Displaying 20 results from an estimated 328 matches for "nslcd".
Did you mean:
nscd
2013 Oct 26
2
lost with AD auth
...like that the local services (let's say only dovecot and
postfix) can query AD to authentifiate users.
All services are running on the Ubuntu server (samba AD/DC), no other
linux box for now.
1 Windows VM has been setup on server to make AD tasks using
Administrator account.
Trying to use nslcd + kerberos :
created a user in AD:
samba-tool user add ldap My_secret_password
samba-tool user setexpiry ldap --noexpiry
created spn and exported keytab:
samba-tool spn add nslcd/serveur.radiodjiido.nc ldap
samba-tool domain exportkeytab /etc/krb5.nslcd.keytab --principal=ldap
chown nslcd:root /e...
2012 Jan 11
6
Samba 4 kerberos and kinit
Hi
After starting Samba 4, before anyone can do anything, Administrator has
to do a kinit to get a new ticket. This creates a cache /tmp/krb5cc_0
with an expiry time.
I've created a host principal and put it into the keytab:
samba-tool spn add host someuser
samba-tool domain exportkeytab /etc/krb5.keytab --principal=host/HH3.SITE
How can I keep Samba 4 up without having to get a new
2014 Oct 05
1
What is wrong with my nslcd configuration?
I can't get my domain users presented to my local machine with getent
passwd and the wiki
https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd
doesn't give me any steps troubleshoot this issue. My best guess it that
I configured the user account incorrectly or I configured nslcd
incorrectly. I can't exactly see what is the problem.
I get these messages from nslcd when I started it in debug mode and ran
getent passwd.
nslcd: [7b2...
2012 Jul 12
2
nslcd service - "Client not found in Kerberos database"
Hi,
I am trying to configure the nslcd service on an Ubuntu client for kerberos
authentication against samba4. My /etc/nslcd.conf contains the following:
uid nslcd
gid nslcd
uri ldapi:///cofil01.mydomain.net
base dc=mydomain,dc=net
sasl_mech GSSAPI
krb5_ccname FILE:/tmp/host.tkt
I have added the host principal "host/ubuntu-test....
2012 Jan 15
3
Samba 4 ldb_wrap open of idmap.ldb
Hi everyone
Version 4.0.0alpha18-GIT-bfc7481
I'm using nslcd to map Samba 4 users to uid:gid and home directory. At
startup I get this:
ldb_wrap open of secrets.ldb
WARNING: no socket to connect to
and /var/log/messages shows:
Jan 15 14:20:13 hh3 nslcd[2425]: [334873] failed to bind to LDAP server
ldap://h
h3.site/: Can't contact LDAP server: Transp...
2015 Dec 29
2
moving LDAP from one domain to another
Hello,
I am moving LDAP from one domain to another
We have moved off of a.wustl.edu network to b.school.edu network.
I have searched
vi /etc/nslcd.conf
vi /etc/openldap/ldap.conf
and removed all referances to "a"
I restarted
/etc/init.d/nscd restart
this is redhat 6.7, and my ldap server is now ldap.b.wustl.edu:389
a.school.edu to b.school.edu
I keep getting messages that
Dec 29 14:50:19 linuscs133 nslcd[7438]: [709c39...
2014 Nov 19
1
Cannot bind to AD using nslcd
Hi Again - following on from my last request for help, I'm now attempting to
setup LDAP auth against my working samba4 AD.
Simplistically, I'm trying initially to SSH into my AD server (working)
using nslcd.
I've tried method #1 from
https://wiki.samba.org/index.php/Local_user_management_and_authentication/ns
lcd
My simple config is:
uid nslcd
gid nslcd
uri ldap://127.0.0.1:389
base cn=Users,dc=acasta,dc=intra
binddn cn=nslcd-connect,cn=Users, dc=acasta,dc=intra
bindpw xxxxx
filte...
2013 Jul 08
1
Samba 3 member server connected to Samba 4 DC (using nslcd)
Hi all,
I am having a problem connecting a Samba 3 member server to my newly
created Samba 4 DC.
I am using nslcd at the Samba 4 end successfully and this has allowed me to
login using domain accounts - I've also got this working with visudo and
/etc/security/access.conf to control sudo access with groups created on the
DC. All good.
My problem is that I have a Samba 3 member server (fileserver) that I...
2013 Aug 25
3
OpenSSH auth in SAMBA4 LDAP
Hi,
I have some Ubuntu LTS servers running openssh server authenticating to
external openldap. I installed a new Ubuntu LTS server with Samba4 to
create a domain and is working very well. I managed to make a pfsense
firewall authenticate users in this Samba4 ldap. How to make openssh in
Ubuntu authenticate users in Samba4 ldap?
2020 Jun 22
2
Winbind help - with domain migration.
....2 (and everything is working perfectly). I have migrated all the
accounts/machines/etc from old to new domain without any problem.
Both the ADs has the same domain name and realm.
The problem is:
I have another machine running Debian 9 and Samba 4.5.16 (I can't update
this server). Here I use nslcd and use AD as a LDAP server to get users and
groups. And I have a samba share on it.
I already updated the /etc/resolv.conf and point it to the new AD/DNS,
restarted samba and winbind services, but the winbind still working on old
AD. If I stop the Samba service on old AD, the samba share stops wor...
2013 Aug 28
2
nslcd: kerberos vs. simple bind
Hello,
I took this out of the "OpenSSH auth in SAMBA4 LDAP" thread, because it
was drifting away from it's origin question :-)
I played this afternoon a bit with nslcd and kerberos for extending my
Wiki HowTo. But as more as I read, one question comes bigger and bigger:
What are the advantages of kerberos against simple bind with DN and
password?
Simple bind method: Create a user, add the credentials to the root only
readable file nslcd.conf. Done
Kerberos:...
2017 Jul 01
1
integrating samba with pam
...d be a way to use that an ldapsearch,
for example. And of course, pam_ldap.
>
> You need to speak to Louis
van Belle about squid, he is the expert.
Everything its ok with the
squid for the time being... im using kerberos only.
I don't understand
your problem with winbind, if you do use nslcd, you
will have to
configure smb.conf, the nslcd conf file and run k5start to
ensure that
kerberos refreshes tickets. If yo> er with nslcd ? Just what does nslcd
give you that winbind doesn't ? I should also point out that nslcd isn't
supported by Samba.
>
> I have several barebon...
2018 Sep 06
2
Authenticating against Samba 4 AD LDAP service
...org> wrote:
>
>> Rowland Penny via samba писал 2018-09-05 16:10:
>> > However, are you sure you cannot use kerberos ?
>> > What are your existing services ?
>>
>> to name most important ones:
>>
>> - Mail server (I use pam_ldap/nss_ldap, i.e. nslcd, currently)
>> - Shell (SSH) server (same, using nslcd)
>> - Apache 2.* LDAP authentication module
>> - Atlassian Confluence
>> - GitLab
>>
>
> I am positive that most of the above will work with kerberos
> authentication, the only exception is 'Mail ser...
2013 Jan 31
1
Strange nslcd error with ldap database
...back in December, but since installing the latest stable build, getent passwd is throwing this error,
[8b4567] <passwd="myuser"> passwd entry CN=myuser,CN=Users,DC=...,DC=...,DC=... does not contain uidNumber value
Interestingly, after creating a user on the linux side, if I point nslcd at the Windows DC, it retrieves the ldap entry just fine. I get nothing from the S4 server. I've done ldbsearch on the local ldap database and uidNumber is definitely there. I'm not sure if there's really something else going on, but I'm at a loss of what to do.
I don't think i...
2017 May 18
2
ls hangs in internal-sftp for LDAP users + numeric uid/gid instead of names
...get rid of
> passwd file (see below).
>
> I also had this error:
> socket(PF_LOCAL, SOCK_STREAM, 0) = 4
> fcntl(4, F_GETFL) = 0x2 (flags O_RDWR)
> fcntl(4, F_SETFD, FD_CLOEXEC|0x2) = 0
> connect(4, {sa_family=AF_LOCAL, sun_path="/var/run/nslcd/socket"}, 23) =
> -1 ENOENT (No such file or directory)
>
> Of course /var/run/nslcd/socket doesn't exist in the chroot.
>
> To solve this I did :
> mount -o bind /var/run/nslcd/ <chrootfolder>/var/run/nslcd/
Yes, and additionally you want to get rid of 'comp...
2020 Jun 22
0
Winbind help - with domain migration.
...ve migrated all the
> accounts/machines/etc from old to new domain without any problem.
> Both the ADs has the same domain name and realm.
>
> The problem is:
> I have another machine running Debian 9 and Samba 4.5.16 (I can't update
> this server).
Why not ?
> Here I use nslcd and use AD as a LDAP server to get users and
> groups. And I have a samba share on it.
> I already updated the /etc/resolv.conf and point it to the new AD/DNS,
> restarted samba and winbind services, but the winbind still working on old
> AD. If I stop the Samba service on old AD, the s...
2015 Apr 20
2
NSLCD works, do I need RFC2307 extensions enabled in AD as well?
...where your problems lie. I would still use
> backports, supported code is (hopefully) better code :-)
>
I am certainly willing to do that.
>
>
>>
>> I'd be willing to do that if it got me support for UPN names (see below)
>>
>>
>> I installed NSLCD to allow users in AD to authenticate against
>> my linux
>> server per
>>
>> https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd
>>
>>
>> Why use nlscd ? why not use winbind, see:
>> https://wiki.sam...
2015 Dec 29
0
moving LDAP from one domain to another
Am 29.12.2015 um 22:03 schrieb Dan Hyatt:
> Hello,
>
> I am moving LDAP from one domain to another
> We have moved off of a.wustl.edu network to b.school.edu network.
>
> I have searched
> vi /etc/nslcd.conf
>
> vi /etc/openldap/ldap.conf
>
> and removed all referances to "a"
>
> I restarted
> /etc/init.d/nscd restart
Wrong service restarted. You need to restart the nslcd service after
changing the /etc/nslcd.conf.
> this is redhat 6.7, and my ldap server is...
2013 Aug 15
2
Remote linux auth vs samba4: winbind or nslcd + openldap.
...ng winbind and I can see the samba ad users added to the
password database executing:
getenv passwd
But, after that, I'm lost.
Can I impelement "remote winbind" at remote linux client machines?
Do I need to setup a openldap proxy?
If I setup an openldap proxy, should I use winbind or nslcd?
openldap now uses automatic configuration, any clue to implement the
openldap proxy with this type?
Thanks...
2012 Dec 14
5
Samba4 LDAP ACLs - access to POSIX attributes from a non-admin account
In our current testing environment, we are using nslcd to get user and
group information from the Samba4 LDAP server, using the last part of
objectSid as uidNumber. The configuration is designed to pull down
unixHomeDirectory and loginShell if they exist, but they default to
standard values if they do not. nslcd on each machine binds to LDAP
using...