search for: rocky9

...n = Yes", > but then domain users must specify the domain prefix. You'll have to > die one death... > But that doesn't, well it does and it doesn't. Without 'winbind use default domain' in smb.conf on the server, this happens: rowland at devstation:~$ smbclient //rocky9/data -U rowland%xxxxxxxxxxxxxxxxxxxxx Try "help" to get a list of possible commands. smb: \> rowland at devstation:~$ smbclient //rocky9/data -U SAMDOM\\rowland%xxxxxxxxxxxxxxxxxxxxx Try "help" to get a list of possible commands. smb: \> So it seems that I do not require...

On 10/28/24 9:51 AM, lists--- via samba wrote: > But we also have ancient systems, that use a local useraccount from the > dataserver to put data on it. > So, is something like: > ??????? realm = REALM.TLD > ??????? security = ADS > ??????? server role = member server > ??????? username map = /etc/samba/user.map > ??????? winbind refresh tickets = Yes > ???????

Thank you both for the replies and explanation! @douglas Can i set?KRB5CCNAME somewhere so that it uses /home? Where? But even if i could set the env variable i have this odd behavior: I now have 4 vms running. 2 are rocky8 and 2 are rocky9, with same settings and versions I stated on my first post. From the 4 vms, when I ssh into them, 2 of them set a cache file in the users home and the other two save it in /tmp. I cant seem to understand why my other two vms do not want to setup the cache in the /home. The only difference i can t...

Just to show what i mean when i ssh into my vms, 2 vms save the cache in /tmp and the other 2 in /home. See what happens when i run the loop below: > for i in rocky8client rocky9client rocky9server rocky8server; do /usr/bin/sshpass -p password /usr/bin/ssh -l jdoe $i "hostname; klist"; done rocky8client.domain.net Ticket cache: FILE:/tmp/krb5cc_2000_WP04h8h0sa Default principal:?jdoe at DOMAIN.NET Valid starting Expires Service principal 06/11/2024 17:58:09 06/1...

...SSSD Kerberos Cache Manager rather then storing in individual file. On 6/11/2024 7:21 PM, Dave Macias wrote: > Just to show what i mean when i ssh into my vms, 2 vms save the cache in /tmp and the other 2 in /home. See what happens when i run the loop below: > > > for i in rocky8client rocky9client rocky9server rocky8server; do /usr/bin/sshpass -p password /usr/bin/ssh -l jdoe $i "hostname; klist"; done > > rocky8client.domain.net <http://rocky8client.domain.net> > Ticket cache: FILE:/tmp/krb5cc_2000_WP04h8h0sa > Default principal: jdoe at DOMAIN.NET <http...

On 6/6/2024 8:26 AM, Dave Macias wrote: > *I wanted to see if I could make the cache file user-specific, instead of > the default location (/tmp/krb5cc-blabla).* SSH is creating a separate ticket cache file for each login session and owned by the user. This has been the preferred way to do this for decades. https://kerberos.mit.narkive.com/YJB4Hshz/krb5ccname-and-sshd Your: "Ticket