search for: linuxadmin

...gt; Hi, > > I have a Debian Stretch system running a self-compiled version 4.7.3 > > of Samba. Having followed the Samba WiKi to allow AD users to log > > onto the servers using PAM authentication, I now want to restrict > > access to specified group(s). So I created a linuxadmins group and > > made some test users members of the group. > > > > Initially I tried to restrict access by > > modifying /etc/security/access.conf and adding a file > > to /usr/share/pam-configs containing Auth: required pam_access.so. > > This works OK for normal...

Hi, I have a Debian Stretch system running a self-compiled version 4.7.3 of Samba. Having followed the Samba WiKi to allow AD users to log onto the servers using PAM authentication, I now want to restrict access to specified group(s). So I created a linuxadmins group and made some test users members of the group. Initially I tried to restrict access by modifying /etc/security/access.conf and adding a file to /usr/share/pam-configs containing Auth: required pam_access.so. This works OK for normal users, including AD users, but I cannot get it to work f...

Wed, 15 Jul 2020 16:18:32 +0100 Rowland penny via samba <samba at lists.samba.org>: > On 15/07/2020 16:10, RhineDevil wrote: > > Wed, 15 Jul 2020 16:07:06 +0100 Rowland penny via samba <samba at lists.samba.org>: > >> On 15/07/2020 15:44, RhineDevil wrote: > >>> Wed, 15 Jul 2020 15:23:41 +0100 Rowland penny via samba <samba at lists.samba.org>: >

...t; I have a Debian Stretch system running a self-compiled version 4.7.3 > > > of Samba. Having followed the Samba WiKi to allow AD users to log > > > onto the servers using PAM authentication, I now want to restrict > > > access to specified group(s). So I created a linuxadmins group and > > > made some test users members of the group. > > > > > > Initially I tried to restrict access by > > > modifying /etc/security/access.conf and adding a file > > > to /usr/share/pam-configs containing Auth: required pam_access.so. > &gt...

...this user is subscribed to ALL public folders even though a dovecot ACL prevents all access. I'm pretty sure access is still denied. I was able to reproduce this with a guest account I added: l lsub "" "#shared/decs/%" * LSUB (\Noselect) "/" "#shared/decs/linuxadmin" * LSUB (\Noselect) "/" "#shared/decs/jbossadmin" * LSUB () "/" "#shared/decs/support" * LSUB () "/" "#shared/decs/receipts" * LSUB (\Noselect) "/" "#shared/decs/pcadmin" * LSUB () "/" "#shared/decs/...

...ba.org> wrote: > Hi, > I have a Debian Stretch system running a self-compiled version 4.7.3 > of Samba. Having followed the Samba WiKi to allow AD users to log > onto the servers using PAM authentication, I now want to restrict > access to specified group(s). So I created a linuxadmins group and > made some test users members of the group. > > Initially I tried to restrict access by > modifying /etc/security/access.conf and adding a file > to /usr/share/pam-configs containing Auth: required pam_access.so. > This works OK for normal users, including AD users, b...

...;require_membership_of' line to the winbind auth line in > > > PAM. > > > Rowland > > Thanks Rowland, that did the trick and is the simplest solution. > > > > Found that only one \ was required to separate the domain part from the group name part - ie DOMAIN\linuxadmins rather than > > DOMAIN\\linuxadmins. (the man page for pam_winbind.conf suggests two \\ are needed) > > Just one thing on that. Remember that this is not checked by SSH for > authorized_keys based logins, it is run on the password checking path > only. As long as they can...

Hello, I've a member server that is working fine as shared folder server (all shares works and it permissions). My problem is that when I add the nsswitch winbind entries then the server uses the DC to authenticate even when I use ssh, so if Samba DC server fails I have problems to login into the member server. My nsswitch: passwd: compat winbind group: compat winbind

...nd auth > > > > line in PAM. > > > > > Rowland > > > Thanks Rowland, that did the trick and is the simplest solution. > > > > > > Found that only one \ was required to separate the domain part > > > from the group name part - ie DOMAIN\linuxadmins rather than > > > DOMAIN\\linuxadmins. (the man page for pam_winbind.conf > > > suggests two \\ are needed) > > > > Just one thing on that. Remember that this is not checked by SSH > > for authorized_keys based logins, it is run on the password > > che...

Hi guys, i use xen3.2. how can i manually create the xenbr0 ? which parameters have i to choose for brctl ? thanks, -- Viele Grüße Dominique Holger Schramm | Linux Administrator http://schwarz-weiss.cc/ | Life between PuTTy and reality http://ihr-linuxadmin.eu/ | Commercial Admin Service _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users

Several different PAM modules relating to Samba exist. The ones I could find were as follows: pam_smb http://www.csn.ul.ie/~airlied/pam_smb/ Authenticates against an NT domain controller, without joining the domain. (Doesn't work with Active Directory.) pam_ntdom http://www.cb1.com/~lkcl/pam-ntdom/ Based on the above, authenticates against an NT domain. Requires the client to be added to

Hi. I''m a beginner, but I have a basic puppet setup working. I am doing a manual tarball installation and it seems to be hanging then eventually timing out on just downloading the file: file { "/opt/hadoop-0.20.0.tar.gz": source => "puppet:///hadoop020/hadoop-0.20.0.tar.gz" } I have another module that does the same things and works, my only guess

I am trying to log to a file instead of syslog, but when I set "puppetdlog = /var/log/puppetd.log", it still logs to syslog. If also set "syslogfacility =", it doesn''t log anywhere. Does this work for anyone else? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to

Hi, I found the zypper provider mentioned on this list in another thread, but it failes with the flowing error : Package[kvm]/ensure: change from 0.11.0-4.5.2 to true failed: Could not update: undefined method `zypper'' for #<Puppet::Type::Package::ProviderZypper:0x7fd1acf9e360> at Is the latest provider broken? Is there interest in making this work / making it complete. I

...dc password replication group DEMLAND\read-only domain controllers DEMLAND\enterprise read-only domain controllers DEMLAND\dnsadmins DEMLAND\dnsupdateproxy DEMLAND\sqlservermssqlserveradhelperuser$server2008 DEMLAND\sqlserver2005sqlbrowseruser$server2008 DEMLAND\copsshuser DEMLAND\vpn users DEMLAND\linuxadmins Yet I cannot access the shared folder on my Linux system. The smbclinet does: root at ubuntu-server:/home/daved/AddToDCScripts# smbclient /192.168.42.163/home/public -U daved Enter daved's password: Connection to 92.168.42.163 failed (Error NT_STATUS_IO_TIMEOUT) When I try to access the sha...

So, I''ve been doing something like this for applications that have a client and server component... node base_node { include syslog_ng::client }} node app_node inherits base_node { } node syslog_server inherits base_node { include syslog_ng::server } ... because I want the client portion, syslog-ng in this case to be installed on everything. However, the server node also has a

I think MJ is using samba with AD backend and Rowland RID. Rowland, try AD backend if your using rid atm. Gr. Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens mj via samba > Verzonden: woensdag 11 oktober 2017 13:25 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] Using GPO to mount shares on Linux > > >

...d anything that looks consistent, except maybe identity monitoring for financial data. (EG: Target breach) We host a significant amount of educational data, but no financial information. How would we even respond to this question? I've also posted this question at https://www.reddit.com/r/linuxadmin/comments/42mi1r/what_to_do_when_youve_been_hacked/ Thanks, Ben

Hi, Taking this to a new thread. Thoughts on getting a new list started up ? Should it be centos-sysadmin or centos-infra ? Are we going to then restrict it to admin/infra related chatter ? in which case, does the eyeball density on this list reduce for that sort of content ? How about the politics and news stuff that gets posted to this list. And how would those things be addressed with

...-) I follow this as guidance: 1 server ( all in one ) use RID, easy to setup etc, but .. If you go to ... Or have plans to.. 2 servers ( DC + a member ) use backend RID if you dont need access with a windows account to a shared home folder. ( cifs or nfs ) you use a dedicated local "linuxAdmin" for maintanace. ( often the first created user in linux ) use backend AD if you do need access with ssh for example or shared homefolders. 3 server or more, all server where ssh or access to a server with a shared folder is needed, use backend AD. adviced is all servers with file shares....