search for: mfoley

...oplocks = false log file = /var/log/samba.clients max log size = 50 socket options = TCP_NODELAY local master = no domain master = no preferred master = yes dns proxy = no ;[homes] ; comment = Home Directory on quadmon ; browseable = yes ; writable = yes ; create mask = 0660 [mfoley] comment = Home Directory on quadmon path = /home/mfoley valid users = mfoley browseable = yes writable = yes create mask = 0660 The Windows host can ping and ssh to the Linux by hostname quadmon. When trying to map to \\quadmon\homes on Windows I get, "Windows cannot acces...

...of curiosity and apologies if this has been answered before, but why Slack and not Debian when general consensus is Debian is great for Samba ? Building a Samba AD on Debian is painless and takes 20m from start to finish. Anyway, glad you sort it. LP. On 11 Feb 2024 at 05:11 +0100, Mark Foley <mfoley at novatec-inc.com>, wrote: > > YAAAAAAAY! Finally! I have my Windows domain members syncing with the DC!!!

with passdb ldap i guess. ---Aki TuomiDovecot oy -------- Original message --------From: Mark Foley <mfoley at ohprs.org> Date: 03/12/2017 21:18 (GMT+02:00) To: dovecot at dovecot.org Subject: Re: Howto authenticate smartPhone via Active Directory Yes, you are right. This link: https://www.redips.net/linux/android-email-postfix-auth/#section2 shows: passdb pam { } used for authenticating Android....

...es > ; writable = yes > ; create mask = 0660 Try it like this: [homes] comment = Home Directories browseable = no read only = no create mask = 0700 directory mask = 0700 valid users = %S Then (after reloading the config or restarting smbd) see if you can connect to the 'mfoley' share. > > [mfoley] > comment = Home Directory on quadmon > path = /home/mfoley > valid users = mfoley > browseable = yes > writable = yes > create mask = 0660 > > The Windows host can ping and ssh to the Linux by hostname quadmon. > When t...

...ber. I can successfully do `wbinfo -u` and `getent passwd userID`. But, when I try to log I get: $ su - mark Password: su: Authentication failure In my /var/log/secure I have: Sep 8 22:59:34 labrat su[1396]: Authentication failed for mark Sep 8 22:59:34 labrat su[1396]: FAILED su for mark by mfoley Sep 8 22:59:34 labrat su[1396]: - /dev/pts/0 mfoley:mark I'm suspecting PAM. The Slackware PAM did not ship with a /etc/pam.d directory so I used the one from the wiki website. That one did pass all the `make check` tests in the pam build folder. What can I do to get more information on fi...

...m sure this is solvable! > > --Mark > > -----Original Message----- >> Date: Wed, 29 Jun 2016 08:03:14 -0400 >> Subject: Re: Looking for GSSAPI config [was: Looking for NTLM config example] >> From: brendan kearney <bpk678 at gmail.com> >> To: Mark Foley <mfoley at ohprs.org> >> Cc: dovecot at dovecot.org >> >> The last log line shows "user=<>". This indicates no credentials were >> presented. If the rip field matches the client ip you tested from, I would >> bet the appropriate kerberos ticket (imap/host....

> On 16 Sep 2015, at 19:10, Mark Foley <mfoley at ohprs.org> wrote: > > Does the Dovecot NTLM mechanism work with MS Outlook? > > [ ] YES > [ ] NO > > Please check one ... anybody. > > ?Mark The URL on the wiki, which had probably been shared before with you; http://wiki2.dovecot.org/HowTo/ActiveDirectoryNt...

...mechanisms = plain login gssapi > > THX, --Mark > > --Mark > > -----Original Message----- > Date: Sun, 03 Dec 2017 22:28:53 +0200 > Subject: Re: Howto authenticate smartPhone via Active Directory > From: Aki Tuomi <aki.tuomi at dovecot.fi> > To: Mark Foley <mfoley at ohprs.org>, dovecot at dovecot.org > > with passdb ldap i guess. > > ---Aki Tuomi > Dovecot oy > > -------- Original message -------- > From: Mark Foley <mfoley at ohprs.org> > Date: 03/12/2017 21:18 (GMT+02:00) > To: dovecot at dovecot.org > Subjec...

...499 Email: mueller at tropenklinik.de www.tropenklinik.de www.bauen-sie-mit.tropenklinik.de -----Ursprüngliche Nachricht----- Von: Mark Foley [mailto:mfoley at ohprs.org] Gesendet: Donnerstag, 30. Juni 2016 10:45 An: samba at lists.samba.org Betreff: Re: [Samba] Where is krb5.keytab or equivalent? To revisit my problem: I have Dovecot running on the same host as Samba4 AD/DC. I've set Thunderbird to authenticate with GSSAPI on a domain workstatio...

...shadow and gssapi fail? My mechanisms are: auth_mechanisms = plain login gssapi THX, --Mark --Mark -----Original Message----- Date: Sun, 03 Dec 2017 22:28:53 +0200 Subject: Re: Howto authenticate smartPhone via Active Directory From: Aki Tuomi <aki.tuomi at dovecot.fi> To: Mark Foley <mfoley at ohprs.org>, dovecot at dovecot.org with passdb ldap i guess. ---Aki Tuomi Dovecot oy -------- Original message -------- From: Mark Foley <mfoley at ohprs.org> Date: 03/12/2017 21:18 (GMT+02:00) To: dovecot at dovecot.org Subject: Re: Howto authenticate smartPhone via Active Dire...

..."user=<>". This indicates no credentials were presented. If the rip field matches the client ip you tested from, I would bet the appropriate kerberos ticket (imap/host.domain.tld at REALM) was not pulled for the authentication. On Jun 28, 2016 11:33 PM, "Mark Foley" <mfoley at ohprs.org> wrote: > Aki - partial success! I rebuilt my dovecot with ./config --with-gssapi, > and restarted. Now I > don't get that "Unknown authentication mechanism 'gssapi'" message in > maillog, and mail is > delivered successfully to the other domain...

...th_mechanisms = plain login gssapi > > THX, --Mark > > --Mark > > -----Original Message----- > Date: Sun, 03 Dec 2017 22:28:53 +0200 > Subject: Re: Howto authenticate smartPhone via Active Directory > From: Aki Tuomi <aki.tuomi at dovecot.fi> > To: Mark Foley <mfoley at ohprs.org>, dovecot at dovecot.org > > with passdb ldap i guess. > > ---Aki Tuomi > Dovecot oy > > -------- Original message -------- > From: Mark Foley <mfoley at ohprs.org> > Date: 03/12/2017 21:18 (GMT+02:00) > To: dovecot at dovecot.org > Subjec...

I am running Dovecot 2.2.15 on Linux Slackware 14.1 and Samba 4.1.17 as the Active Directory/Domain Controller on the same host as Dovecot. Sendmail/procmail delivers mail to users' $HOME/Maildir. MS Outlook/IMAP is the client MTU used to connect with Dovecot to read mail on the Users' WIN7 workstations. I believe I have confirmed that MS Outlook will either ... 1) send the userid and

...sentials does not support Exchange. What are all the SBS/Exchange/Outlook small businesses doing? Limping along with SBS2008/11, or putting their email in Outlook.com? Seems like the Samba4/dovecot/Outlook combo would be an ideal migration. I appreciate your help. > > Quoting Mark Foley <mfoley at ohprs.org>: > > > More info ... > > > > My dovecot error log shows: > > > > Sep 05 16:45:19 auth: Debug: client in: AUTH? ? 1? ? ? ?NTLM? ? > > service=imap > > Sep 05 16:45:19 auth: Debug: client passdb out: OK? ? ? 1? ? ? > > ?user=mark at...

...lookup The failed ntlm look-up is looking up user mark at hprs in shadow, which it doesn't find. Is there a way to strip the "@hprs" bit from the user so it can find the correct entry in /etc/shadow? That might fix the problem. --Mark -----Original Message----- From: Mark Foley <mfoley at ohprs.org> Date: Sat, 05 Sep 2015 17:12:50 -0400 To: dovecot at dovecot.org Subject: Re: How to "Windows Authenticate" Rick et al, The link you gave was a start, but is targeted for Samba3 and is assuming a probably Windows [SBS]Server AD/DC separate from the DC hosting dovecot, a...

...ame behaviour. >> >> I have a share (\\samba\it_share)) and some users when creating files have >> the UID as 3000000 and some have their correct UIDs. >> Share permissons are being controlled by Windows ACLs. >> >> On Wed, Aug 19, 2015 at 1:58 PM, Mark Foley <mfoley at novatec-inc.com> wrote: >> >>> More information, >>> >>> It appears I've had this issue since installing Samba 4.1.0 about 6 months >>> ago. >>> When I add a domain user, the DC resisdent redirected folder gets >>> synchronized &...

...n Dovecot.? If it doesn't 'just work' with the config changes in the wiki, you may need to recompile with the right features. Also - check the permissions of the ntlm_auth program. That's caused many issues with Radius installs, IIRC. Hope that helps! Rick Quoting Mark Foley <mfoley at ohprs.org>: > This can't be that hard. I think I've enabled LDAP in Dovecot just by > including > dovecot-ldap.conf.ext in 10-auth.conf and using the default settings. I > now have > the configuration shown below. Two questions: > > 1. How do I set Outlook to aut...

...ticed that my fresh install of Samba 4.2.3 has the same behaviour. I have a share (\\samba\it_share)) and some users when creating files have the UID as 3000000 and some have their correct UIDs. Share permissons are being controlled by Windows ACLs. On Wed, Aug 19, 2015 at 1:58 PM, Mark Foley <mfoley at novatec-inc.com> wrote: > More information, > > It appears I've had this issue since installing Samba 4.1.0 about 6 months > ago. > When I add a domain user, the DC resisdent redirected folder gets > synchronized > with the user's desktop with the correct UID. &g...

I have successfully joined my Linux/Ubuntu workstation to the Samaba AD/DC domain thanks to help from Rowland Penny. Now I face an interesting problem ... Domain users cannot change their password. Domain users can successfully login to the Linux workstation using their domain credentials, but when the user tries to change the password using "Passwords and Keys" from the desktop

...me users when >>> creating files have >>>>> the UID as 3000000 and some have their correct UIDs. >>>>> Share permissons are being controlled by Windows ACLs. >>>>> >>>>> On Wed, Aug 19, 2015 at 1:58 PM, Mark Foley >>> <mfoley at novatec-inc.com> wrote: >>>>>> More information, >>>>>> >>>>>> It appears I've had this issue since installing Samba >>> 4.1.0 about 6 months >>>>>> ago. >>>>>> When I add a domain user, the...