enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = dc01$@AUTH.DOMAIN.COM krb5_realm = AUTH.DOMAIN.COM krb5_server = dc01.auth.domain.com krb5_kpasswd = dc01.auth.domain.com ldap_krb5_keytab = /etc/krb5.sssd.keytab ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_user_shell = loginShell ldap_group_object_class = group > > > > ----------------------------------------------------------------------------------------------...

...raged for performance reasons. # enumerate = true auth_provider = krb5 chpass_provider = krb5 ldap_sasl_mech = gssapi ldap_sasl_authid = dc01$@AUTH.DOMAIN.COM krb5_realm = AUTH.DOMAIN.COM krb5_server = dc01.auth.domain.com krb5_kpasswd = dc01.auth.domain.com ldap_krb5_keytab = /etc/krb5.sssd.keytab ldap_user_object_class = user ldap_user_name = samAccountName ldap_user_home_directory = unixHomeDirectory ldap_user_principal = userPrincipalName ldap_user_shell = loginShell ldap_group_object_class = g roup > > > > ------------------------------------------------------------------------------------...

...try_cache_timeout = 300 entry_cache_nowait_percentage = 75 [domain/AD.COMPANY.COM] enumerate = false cache_credentials = true id_provider = ldap #auth_provider = ldap ldap_schema = rfc2307bis ldap_user_principal = userPrincipalName ldap_user_fullname = displayName ldap_user_name = sAMAccountName ldap_user_object_class = user ldap_user_home_directory = unixHomeDirectory ldap_user_shell = loginShell ldap_group_object_class = group ldap_force_upper_case_realm = True ldap_uri = ldap://192.168.192.50 ldap_search_base = dc=ad,dc=company,dc=com ldap_id_use_start_tls = false ldap_tls_reqcert = never ldap_tls_cacert =...