search for: realms

Displaying 20 results from an estimated 10351 matches for "realms".

Did you mean: realm
2019 Jul 05
6
smb.conf realm parameter
Hello, ??? Is the realm parameter case sensitive? For example does 'realm = example.domain.com' differ from 'realm = EXAMPLE.DOMAIN.COM' in smb.conf? Thanks. ??? - James
2017 Feb 01
3
samba creating keytabs... ( possible bug, can someone confirm this )
Hai,   I noticed something strange in the keytab file on my member server. This is a followup of : [Samba] winbind question. (challenge/response password authentication) Samba 4.5.3 on Debian Jessie.   Leave the domain. net ads leave -k Deleted account for 'PROXY2' in realm 'REALM'   I checked in windows, and the computer is gone in the “Computer” ou.   Removed the
2017 Feb 01
1
winbind question. (challenge/response password authentication)
Hai,   Im setting up a new proxy and im testing a bit around. Goal is, get everyting working with minimal changes to the system.   Setup: Debian 8 with NFS nfsv3 and v4 (krb) automounts,  winbind 4.5.3 , squid 3.5.24 (with ssl support) Which is basicly a copy of my other proxy but a new install with more systemd and less packages used.   Working: -          ssh logins with AD users.
2019 Jan 10
1
Realm trust between Samba AD and MIT kerberos realm
Hi all, I was hoping to setup a realm trust between a Samba AD domain and a kerberos realm running mit-krb5, however it looks like that isn't currently supported. Is that correct, or am I missing something (I'm running Samba 4.9.4)? Having noticed that "samba-tool domain trust" only seems to cater for trusts involving other AD domains, I tried to workaround that (in the
2009 Nov 05
1
Samba + Windows 2008 + Solaris + Native nss_ldap/gssapi - Possible?
Good Morning, We have a network of Solaris 10 machines authenticating and doing name lookups via a Windows 2008 (SP2) domain using the Solaris ldap client and self/gssapi credentials. Each machine has a machine account that is prepared via a script with the following attributes: userAccountControl: 4263936 (WORKSTATION_TRUST_ACCOUNT | DONT_EXPIRE_PASSWORD | DONT_REQ_PREAUTH)
2004 May 05
2
chan_sip and Digest realm
I am going to change my Digest realm to match my DNS SVR record. I dug through the code in chan_sip.c and on line 2748 I found it hard coded <frown> : snprintf(tmp, sizeof(tmp), "Digest realm=\"asterisk\", nonce=\"%s\"", r\anddata); I'm going to change this to : snprintf(tmp, sizeof(tmp), "Digest realm=\"isdn.net\",
2019 Jul 05
3
smb.conf realm parameter
> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland penny via samba > Verzonden: vrijdag 5 juli 2019 15:44 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] smb.conf realm parameter > > On 05/07/2019 14:31, L.P.H. van Belle via samba wrote: > > Rowland, > > > > Do you know is samba is changing
2019 Jan 11
5
samba-tool auth in scripts
Am 10.01.19 um 14:09 schrieb Rowland Penny via samba: > You don't ;-) > You do what the script should have done (I feel version 0.8.10 will > soon make an appearance), export the cache to use <export > KRB5CCNAME="/tmp/dhcp-dyndns.cc"> and then use '$KRB5CCNAME' wherever > '/tmp/dhcp-dyndns.cc' appears, except for: > [...] Yes, that worked.
2016 Mar 02
2
samba server with two kerberos realms
...the system is set up, username existance and UID is determined by /etc/passwd . Then sssd checks whether username/password are correct or not with the kerberos servers and retrieves nothing else (from them). This works fine as I can log in with ssh using username/password from either kerberos realms. > > If sssd is not going to work for the overall goal of being able to use > > credentials from either Kerberos realm to authenticate, then I'm happy to > > ditch it! > > I am not saying that sssd won't work for what you are trying to do, you > are just asking...
2019 Jan 14
4
dehydrated hook for LetsEncrypt certs and samba dns (was: samba-tool auth in scripts)
(@Rowland) > Whilst it is quite correct to say that the REALM isn't the same as a > DNS domain, there is a correlation between them. The REALM must be the > DNS domain in uppercase, so this: > > SAMBA_PRINCIPAL=dehydrated-service at YOUR.DOMAIN No, you can have your.primayDNSdomain.tld and have REALM = SOMEREALM.TLD Its not obligated to have REALM the same as the DnsDomain.
2016 Oct 04
4
winbindd losing track of RFC2307 UIDs
On Mon, 3 Oct 2016, Rowland Penny wrote: > On Mon, 3 Oct 2016, Rob wrote: >> # idmap config for domain >> idmap config MY.AD.REALM.COM:backend = ad >> idmap config MY.AD.REALM.COM:schema_mode = rfc2307 >> idmap config MY.AD.REALM.COM:range = 10000-99999 [...] > > You might think it works fine, but it will probably work better if
2009 Sep 02
1
Samba 3.4 is unable to list users with getent and id (idmap_ad backend)
Dear All, I'm using Samba Version 3.2.6 under Solaris 8 with the following config: netbios name = pegasus realm = REALM.NET workgroup = REALM security = ADS encrypt passwords = yes password server = * os level = 20 socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 idmap backend = ad idmap config
2004 Jan 14
2
Difference Between Domain and ADS security In Reference to Realms
Hi, I've been researching which type of security to use with Samba 3.0.1 and I still don't understand what the difference is between "security=DOMAIN" versus "security=ADS." I complied Samba to include ADS support, and I initially chose "security=DOMAIN." When I use the "net" command I can add it to my domain. However, if I set
2016 Mar 01
2
samba server with two kerberos realms
...you have), you cannot use ' unix > password sync', mainly because you can have users etc in AD or in > /etc/passwd, but not both. I thought as much, but also did not remove this default from the smb.conf as yet. There are other mechanisms for changing passwords in the two Kerberos realms. > > To answer your original question, no I don't think you can have two > 'Realms'. What you can have are trusts, I suggest you start here to see > how to setup smb.conf correctly: > > https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member I did not s...
2019 Mar 01
8
(no subject)
Hello, I'm running a Samba DC on Debian 9 (version 4.5.12-Debian) in a lab environment, set up like this: https://jonathonreinhart.com/posts/blog/2019/02/11/setting-up-a-samba-4-domain-controller-on-debian-9/ I would now like to configure this server to enable login via domain credentials. I'm aware that the Samba wiki recommends the following: -
2015 Mar 05
2
creating Kerberos host principals for multiple hostnames, multihomed server
Hi! I maintain Linux servers that are members of a Samba4 Domain. User authentication / login via ssh works fine with Kerberos. But: only via one hostname. Those machines need a working Kerberos login via multiple hostnames (each hostname has its own IP address and DNS is set up correctly.) "net ads keytab list" of course gives me the main hostname that was in use when joining the
2019 Jan 14
1
dehydrated hook for LetsEncrypt certs and samba dns (was: samba-tool auth in scripts)
> -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org] Namens > Rowland Penny via samba > Verzonden: maandag 14 januari 2019 13:21 > Aan: samba at lists.samba.org > Onderwerp: Re: [Samba] dehydrated hook for LetsEncrypt certs > and samba dns (was: samba-tool auth in scripts) > > On Mon, 14 Jan 2019 13:03:42 +0100 > "L.P.H.
2003 Sep 02
2
Realm = or workgroup = ?
I think samba is cool. I'm trying to understand the relationship between these 3 options: Realm = MYGROUP.COM Security = ADS Workgroup = MYGROUP And my samba file server is a member of AD My server is W3K Nothing seemed to work until I specified the realm Do I also NEED the workgroup parameter ? Shouldn't the workgroup and realm parameters exclusive from each other ? -aaron
2013 Sep 03
1
Asterisk 12 Outbound Authentication Failures on Realm
Trying out Asterisk 12 and the new pjsip module... When I create an registration object that links to an auth object, the registration fails with "res_pjsip_outbound_authenticator_digest.c:90 digest_create_request_with_auth: Failed to create new request with authentication credentials" unless the auth object has it's realm set exactly to the realm returned in the 401 response from
2012 Oct 10
2
remove IP from DNS ldb
Hello install samba4beta8 white bind 9.9.1 and internal samba DNS DB on server white tow IP, then remove one of IPs. Users can not connect to the server or to communicate with a server takes . Because, Removed IP in response to client requests are sent ! How to remove not use IP from samba dns DB by Samba Tools ?