search for: mapusers

Displaying 20 results from an estimated 23 matches for "mapusers".

Did you mean: imapusers
2016 Feb 22
6
Kerberos Principal
Hi all, I’m looking to add in a kerberos principal on my server for the AD domain. I see there are ways to do this for user(s), but I don’t see how to add a principal for hosts. In general, I’ld like to add something like the following to me 4.3.4 Domain: ktpass -princ afpserver/fqdn at REALM -mapuser mapuser at domain +rndPass -out afpserver.keytab This is for a netatalk server. I’ve never
2005 Dec 24
2
3.0.20 usermap script execution
I have created a mapusers.bash script (listed below) for mapping Active Directory handles to unix logins. This script is currently working as documented. I would like some insight into how and when this script gets called. I assumed that upon establishing each samba connection, after the active directory handle gets auth...
2016 Feb 23
0
Kerberos Principal
You mean something like : Create a user for a service. samba-tool user create squid-proxy --description="Unprivileged user for SQUID-Proxy Services" --random-password Disable password expiry. samba-tool user setexpiry squid-proxy --noexpiry setting HTTP SPN on the proxy user (proxy1) samba-tool spn add HTTP/proxy1.internal.domain.tld squid-proxy samba-tool spn add
2009 May 06
0
Kerberos tickets problem
I'm setting up a Solaris 10 server as a test samba server with AD authentication. I'm running into a little bit of issue with Kerberos tickets. The setup is as follows Solaris-10, Windows AD-2003/R2, native Solaris (sparc) samba, Kerberos, LDAP (shipped with the distro) and IMU on windows. My LDAP client is working good and validates getent passwd <user> and can run ldaplist -l
2016 Jun 27
3
Looking for GSSAPI config [was: Looking for NTLM config example]
Hi, On 27-06-2016 08:58, Mark Foley wrote: > So, I'm apparently lacking in the kerberos stuff. Here's the problem -- Samba4 uses Heimdal > Kerberos and when I provisioned my domain apparently none of these needed kerberos files were > set up. I can, however, kerberos authenticate from domain workstations both WIN7 and Linux. You don't need any Samba4 stuff, to get it
2017 Jan 20
3
how to run ktpass with a Samba AD DC?
I was trying to get authentication via kerberos working but I'm having trouble trying to run ktpass as in step 6 here http://robertan.com/home/2015/01/14/kerberos-auth-with-apachephp/ ktpass -princ HTTP/contoso.com at CONTOSO.COM -mapuser CONTOSO\&lt;USERNAME&gt; -crypto all -ptype KRB5_NT_PRINCIPAL -pass &lt;PASSWORD&gt; -out webpage.HTTP.keytab I'm not sure of the
2016 Nov 17
2
Clients can't write to group-writable files - plea for help
> From my understanding you seem to have Mac and Windows clients and are > using the Samba machine as a fileserver. If the windows machines are > joined to a domain, then you will probably be better off joining the > Samba machine to the domain, this way you will not need the user map. > > It might help if you could explain your setup, if it is different > from the above and
2002 Oct 31
2
Re: Samba PDC and Kerberos(MIT or SEAM in Uinx, without microsoft ADS)
Hi, Andrew, Thank you very much for your answer. Now our case is as below: 1, our client machine is the windows 2000 2, We want our Kerberos run in the Unix box. 3, We also want the samba as PDC for all windows user and machine. 4, We want integrate the Kerberos Authentication with samba authentication. So in this situation, can we get the kerberos login from the windows
2009 May 04
2
bad encryption type in AD domain authentication
Hello, I'm trying to access a samba share using an ADS user credentials. I always get an error, and the debug traces (log level = 5) are giving me the output in the follow. I have searched the samba ML archives, and I have found the thread http://lists.samba.org/archive/samba/2004-April/084545.html but, before asking the system admin to apply the eventual KB fixes, I would like to know if the
2004 Mar 16
3
samba 3, ADS, kerberos, keytab problem - Additional pre-authentication required
Hello List, I am (unsuccessfully) trying to automatically get a valid kerberos ticket for my linux box. I have - in a test environment: - a windows 2000 server with Active directory and DNS properly set up. - a suse linux 9.0 router with samba3.0.2.rc.1 and heimdal 0.6.-67. - I am able to join the domain and get a valid ticket through kinit, if I enter the Administrator's password or the
2016 Nov 18
0
Clients can't write to group-writable files - plea for help
...ys like this; only recently did I implement this with a nightly script that copies the id numbers into AD). The smb.conf I posted is the one which exhibits the problem with group-writable files. By commenting the username map and uncommenting the username map script, the problem goes away. The mapusers.sh script just echos $1. The usermap.cfg map file is empty. I've also tried removing that config line entirely - problem remains. The share I used for testing is: [www.nrao.edu] comment = www.nrao.edu Web Content path = /home/www.nrao.edu public = no writ...
2011 Mar 10
1
Dove cot+Kerberos
Hi All. I have a problem with authorization users AD via kerberos in Dovecot&Postfix. Windows SRV 2008 Standart - AD mail server: Gentoo + cyrus-sasl + postfix + dovecot with support ldap&kerberos. I am created a 4 keytabs on Windows box. C:\Users\Admin>ktpass -princ host/srv-mail.cn.energy at CN.ENERGY -mapuser ldapmail at CN.ENERGY -pass "superpasswd" -crypto RC4-HMAC-NT
2005 Aug 11
0
kerberos_kinit_password host/SUNDEV@LEXI.COM.MX failed: Client not found in Kerberos database
I'm using Solaris 8, samba 3, kerberos and openldap. I'm anexing: log.smbd, smb.conf, krb5.conf, nsswitch.conf and the ktpass command in AD. Somebody can help me? I get this output in log.smbd: ----------------------------------- [2005/08/11 12:41:45, 0] smbd/server.c:main(802) smbd version 3.0.20rc1 started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2005/08/11
2005 Aug 27
1
Samba works!: Samba, Kerberos, Win2K Active Directory authentication
After some days, here is my personal cookbook for Samba in Solaris. I needed to share a folder in my Solaris server, but using my Windows Active Directory Account. Here are my proccess, if it can help to anyone or if anyone can make corrections or suggestions. Thx. Personal Cookbook for Samba. Objective: To enable a Unix server for share folders for Microsoft Windows machines with
2002 Nov 01
0
Re: Samba PDC and Kerberos(MIT or SEAM in Uinx, without microsoft ADS)
Hi, Thank you very much for you reply. Some people think storing the sensitive information in the LDAP is not very secure.They think the sensitive information and the public information should be stored in seperate place.So we want the samba PDC authentication can integrete the Kerberos authentication directly. John ---- Original Message ---- From: Yura Pismerov Date: Thu 10/31/02 18:39
2016 Nov 18
2
Clients can't write to group-writable files - plea for help
...ntly did I implement this with a nightly script that copies > the id numbers into AD). > > The smb.conf I posted is the one which exhibits the problem with > group-writable files. By commenting the username map and uncommenting > the username map script, the problem goes away. The mapusers.sh > script just echos $1. The usermap.cfg map file is empty. I've also > tried removing that config line entirely - problem remains. > > The share I used for testing is: > > [www.nrao.edu] > comment = www.nrao.edu Web Content > path = /home/www.nrao....
2002 Nov 01
0
Re: Samba PDC and Kerberos(MIT or SEAM in Uinx, without microsoft ADS)
A few more questions and comments... related to this topic If Kerberos is the back-end to LDAP.. there is no need to synchronize or store a password in the LDAP tree.. just the principal for the user in the userpassword attribute: userpassword = {kerberos}name@domain in the smb.conf file do I need stuff like this? Unix password sync = yes passwd program =
2008 Oct 13
1
heimdal/AD documentation
as i promise last week, a incomplete documentation about configuring a trust beetween a heimdal kdc and a windows AD domain really sorry for non-french speakers of course, i'm very interresting in any feedback... Pascal configuration - le realm Kerberos est DEMO.LOCAL - le realm du domaine AD est ad.demo.local La configuration du KDC lui m?me ne pr?sente pas de difficult?
2002 Nov 01
0
Re: Samba PDC and Kerberos(MIT or SEAM in Uinx,without microsoft ADS)
Jonathan Higgins wrote: > > A few more questions and comments... related to this topic > > If Kerberos is the back-end to LDAP.. there is no need to synchronize or store a >password in the LDAP tree.. just the principal for the user in the userpassword >attribute: userpassword = {kerberos}name@domain That is correct. I did not mean sync between Kerberos and LDAP, I mean sync
2007 Feb 14
2
Solaris 10 and "store dos attributes"
I'm having trouble with files being marked read-only in Windows because the Solaris file owner does not have write-permissions on the file; group-write is allowed: -r--rw---- 1 user group 32 Feb 13 14:19 testfile.txt I thought that setting "store dos attributes = yes" for this share would allow the "read only" setting to be stored in extended attributes, but it