Displaying 20 results from an estimated 53 matches for "pam_login_attribut".
Did you mean:
pam_login_attribute
2006 Feb 08
2
ldap authentication without 'ldap filter' parameter
...nnot use
the 'uid' attribute) and the gecos has to start with the '#' character
for the user to be authenticated.
But my problem is that I can't parameter the /etc/ldap.conf file to use
these filters.
I tried to put this in the /etc/ldap.conf file :
pam_filter iufmLogin=%s
pam_login_attribute iufmLogin
But the system seems to ignore these filters and it only uses the 'uid'
attribute when I try the 'getent passwd' command.
Can someone explain me how to do this correctly ?
Thanks
Norbert Gomes
2006 Nov 06
1
Samba with AD
...limit
#bind_timelimit 30
# Idle timelimit; client will close connections
# (nss_ldap only) if the server has not been contacted
# for the number of seconds specified below.
#idle_timelimit 3600
# Filter to AND with uid=%s
#pam_filter objectclass=account
# The user ID attribute (defaults to uid)
#pam_login_attribute uid
# Search the root DSE for the password policy (works
# with Netscape Directory Server)
#pam_lookup_policy yes
# Check the 'host' attribute for access control
# Default is no; if set to yes, and user has no
# value for the host attribute, and pam_ldap is
# configured for account manag...
2009 Mar 04
0
Can anyone comment on my setup?
...hard
# Idle timelimit; client will close connections
# (nss_ldap only) if the server has not been contacted
# for the number of seconds specified below.
#idle_timelimit 3600
idle_timelimit 3600
# Filter to AND with uid=%s
#pam_filter objectclass=account
# The user ID attribute (defaults to uid)
#pam_login_attribute uid
# Search the root DSE for the password policy (works
# with Netscape Directory Server)
#pam_lookup_policy yes
# Check the 'host' attribute for access control
# Default is no; if set to yes, and user has no
# value for the host attribute, and pam_ldap is
# configured for account manag...
2014 Feb 04
1
Creating samba4/AD users from ADUC
...posixAccount
uid: bilbo
(hey, why can't I tell samba-tool to give the user a unixHomeDirectory :( )
In my ldap.conf, I'm using:
nss_map_attribute uid sAMAccountName
nss_map_attribute uniqueMember member
nss_map_attribute homeDirectory unixHomeDirectory
nss_map_attribute gecos displayName
pam_login_attribute sAMAccountName
pam_filter objectclass=posixAccount
pam_password ad
What are people doing for maintaining their Unix accounts in AD? Should
all the unix accounts also have oc posixAccount?
Also, looks like samba-tool isn't adding the msSFU30NisDomain - this
makes the Unix attributes not enabl...
2016 Oct 12
6
samba with customized ldap backend
I have to assume much, I'll try. So...
- No AD, that's some NT4 domain.
- No Winbind because Winbind is using samacccountname as user login and not
UID.
- Issue happens on Linux or UNIX clients.
The question is what tool (SSSD, pam_ldap / nss_ldap, nslcd...) are you
using to retrieve information from LDAP to forge users on system side.
Once you get an answer to this previous question
2010 Jul 27
2
Samba LDAP ignores group information
...hadowLastChange: 14817
shadowMax: 9999
Here's /etc/ldap.conf
base dc=example,dc=com
uri ldapi:///127.0.0.1
uri ldap://127.0.0.1
ldap_version 3
binddn cn=admin,dc=example,dc=com
bindpw mysecret
rootbinddn cn=admin,dc=example,dc=com
scope sub
bind_policy soft
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_check_host_attr yes
pam_member_attribute memberUid
pam_password md5
nss_base_passwd ou=people,dc=example,dc=com?sub
nss_base_passwd ou=computers,dc=example,dc=com?sub
nss_base_group ou=groups,dc=example,dc=com?sub
And the smbldap.conf:
SID="S-1-5-21-158730468-2379596502-3695168017&...
2002 Sep 23
1
Samba-LDAP with custom object class
...ldap suffix = "id=1.3.3,id=1.3,id=1"
ldap filter = "(&(login=%u)(objectclass=sambaAccount))"
------------------ end - smb.conf ---------------------
The file /etc/ldap.conf
------------------- ldap.conf -----------------------
pam_login_attribute uid
pam_filter objectclass=myPerson
------------ end - ldap.conf ----------------------
The file /etc/nsswitch.conf ( on the directory server and on the samba server):
----------- nsswitch.conf --------------------
nss_base_passwd id=1.3.3,id=1.3,id=1
nss_base_shad...
2003 Dec 27
1
smbpasswd -a -m machine fails: "Failed to modify password entry"
.../home/admeta
loginShell: /bin/false
description: machine
l: ver
userPassword:: e1NNRDV9VnFXV0F0Z2JBKzVyYTFLN2VwVzVIOGlUM3h3PQ==
The machine is in group ou=hardware. My /etc/ldap.conf is:
URI ldap://localhost:389/
BASE dc=bbs1-emden,dc=schule
pam_filter objectclass=posixAccount
pam_login_attribute uid
nss_base_passwd ou=accounts,dc=bbs1-emden,dc=schule?one
nss_base_group ou=groups,dc=bbs1-emden,dc=schule?one
My smb.conf is:
[global]
workgroup = BBS1_EMDEN
passdb backend = ldapsam:ldap://fileserver
idmap backend = ldapsam:ldap://fileserver...
2016 Jan 26
2
Samba Hylafax PAM
...of :
/etc/pam_ldap.conf
And this as example adjust as needed.
base dc=domain,dc=local
uri ldap://dc01.domain.local/ ldap://dc02.domain.local/
ldap_version 3
binddn auth_ldap_user at domain.local
bindpw password
rootbinddn auth_ldap_user at domain.local
pam_filter objectclass=user
pam_login_attribute sAMAccountName
pam_password crypt
^^ test with and without the pam_password crypt
And test with
pam_password bind
Greetz,
Louis
Van: Marcel Ebbrecht [mailto:m.ebbrecht at dortmundit.de]
Verzonden: maandag 25 januari 2016 19:54
Aan: L.P.H. van Belle
CC: samba at list...
2004 Dec 06
3
ADS Authentication
I'm about ready to smash my head through a wall...I could use a few answers.
1. When using security = ads, and completing net ads join, it was my
understanding that samba authenticated username/pword against ads, and
local posix accounts were nolonger needed, is this true?
2. If yes, I have not been able to get it to work. If I have a posix
user account with the same name as one in
2007 Jun 07
2
PAM info please
Hello
I'm searching infos on using Dovecot with pam_ldap and FreeBSD 6.2
any pointers welcome :-)
Thanks
--
Frank
2005 Jul 14
0
[Fwd: Re: Dovecot and ActiveDirectory]
...ndpw xxxpasswd
nss_map_objectclass posixAccount user
nss_map_objectclass shadowAccount user
nss_map_attribute uid sAMAccountName
nss_map_attribute homeDirectory unixHomeDirectory
nss_map_attribute shadowLastChange pwdLastSet
nss_map_objectclass posixGroup group
nss_map_attribute uniqueMember member
pam_login_attribute sAMAccountName
pam_filter objectclass=User
pam_password ad
xxxuser is a read-only account in the AD.
/etc/pam.conf:
...
dovecot auth required /opt/RDGpldap/lib/pam_ldap.so
dovecot account required /opt/RDGpldap/lib/pam_ldap.so
dovecot session required...
2003 Aug 28
0
Samba3+ads+winbindd works but!!
...ldap.conf having
host atreides.cc.ad.itu.edu.tr
base dc=cc,dc=ad,dc=itu,dc=edu,dc=tr
nss_map_objectclass posixAccount User
nss_map_attribute uid sAMAccountName
nss_map_attribute uniqueMember Member
nss_map_attribute homeDirectory msSFUHomeDirectory
nss_map_objectclass posixGroup Group
pam_login_attribute sAMAccountName
pam_filter objectclass=User
pam_password ad
nothing seems bad my samba works well but i've got a problem like:
when i use the command "wbinfo" it cannot give me the right uid (not the same
with PDC)
[root@atolye4 lib]# id unalgu
uid=26198(unalgu) gid=100(users) gr...
2005 Mar 21
0
Somebody had problem with long user names
...oes.
What's more, the user can log into a normal Unix/Linux console using his
double-barreled name, perfectly normally (if only his $HOME env is set
correctly in LDAP). Whether or not this Unix login works with anyone's own
particular LDAP setup or not, depends greatly on the value for the
pam_login_attribute in /etc/ldap.conf (PADL's *not* OpenLDAP's
configuration file). Mine's set to "CN", but yours might be set to "UID"
(the default).
What this means in practice is, (the good news) that OP doesn't have to go
over to Windows on his workstation, but (the bad news)...
2003 Jan 28
1
ldap_modify_s Insufficient access
...cient access
Can you please help, because this is a very important issue for us! Thanks
in advance,
Thorsten.
Some conf-staff:
/etc/openldap/ldap.conf
host 192.168.1.1
base dc=tdm-consult, dc=com
ssl no
# f?r nss_ldap
crypt des
# f?r pam_ldap
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_crypt local
pam_password crypt
ldap_version 3
/etc/openldap/slap.conf
suffix "dc=tdm-consult,dc=com"
rootdn "cn=tdm,dc=tdm-consult,dc=com"
rootpw {crypt}...
/etc/pam.d/passwd
auth required pam_unix2.so nullok
account req...
2011 Mar 03
1
How to use another attribute than the uid ?
...control.
So i must use another attribute for the authentication (uidAuth).
In order to achieve this, i edited 3 files :
=> ldap.conf
=> smb.conf
=> nsswitch.conf
============================================================================
I have added these parameters to my ldap.conf :
pam_login_attribute uidAuth
pam_template_login_attribute uidAuth
pam_password exop
nss_base_passwd ou=users,ou=ent,ou=box,c=fr?one?objectClass=posixAccount
nss_base_shadow ou=users,ou=ent,ou=box,c=fr?one?objectClass=shadowAccount
nss_base_group ou=groups,ou=ent,ou=box,c=fr
nss_map_attribute uid uidAuth
============...
2012 Nov 13
0
Test Active Directory sync module: lpep
...(1) command: yum install pam_ldap
(2) command: authconfig --enableldapauth
--ldapserver="ldap://ad.example.com" --ldapbasedn="dc=example,dc=com"
--updateall
(3) in /etc/pam_ldap.conf, add the following lines towards the end
binddn cn=foo,ou=bar,dc=example,dc=com
bindpw fubar
pam_login_attribute sAMAccountName
In the lpep module:
(1) edit manifests/lpep.ini to configure ldap settings
(2) ensure bin/lpep.py is executable
(3) ensure manifests/lpep.pp , bin/lpep.db and bin/profiling.log are
writable
Known Issues
------------
(1) objects are tracked only by their username (or sAMAccountN...
2007 Dec 19
0
editpostfix setup
...alhost
idmap alloc config:range = 50000-500000
#logging
log level = 1
---
my nsswitch/pam /etc/ldap.conf
---
ssl off
suffix "dc=th-domain,dc=lan"
uri ldap://localhost
pam_password exop
rootbinddn "cn=root,dc=th-domain,dc=lan"
ldap_version 3
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_member_attribute memberuid
nss_base_passwd ou=peoples,dc=th-domain,dc=lan
nss_base_shadow ou=peoples,dc=th-domain,dc=lan
nss_base_group ou=groups,dc=th-domain,dc=lan
nss_base_hosts ou=hosts,dc=th-domain,dc=lan
scope one
----
2007 Dec 06
1
security = user, LDAP, and adding users to ACLs
Hi,
Problem:
I seem to be able to add users to ACLs from windows due to an "Name Not
Found" error when looking up a username. According to what I have been
able to find, you cannot browse users on a samba server from windows
without winbind and "security = domain/ads". However, winbind does not
have any place in my environment aside from remedying this problem. Is
2003 Oct 13
0
ADS users on RedHat 9 Samba 3
...rwardable = true
krb4_convert = false
}
LDAP.CONF
host 140.100.10.150
base dc=datanat,dc=com
nss_map_objectclass posixAccount User
nss_map_attribute uid sAMAccountName
nss_map_attribute uniqueMember Member
nss_map_attribute homeDirectory msSFUHomeDirectory
nss_map_objectclass posixGroup Group
pam_login_attribute sAMAccountName
pam_filter objectclass=User
ssl no
pam_password ad
ldap_version 3
binddn cn=Administrator,cn=Users,dc=datanat,dc=com
bindpw dc030103
port 389
Thanks for the support!!!