search for: pam_script

On 10/11/2017 12:09 PM, Rowland Penny via samba wrote: > I did all of this, I have read everything I could find on the internet > and I just couldn't make it work. > > I am now a leading expert on what doesn't work ;-) > > Rowland ok, that is an unusual situation... you having a problem, and things working here :-) So perhaps we're doing different things: we

...volumes to mount. If I run the mount manually it > doesn't work, I run it again with sudo, it works. I cannot > find a way to get pam_mount to use sudo. > > In my opinion 'multiuser' is a possibilty, but again I cannot > get it to work. > > I am now considering pam_script, so watch this space ;-) > > Rowland > I believe you. The trick is. 1) add this to krb5.conf ; for Windows 2008 with AES default_tgs_enctypes = aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc des-cbc-md5 default_tkt_enctypes = aes128-cts-hmac-sha1-96 aes256...

...either, it just tells me there are no volumes to mount. If I run the mount manually it doesn't work, I run it again with sudo, it works. I cannot find a way to get pam_mount to use sudo. In my opinion 'multiuser' is a possibilty, but again I cannot get it to work. I am now considering pam_script, so watch this space ;-) Rowland

...in, I have now got a mount to work with pam_mount, but there is a major problem, anything created in the share doesn't belong to rowland, it is 3000000:domain users. This is not acceptable, the mounted share belongs to rowland, but nothing inside it does. I think I will continue to try and get pam_script to do what I want. Rowland

...a mount to work with pam_mount, > but there is a major problem, anything created in the share doesn't > belong to rowland, it is 3000000:domain users. This is not acceptable, > the mounted share belongs to rowland, but nothing inside it does. I > think I will continue to try and get pam_script to do what I want. Strange. So what does a mount look like? Here: > root at dmmember:~# mount | grep username > //fileserver.company.com/username on /home/username/username type cifs (rw,relatime,sec=ntlmi,unc=\\filehost.company.com\username,username=username,domain=WRKGRP,uid=49611,forceu...

...ot; create mode = 0664 directory mode = 0775 /etc/pam.d/samba #%PAM-1.0 auth required pam_nologin.so auth required pam_stack.so service=system-auth account required pam_stack.so service=system-auth session required pam_mkhomedir.so skel=/etc/skelfile umask=0022 #session required pam_script.so onsessionopen="/etc/samba/add_user.sh" session required pam_stack.so service=system-auth password required pam_stack.so service=system-auth

...t manually it > > doesn't work, I run it again with sudo, it works. I cannot > > find a way to get pam_mount to use sudo. > > > > In my opinion 'multiuser' is a possibilty, but again I cannot > > get it to work. > > > > I am now considering pam_script, so watch this space ;-) > > > > Rowland > > > I believe you. The trick is. > > 1) add this to krb5.conf > ; for Windows 2008 with AES > default_tgs_enctypes = aes128-cts-hmac-sha1-96 > aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc des-cbc-md5 > default...

My DC handle the authentification and some other Samba server provide shares (they're pure file servers with winbind). Users get their personal directory as a share with appropriate permissions. Up until now I used a Samba 3 server to both handle the authentification and act as a file server. I had a script to create a Samba user, create the personal directories and set some ZFS quota on it.

Hello, how can I dynamically allow or disallow users with OpenSSH? I have some nodes that users can submit jobs to, and can optionally be handed a session to the requested node. But I want to prevent them from SSH-ing in to nodes unless they have a job running on that node. My idea was to implement libssh's callback abilities and have a script that checks the username against jobs running on

Hello, I'm using a Samba 4 as domain server and I've a lot of Windows computers that mounts shared drives on another server through GPO applied by user groups. Is there any way to do something similar on a Linux box, or I've to use a local script? Thanks! -- _________________________________________ Daniel Carrasco Marín Ingeniería para la Innovación i2TIC, S.L.

Hi, After installing Suse 9.3 Professional, I am unable to join it to AD. >From the Docs ( http://www.samba.org/samba/docs/man/Samba3-HOWTO/domain-member.html#ads-member) its clear that we need to first get a kerberos ticket... via #>kinit Administrato@REALM in Suse9,3, I get this error susles93WSA:~ # kinit Administrator@HUNGERFORD.KOL Password for

..., > > but there is a major problem, anything created in the share doesn't > > belong to rowland, it is 3000000:domain users. This is not > acceptable, > > the mounted share belongs to rowland, but nothing inside it does. I > > think I will continue to try and get pam_script to do what I want. > Strange. > > So what does a mount look like? > > Here: > > > root at dmmember:~# mount | grep username > > //fileserver.company.com/username on > /home/username/username type cifs > > > (rw,relatime,sec=ntlmi,unc=\\filehost.compa...