Displaying 20 results from an estimated 29 matches for "ldap_user_search_base".
2018 Nov 16
1
sssd ldap_user_search_base filters with '#' characters in names
I'm trying to craft an ldap search filter for use with
ldap_user_search_base in sssd.conf which is using Actice Directory (AD)
as the back end on CentOS 7 clients
The filter looks for users that are memberOf a particular group -
however, the group name start with a '#' character - i.e. in AD, the
group name is listed as something like '#ABC XYZ'
But whe...
2016 Sep 02
3
Samba4 and sssd authentication not working due "Transport encryption required."
...p
auth_provider = ldap
ldap_uri = ldap://xxx-DC-A.xxx.xxx:389
ldap_id_use_start_tls = False
ldap_auth_disable_tls_never_use_in_production = true
ldap_default_bind_dn = CN=ldapadmin,cn=Users,dc=xxx,dc=xxx
ldap_default_authtok_type = password
ldap_default_authtok = xxxxxxxx
ldap_schema = rfc2307bis
ldap_user_search_base = dc=xx,dc=xx
ldap_user_object_class = user
ldap_user_home_directory = unixHomeDirectory
ldap_user_principal = userPrincipalName
ldap_group_search_base = dc=xx,dc=xx
ldap_group_object_class = group
ldap_group_member = memberOf
access_provider = simple
simple_allow_groups = IT
ldap_access_order...
2019 Feb 11
3
visibility of groups when multiple Samba servers use the same LDAP server
...passdb backend = ldapsam:ldap://ldap.domain.tld
ldap suffix = dc=domain,dc=tld
ldap user suffix = ou=people
ldap group suffix = ou=server01,ou=smb,ou=Groups
NSS uses LDAP via SSSD like this:
[domain/LDAP]
id_provider = ldap
ldap_uri = ldap://ldap.domain.tld
ldap_search_base = dc=domain,dc=tld
ldap_user_search_base = ou=People,dc=domain,dc=tld
ldap_group_search_base = ou=server01,ou=smb,ou=Groups,dc=domain,dc=tld
The sambaDomainName is stored in an entry in LDAP path
ou=smb,dc=domain,dc=tld. Each server has it's own entry, but all use the
same SID.
This setup is not exactly pretty, but it "works&...
2016 Sep 02
4
Samba4 and sssd authentication not working due "Transport encryption required."
...tls = False
> > ldap_auth_disable_tls_never_use_in_production = true
> > ldap_default_bind_dn = CN=ldapadmin,cn=Users,dc=xxx,dc=xxx
> > ldap_default_authtok_type = password
> > ldap_default_authtok = xxxxxxxx
> >
> > ldap_schema = rfc2307bis
> >
> > ldap_user_search_base = dc=xx,dc=xx
> > ldap_user_object_class = user
> > ldap_user_home_directory = unixHomeDirectory
> > ldap_user_principal = userPrincipalName
> > ldap_group_search_base = dc=xx,dc=xx
> > ldap_group_object_class = group
> > ldap_group_member = memberOf
> > ac...
2015 Jul 02
2
Secondary groups not recognized by Samba
...ad
chpass_provider = ad
access_provider = ad
ldap_schema = ad
krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = False
fallback_homedir = /home/%d/%u
ldap_search_base = dc=mydomain,dc=com?subtree?
ldap_group_search_base = dc=mydomain,dc=com?subtree?(objectClass=group)
ldap_user_search_base = dc=mydomain,dc=com?subtree?(objectClass=user)
ldap_group_member = member
#!==============================================================
smb.conf
#!==============================================================
# ----------------------- Network-Related Options -------------------------
workgr...
2019 Feb 11
2
visibility of groups when multiple Samba servers use the same LDAP server
...ix = ou=people
>> ldap group suffix = ou=server01,ou=smb,ou=Groups
>>
>> NSS uses LDAP via SSSD like this:
>>
>> [domain/LDAP]
>> id_provider = ldap
>>
>> ldap_uri = ldap://ldap.domain.tld
>> ldap_search_base = dc=domain,dc=tld
>>
>> ldap_user_search_base = ou=People,dc=domain,dc=tld
>> ldap_group_search_base = ou=server01,ou=smb,ou=Groups,dc=domain,dc=tld
>>
>> The sambaDomainName is stored in an entry in LDAP path
>> ou=smb,dc=domain,dc=tld. Each server has it's own entry, but all use
>> the same SID.
>>
>...
2015 May 11
2
ldap host attribute is ignored
...r = ldap
> ldap_user_uuid = entryuuid
> ldap_group_uuid = entryuuid
> ldap_id_use_start_tls = True
> enumerate = False
> cache_credentials = False
> ldap_tls_cacertdir = /etc/openldap/cacerts/
> chpass_provider = ldap
> auth_provider = ldap
> ldap_tls_reqcert = never
> ldap_user_search_base = ou=YYY,o=XXX
> access_provider = ldap
> ldap_access_order = host
> ldap_user_authorized_host = host
> autofs_provider = ldap
>
> [sssd]
> services = nss, pam, autofs
> config_file_version = 2
> domains = default
>
> [nss]
>
> [pam]
>
> [sudo]
>...
2019 Feb 11
2
visibility of groups when multiple Samba servers use the same LDAP server
...;>>
>>>> NSS uses LDAP via SSSD like this:
>>>>
>>>> [domain/LDAP]
>>>> id_provider = ldap
>>>>
>>>> ldap_uri = ldap://ldap.domain.tld
>>>> ldap_search_base = dc=domain,dc=tld
>>>>
>>>> ldap_user_search_base = ou=People,dc=domain,dc=tld
>>>> ldap_group_search_base =
>>>> ou=server01,ou=smb,ou=Groups,dc=domain,dc=tld
>>>>
>>>> The sambaDomainName is stored in an entry in LDAP path
>>>> ou=smb,dc=domain,dc=tld. Each server has it's own entry...
2016 Sep 03
1
Samba4 and sssd authentication not working due "Transport encryption required."
..._use_in_production = true
>>>> ldap_default_bind_dn = CN=ldapadmin,cn=Users,dc=xxx,dc=xxx
>>>> ldap_default_authtok_type = password
>>>> ldap_default_authtok = xxxxxxxx
>>>>
>>>> ldap_schema = rfc2307bis
>>>>
>>>> ldap_user_search_base = dc=xx,dc=xx
>>>> ldap_user_object_class = user
>>>> ldap_user_home_directory = unixHomeDirectory
>>>> ldap_user_principal = userPrincipalName
>>>> ldap_group_search_base = dc=xx,dc=xx
>>>> ldap_group_object_class = group
>>>>...
2015 May 11
3
ldap host attribute is ignored
On 05/09/2015 01:24 PM, Jonathan Billings wrote:
> Is it normal to have pam_unix and pam_sss twice for each each section?
No. See my previous message. I think it's the result of copying
portions of SuSE configurations.
2016 Sep 02
0
Samba4 and sssd authentication not working due "Transport encryption required."
...DC-A.xxx.xxx:389
> ldap_id_use_start_tls = False
> ldap_auth_disable_tls_never_use_in_production = true
> ldap_default_bind_dn = CN=ldapadmin,cn=Users,dc=xxx,dc=xxx
> ldap_default_authtok_type = password
> ldap_default_authtok = xxxxxxxx
>
> ldap_schema = rfc2307bis
>
> ldap_user_search_base = dc=xx,dc=xx
> ldap_user_object_class = user
> ldap_user_home_directory = unixHomeDirectory
> ldap_user_principal = userPrincipalName
> ldap_group_search_base = dc=xx,dc=xx
> ldap_group_object_class = group
> ldap_group_member = memberOf
> access_provider = simple
>
>...
2019 Feb 11
0
visibility of groups when multiple Samba servers use the same LDAP server
...x = dc=domain,dc=tld
> ldap user suffix = ou=people
> ldap group suffix = ou=server01,ou=smb,ou=Groups
>
> NSS uses LDAP via SSSD like this:
>
> [domain/LDAP]
> id_provider = ldap
>
> ldap_uri = ldap://ldap.domain.tld
> ldap_search_base = dc=domain,dc=tld
>
> ldap_user_search_base = ou=People,dc=domain,dc=tld
> ldap_group_search_base = ou=server01,ou=smb,ou=Groups,dc=domain,dc=tld
>
> The sambaDomainName is stored in an entry in LDAP path
> ou=smb,dc=domain,dc=tld. Each server has it's own entry, but all use
> the same SID.
>
> This setup is not e...
2014 Jan 06
0
getent passwd/group worsk but user authentication does not work (SAMBA4/SSSD) (Urgent request)
...errals = false
enumerate = true
id_provider = ldap
access_provider = ldap
ldap_uri = ldap://xxxxA.companydomain.acc:389
ldap_default_bind_dn = CN=ldapadmin,cn=Users,dc=companydomain,dc=acc
ldap_default_authtok_type = password
ldap_default_authtok = 5ER3zx:V
ldap_schema = rfc2307bis
ldap_user_search_base = dc=companydomain,dc=acc
ldap_user_object_class = user
ldap_user_home_directory = unixHomeDirectory
ldap_user_principal = userPrincipalName
ldap_group_search_base = dc=companydomain,dc=acc
ldap_group_object_class = group
Can any one please help me to fix the authentication ??
Kind Regar...
2014 Jul 28
0
[sssd] Not seeing Secondary Groups
...a = rfc2307bis
ldap_referrals = false
ldap_disable_referrals = true
ldap_force_upper_case_realm = true
ldap_page_size = 4000
ldap_access_order = expire
ldap_account_expire_policy = ad
ldap_default_bind_dn = CN=LINUXAUTH,DC=EXAMPLE,DC=COM
ldap_id_mapping = False
ldap_search_base = DC=EXAMPLE,DC=COM
ldap_user_search_base = DC=EXAMPLE,DC=COM?subtree?&(objectclass=user)(uidnumber=*)
ldap_user_search_scope = sub
ldap_user_object_class = user
ldap_user_name = cn
ldap_user_home_directory = unixHomeDirectory
ldap_user_principal = userPrincipalName
ldap_user_shell = loginShell
ldap_user_uid_number = uidNumber
ldap_use...
2014 Aug 06
1
sssd and authconfig and ldap database lookups
...son why?
2. I also noticed if sssd.conf is not there, authconfig won't create
it even if you tell it to --enablesssd. How so? I thought that if you
are using sssd, it would have stuff like kerberos and ldap (to pick a
couple of examples) configured there.
3. It seems if I want to, say, define ldap_user_search_base I must do
it directly in sssd.conf instead of passing some kind of argument to
authconfig. Am I correct? If so, which files does authconfig affect? I
thought it was the *proper* way to configure all the authentication
thingies so to make sure they all played together. But, it seems that
you have t...
2019 Feb 11
1
visibility of groups when multiple Samba servers use the same LDAP server
...;>>>>>
>>>>>> [domain/LDAP]
>>>>>> id_provider = ldap
>>>>>>
>>>>>> ldap_uri = ldap://ldap.domain.tld
>>>>>> ldap_search_base = dc=domain,dc=tld
>>>>>>
>>>>>> ldap_user_search_base = ou=People,dc=domain,dc=tld
>>>>>> ldap_group_search_base =
>>>>>> ou=server01,ou=smb,ou=Groups,dc=domain,dc=tld
>>>>>>
>>>>>> The sambaDomainName is stored in an entry in LDAP path
>>>>>> ou=smb,dc=domain,dc...
2014 Aug 29
1
C7: need authconfig against LDAP
Hi all,
On a C6 box, when I want to enable LDAP authentication, I issue:
# yum -y install nss-pam-ldapd pam_ldap nscd
# authconfig --enableldap --enableldapauth --enablemkhomedir \
--ldapserver=ldap://ldap-blabla/ \
--ldapbasedn="blabla" \
--enablecache --disablefingerprint \
--kickstart --update
All is working fine, the directory structure is fine and compliant.
2019 Feb 11
0
visibility of groups when multiple Samba servers use the same LDAP server
...ver01,ou=smb,ou=Groups
> >>
> >> NSS uses LDAP via SSSD like this:
> >>
> >> [domain/LDAP]
> >> id_provider = ldap
> >>
> >> ldap_uri = ldap://ldap.domain.tld
> >> ldap_search_base = dc=domain,dc=tld
> >>
> >> ldap_user_search_base = ou=People,dc=domain,dc=tld
> >> ldap_group_search_base =
> >> ou=server01,ou=smb,ou=Groups,dc=domain,dc=tld
> >>
> >> The sambaDomainName is stored in an entry in LDAP path
> >> ou=smb,dc=domain,dc=tld. Each server has it's own entry, but all
>...
2015 May 05
4
ldap host attribute is ignored
On 05/05/2015 06:47 PM, Gordon Messmer wrote:
> On 05/05/2015 03:02 AM, Ulrich Hiller wrote:
>> /etc/openldap/ldap.conf contains the line:
>> ------------------------------------------
>> pam_check_host_attr yes
>
> /etc/openldap/ldap.conf is the configuration file for openldap clients.
> It is not used for system authentication or name service.
>
>>
2016 Sep 03
0
Samba4 and sssd authentication not working due "Transport encryption required."
...isable_tls_never_use_in_production = true
> > > ldap_default_bind_dn = CN=ldapadmin,cn=Users,dc=xxx,dc=xxx
> > > ldap_default_authtok_type = password
> > > ldap_default_authtok = xxxxxxxx
> > >
> > > ldap_schema = rfc2307bis
> > >
> > > ldap_user_search_base = dc=xx,dc=xx
> > > ldap_user_object_class = user
> > > ldap_user_home_directory = unixHomeDirectory
> > > ldap_user_principal = userPrincipalName
> > > ldap_group_search_base = dc=xx,dc=xx
> > > ldap_group_object_class = group
> > > ldap_group_...