search for: netlogon_cached_account

...for [gaio] succeeded (requesting cctype: FILE) credentials were put in: FILE:/tmp/krb5cc_0 root at dane:~# smbcontrol winbind offline root at dane:~# wbinfo -K gaio Enter gaio's password: plaintext kerberos password authentication for [gaio] succeeded (requesting cctype: FILE) user_flgs: NETLOGON_CACHED_ACCOUNT credentials were put in: FILE:/tmp/krb5cc_0 root at dane:~# ssh gaio at localhost gaio at localhost's password: Warning: Your password will expire in 36 days on Tue Jun 27 18:19:27 2023 Warning: Your password will expire in 36 days on Tue Jun 27 18:19:27 2023 Welcome to Ubuntu 22.04.2 LT...

...tials were put in: > FILE:/tmp/krb5cc_0 > > ['smbcontrol winbind offline'] > root at vdmsv1:~# wbinfo -K LNFFVG\\gaio > Enter LNFFVG\gaio's password: > plaintext kerberos password authentication for [LNFFVG\gaio] > succeeded (requesting cctype: FILE) user_flgs: NETLOGON_CACHED_ACCOUNT > credentials were put in: FILE:/tmp/krb5cc_0 > > Goot. But still in 'smbcontrol winbind offline' i've done also a: > > root at vdmsv1:~# wbinfo -K gaio > Enter gaio's password: > plaintext kerberos password authentication for [gaio] succeeded > (reque...

...type: FILE) > credentials were put in: FILE:/tmp/krb5cc_0 > root at dane:~# smbcontrol winbind offline > root at dane:~# wbinfo -K gaio > Enter gaio's password: > plaintext kerberos password authentication for [gaio] succeeded (requesting cctype: FILE) > user_flgs: NETLOGON_CACHED_ACCOUNT > credentials were put in: FILE:/tmp/krb5cc_0 > root at dane:~# ssh gaio at localhost > gaio at localhost's password: > Warning: Your password will expire in 36 days on Tue Jun 27 18:19:27 2023 > Warning: Your password will expire in 36 days on Tue Jun 27 18:19:27 2023...

On 19/05/2023 12:02, Marco Gaiarin via samba wrote: > > I'm trying to enable offline auth in a Ubuntu 22.04 box, following: > > https://wiki.samba.org/index.php/PAM_Offline_Authentication > > using standard ubuntu samba package (4.15.13+dfsg-0ubuntu1.1). > I've enabled workaround 'lock directory = /var/cache/samba'. I would undo that, it appears to be

I'm using samba 4.5 on a debian jessie (Louis packages). Rarely it happen that a power outgage tear down all the stuff, here. I've noticed that if the DM start before the DC, clearly all account data are inaccessible. To prevent or minimize that, the ''offline mode'' of winbind can be safely used also on DM servers? Or is tailoread against roaming client (portables,

...rids : NULL user_flags : 0x00000000 (0) 0: NETLOGON_GUEST 0: NETLOGON_NOENCRYPTION 0: NETLOGON_CACHED_ACCOUNT 0: NETLOGON_USED_LM_PASSWORD 0: NETLOGON_EXTRA_SIDS 0: NETLOGON_SUBAUTH_SESSION_KEY 0: NETLOGON_SERVER_TRUST_ACCOUNT...

...find the logon server. When disconnected and booted cold off the network, logon reports no logon server. Testing with wbinfo -K while offline: wbinfo -K bry47927 Enter bry47927's password: plaintext kerberos password authentication for [bry47927] succeeded (requesting cctype: FILE) user_flgs: NETLOGON_CACHED_ACCOUNT no credentials cached Not sure why this works but regular logon does not. Samba config: This configuration works fine connected to the LAN. But, having to digest more than a year's worth of changes and updates I'm not sure if the idmap settings are really correct. [global] workgro...

On Mon, 28 Jan 2019 12:52:45 +0100 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > Mandi! Rowland Penny via samba > In chel di` si favelave... > > > > Strictly speaking, why winbind cache ''PAM'' data and not ''NSS'' > > > one (seems to me)? > > The problem is (for myself anyway), I do not understand the >

...(requesting cctype: FILE) credentials were put in: FILE:/tmp/krb5cc_0 ['smbcontrol winbind offline'] root at vdmsv1:~# wbinfo -K LNFFVG\\gaio Enter LNFFVG\gaio's password: plaintext kerberos password authentication for [LNFFVG\gaio] succeeded (requesting cctype: FILE) user_flgs: NETLOGON_CACHED_ACCOUNT credentials were put in: FILE:/tmp/krb5cc_0 Goot. But still in 'smbcontrol winbind offline' i've done also a: root at vdmsv1:~# wbinfo -K gaio Enter gaio's password: plaintext kerberos password authentication for [gaio] succeeded (requesting cctype: FILE) credentials were pu...

...als were put in: FILE:/tmp/krb5cc_0 > > ['smbcontrol winbind offline'] > root at vdmsv1:~# wbinfo -K LNFFVG\\gaio > Enter LNFFVG\gaio's password: > plaintext kerberos password authentication for [LNFFVG\gaio] > succeeded (requesting cctype: FILE) > user_flgs: NETLOGON_CACHED_ACCOUNT > credentials were put in: FILE:/tmp/krb5cc_0 > > Goot. But still in 'smbcontrol winbind offline' i've done also a: > > root at vdmsv1:~# wbinfo -K gaio > Enter gaio's password: > plaintext kerberos password authentication for [gaio] > succeeded (requ...

...9; becomes 'gaio', or to > put it another > > way, you do not need to use the domain name with 'getent passwd' etc > > I know that. I've simply maked a note about the fact that 'wbinfo -K > LNFFVG\\gaio' print the offline flags: > > user_flgs: NETLOGON_CACHED_ACCOUNT > > while 'wbinfo -K gaio' no. > > > (but both auth correctly my user, also with 'smbcontrol > winbind offline'). > > -- > dott. Marco Gaiarin GNUPG > Key ID: 240A3D66 > Associazione ``La Nostra Famiglia'' > h...

...??~???smbcontrol winbind onlinestatus PID 292952: global:Offline BUILTIN:Online SAN:Online MYDOM:Offline ???san???root???~???wbinfo -K MYDOM\\testuser Enter MYDOM\testuser's password: plaintext kerberos password authentication for [MYDOM\testuser] succeeded (requesting cctype: FILE) user_flgs: NETLOGON_CACHED_ACCOUNT credentials were put in: FILE:/tmp/krb5cc_0 ???san???root???~???ntlm_auth --request-nt-key --domain=MYDOM --username=testuser --password=xxxxxxxx --offline-logon NT_STATUS_OK: The operation completed successfully. (0x0) ???ghost?? root ??~???smbclient //san/bck -UMYDOM\\testuser Enter MYDOM\testu...

...amba4AD. When I try to authenticate using winbind, it works as expected : 16:52:11-root at hq-networkserv@- /var/log/samba: wbinfo -K COMPANY\\super-user%superpassword plaintext kerberos password authentication for [COMPANY\super-user%superpassword] succeeded (requesting cctype: FILE) user_flgs: NETLOGON_CACHED_ACCOUNT credentials were put in: FILE:/tmp/krb5cc_0 On the other hand, if I try with ntlm_auth using the following options, it fails : 16:52:35-root at hq-networkserv@- /var/log/samba: ntlm_auth --use-cached-creds --username=super-user --password=superpassword --domain= COMPANY NT_STATUS_NO_LOGON_SERVER...

...esting cctype: FILE) credentials were put in: FILE:/tmp/krb5cc_0 root at vdmsv2:~# smbcontrol winbind offline root at vdmsv2:~# wbinfo -K LNFFVG\\gaio Enter LNFFVG\gaio's password: plaintext kerberos password authentication for [LNFFVG\gaio] succeeded (requesting cctype: FILE) user_flgs: NETLOGON_CACHED_ACCOUNT credentials were put in: FILE:/tmp/krb5cc_0 a simple 'getent' seems to work: root at vdmsv2:~# getent passwd LNFFVG\\gaio; smbcontrol winbind offline; sleep 65; getent passwd LNFFVG\\gaio; smbcontrol winbind online gaio:*:10000:10513:Marco Gaiarin:/home/gaio:/bin/bash gaio:*:10000:105...

...FILE:/tmp/krb5cc_0* *root at cd2bd668e00c7:~# smbcontrol winbind offline* *root at cd2bd668e00c7:~# wbinfo -K EXAMPLE.CORP\\faiuser* *Enter EXAMPLE.CORP\faiuser's password: * *plaintext kerberos password authentication for [EXAMPLE.CORP\faiuser] succeeded (requesting cctype: FILE)* *user_flgs: NETLOGON_CACHED_ACCOUNT* *credentials were put in: FILE:/tmp/krb5cc_0* *root at cd2bd668e00c7:~# ping -c1 EXAMPLE.CORP* *PING EXAMPLE.CORP (192.168.33.251) 56(84) bytes of data.* *64 bytes from location-000001.example.corp (192.168.33.251): icmp_seq=1 ttl=64 time=0.122 ms* *--- EXAMPLE.CORP ping statistics ---* *1 packets...

...redentials were put in: > FILE:/tmp/krb5cc_0 root at vdmsv2:~# smbcontrol winbind offline > root at vdmsv2:~# wbinfo -K LNFFVG\\gaio > Enter LNFFVG\gaio's password: > plaintext kerberos password authentication for [LNFFVG\gaio] > succeeded (requesting cctype: FILE) user_flgs: NETLOGON_CACHED_ACCOUNT > credentials were put in: FILE:/tmp/krb5cc_0 > > a simple 'getent' seems to work: > > root at vdmsv2:~# getent passwd LNFFVG\\gaio; smbcontrol winbind > offline; sleep 65; getent passwd LNFFVG\\gaio; smbcontrol winbind > online gaio:*:10000:10513:Marco Gaiarin:/hom...

...t at cd2bd668e00c7:~# smbcontrol winbind offline* > *root at cd2bd668e00c7:~# wbinfo -K EXAMPLE.CORP\\faiuser* > *Enter EXAMPLE.CORP\faiuser's password: * > *plaintext kerberos password authentication for [EXAMPLE.CORP\faiuser] > succeeded (requesting cctype: FILE)* > *user_flgs: NETLOGON_CACHED_ACCOUNT* > *credentials were put in: FILE:/tmp/krb5cc_0* > *root at cd2bd668e00c7:~# ping -c1 EXAMPLE.CORP* > *PING EXAMPLE.CORP (192.168.33.251) 56(84) bytes of data.* > *64 bytes from location-000001.example.corp (192.168.33.251): icmp_seq=1 > ttl=64 time=0.122 ms* > *--- EXAMPLE.CORP p...