search for: mpia

...s[, 2]) > predict(temp, c(4,8000)) Error in predict.loess(temp, c(4, 8000)) : newdata does not contain the variables needed Thanks in advance for any clues. Coryn. --------------------------------------------------------------------------- Coryn Bailer-Jones calj at mpia-hd.mpg.de Max-Planck-Institut fuer Astronomie http://www.mpia-hd.mpg.de/homes/calj/ Koenigstuhl 17 tel: +49 6221 528-224 (direct) D-69117 Heidelberg +49 6221 528-0 (reception) Germany fax: +49 6221 528-246

On 05/05/2015 06:47 PM, Gordon Messmer wrote: > On 05/05/2015 03:02 AM, Ulrich Hiller wrote: >> /etc/openldap/ldap.conf contains the line: >> ------------------------------------------ >> pam_check_host_attr yes > > /etc/openldap/ldap.conf is the configuration file for openldap clients. > It is not used for system authentication or name service. > >>

...directory mask = 0770 [Work] comment = Work path = /usr/local/MPI/Mpiwork valid users = @mpiw read only = No create mask = 0770 directory mask = 0770 [Account] comment = Account path = /usr/local/MPI/Accounting valid users = @mpia read list = @mpia write list = Arlene, ibh read only = No create mask = 0770 directory mask = 0770 [Corp] comment = Corp path = /usr/local/MPI/Corporate valid users = @mpic write list = Alan read only = No crea...

>> But instead i get >> centos: sshd[7929]: pam_unix(sshd:session): session opened for user >> <username> > > "pam_unix" should be an indication that <username> appears in the local > unix password files. Make sure that it doesn't. Nope. None of the usernames i tried is in /etc/passwd or /etc/shadow > > What do /etc/pam.d/sshd and

Hi, On Tue, May 5, 2015 at 3:32 PM, Ulrich Hiller <hiller at mpia-hd.mpg.de> wrote: > Dear list members, > > i have installed a CentOS 7 x86_64 system. I want to let users > authenticate over our ldap server. This seems to be working. > ldap-username and ldap-passwords are accepted for the users configured > in the ldap server. No problem. &...

On May 8, 2015, at 11:14 AM, Ulrich Hiller <hiller at mpia-hd.mpg.de> wrote: > > /etc/pam.d/system-auth: > ----------------------- > #%PAM-1.0 > # This file is auto-generated. > # User changes will be destroyed the next time authconfig is run. > auth required pam_env.so > auth sufficient pam_unix.so nullok...

Dear list members, i have installed a CentOS 7 x86_64 system. I want to let users authenticate over our ldap server. This seems to be working. ldap-username and ldap-passwords are accepted for the users configured in the ldap server. No problem. Now i want to restrict the access to users who have my centos-machine in their ldap host attribute. My problem is, that this host attribute seems to be

Hello, running unhide ( unhide-20130526-1.el7.x86_64 ) on CentOS 7 i get sometimes messages like: Found HIDDEN PID: 30784 Cmdline: "<none>" Executable: "<no link>" "<none> ... maybe a transitory process" On a second unhide run immediately after it, the process seems to have vanished. Also, i do not see anything about it in /proc, and rkhunter

unfortunately i got a syntax error with this method "ldap_access_filter = host='HOSTNAME' " and sssd did not restart. i added the line ldap_user_authorized_host = host without success I have to admit that i do not have any idea where to look for the problem: - is it sssd? I have the version 1.12.2 - is it pam (something in /etc/pam.d) - is is ldap (etc/ldap.conf)? - is it

i thought this too. I think this: access_provider = ldap ldap_access_filter = memberOf=host=does-not-exist-host ldap_access_order = filter ldap_user_authorized_host = host must confuse sssd so much that it denies login. But the user without host attribute can still login. With kind regards, ulrich On 05/12/2015 09:23 PM, m.roth at 5-cent.us wrote: > Ulrich Hiller wrote: >>

yessterday we ha a public holiday here. Now i am bach. ;-) the uid is below 2000. If you want to know the real number: it is 1026. But when i set the 2000 to 1000: account sufficient pam_succeed_if.so uid < 1000 quiet i cannot login at all. "Permission denied" With kind regards, ulrich On 05/13/2015 06:36 PM, Gordon Messmer wrote: > On 05/12/2015 11:47 AM, Ulrich Hiller

that's intersting. "performing access check" is really missing. also the "sdap_access" lines are not there. Therefore i do have: (Tue May 12 13:16:20 2015) [sssd[be[default]]] [dp_get_options] (0x0400): Option ldap_access_filter has no value (Tue May 12 13:16:20 2015) [sssd[be[default]]] [dp_get_options] (0x0400): Option ldap_access_order has value host (Tue May 12

Hmmm...., i have made now a complete new install but the problem persists: ldap authentication works, but the host attribute is ignored. I have installed CentOS7 64bit with KDE. I did not do any 'yum update' or install of extra packages so far. these pam and ldap packages are installed: openldap-devel-2.4.39-6.el7.x86_64 openssh-ldap-6.6.1p1-11.el7.x86_64 openldap-2.4.39-6.el7.x86_64

Dear all, i have a problem with sssd in conjunction with ldap on a centos 7 x86_64 box. ldap works fine. I can login there as an usual user registred in ldap. I want now restrict the access with ldap's host attribute. This is beeing ignored. Still every ldap user can login, no matter what the host attribute says. I googled around and only found that sssd.conf need two lines: access_provider

> > After that you'll probably have to turn up logging in sssd and check its > logs to see what it's doing. i have set logging in sssd to 9: cache_credentials = true debug_level = 9 I first tried a user with the correct host attribute, then a user without the host attribute. The output in the logfiles are the same. Note: USER ist not a local user. Without correct ldap password

Thanks a lot for looking over the config. I am at the topic "user data is available" id <username> and getent passwd and ldapsearch -x -b "ou=XXX,o=YYY" uid=<username> give the correct results ldapsearch gives also the correct host attribute i have set in the ldap server. Regarding the manpage of sssd.conf the lines access_provider = ldap ldap_access_order =

Thanks a lot for the explanation. I have confused some things while crawling through the manuals. Now i have removed the 'ldap' from the /etc/nsswitch.conf. Now it looks like this: passwd: files sss shadow: files sss group: files sss hosts: files dns bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files rpc:

one more thing: firewalld service and selinux are deactivated. On 05/11/2015 07:06 PM, Ulrich Hiller wrote: > Hmmm...., i have made now a complete new install but the problem > persists: ldap authentication works, but the host attribute is ignored. > > I have installed CentOS7 64bit with KDE. > I did not do any 'yum update' or install of extra packages so far. > >