search for: user_unknown

Displaying 20 results from an estimated 111 matches for "user_unknown".

2016 Apr 21
2
Winbind idmap question
...winbind group: files winbind --------------------------------------------------------------------- And finally PAM configuration (only winbind related stuffs): --------------------------------------------------------------------- /etc/pam.d/fingerprint-auth:account [default=bad success=ok user_unknown=ignore] pam_winbind.so krb5_auth krb5_ccache_type=KEYRING /etc/pam.d/fingerprint-auth:session optional pam_winbind.so krb5_auth krb5_ccache_type=KEYRING /etc/pam.d/fingerprint-auth-ac:account [default=bad success=ok user_unknown=ignore] pam_winbind.so krb5_auth krb5_ccache_type=KEYRING...
2016 Nov 24
2
domain member with winbind, slow smbcacls or smbclient listing
...mode = rfc2307 idmap config DOMAIN:range = 100-20000 dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab /etc/nsswitch.conf passwd: compat winbind group: compat winbind grep -r winbind /etc/pam.d /etc/pam.d/fingerprint-auth-ac:account [default=bad success=ok user_unknown=ignore] pam_winbind.so /etc/pam.d/system-auth-ac:auth sufficient pam_winbind.so use_first_pass /etc/pam.d/system-auth-ac:account [default=bad success=ok user_unknown=ignore] pam_winbind.so /etc/pam.d/system-auth-ac:password sufficient pam_winbind.so use_authtok /etc/pam.d/smartc...
2006 Aug 22
1
Pam [default=bad success=ok user_unknown=ignore], Winbind
...:14:00 mgprisvr pam_winbind[8346]: request failed, but PAM error 0! Aug 22 12:14:00 mgprisvr pam_winbind[8346]: internal module error (retval = 3, user = `test') There were no errors in the winbind.log file. In my /etc/pam.d/system-auth, I found this line: account [default=bad success=ok user_unknown=ignore] pam_winbind.so I Googled that line (and parts of it) but had no luck figuring out what it was doing. I changed it to: account sufficient pam_winbind.so and now I can log in with local accounts, as well as domain (winbind) accounts. I have two questions: A) Is this some kind...
2002 Aug 20
1
pam_smbpass
Okay - I've got samba working as a PDC with and ldap backend. I want to have some users not be in ldap (like the built in stuff like cyrus, mail, lp etc) I can get that to work with the pam_ldap and pam_unix but pam_smbpass doesn't seem to return user_unknown as i expect for users who are not in the ldap database does this make sense? --- pam_smb_passwd.c 12 Feb 2002 15:56:19 -0000 1.1.2.8 +++ pam_smb_passwd.c 20 Aug 2002 23:41:57 -0000 @@ -126,9 +126,9 @@ /* obtain user record */ pdb_init_sam(&sampass); - pdb_getsampwnam...
2015 Nov 10
2
How to configure Winbind to use uidNumber and gidNumber
...------ nsswitch.conf: passwd: files winbind shadow: files winbind group: files winbind and pam.d files are both configured: --------------------------------------------------------------------- grep winb /etc/pam.d/* /etc/pam.d/fingerprint-auth:account [default=bad success=ok user_unknown=ignore] pam_winbind.so /etc/pam.d/fingerprint-auth:session optional pam_winbind.so /etc/pam.d/fingerprint-auth-ac:account [default=bad success=ok user_unknown=ignore] pam_winbind.so /etc/pam.d/fingerprint-auth-ac:session optional pam_winbind.so /etc/pam.d/password-auth:auth...
2016 Apr 21
0
Winbind idmap question
...bind > --------------------------------------------------------------------- > > And finally PAM configuration (only winbind related stuffs): > --------------------------------------------------------------------- > /etc/pam.d/fingerprint-auth:account [default=bad success=ok > user_unknown=ignore] pam_winbind.so krb5_auth krb5_ccache_type=KEYRING > /etc/pam.d/fingerprint-auth:session optional pam_winbind.so > krb5_auth krb5_ccache_type=KEYRING > /etc/pam.d/fingerprint-auth-ac:account [default=bad success=ok > user_unknown=ignore] pam_winbind.so krb5_auth krb5...
2015 Nov 10
0
How to configure Winbind to use uidNumber and gidNumber
...s winbind > shadow: files winbind > group: files winbind > > and pam.d files are both configured: > --------------------------------------------------------------------- > grep winb /etc/pam.d/* > /etc/pam.d/fingerprint-auth:account [default=bad success=ok > user_unknown=ignore] pam_winbind.so > /etc/pam.d/fingerprint-auth:session optional pam_winbind.so > /etc/pam.d/fingerprint-auth-ac:account [default=bad success=ok > user_unknown=ignore] pam_winbind.so > /etc/pam.d/fingerprint-auth-ac:session optional pam_winbind.so > /etc/pa...
2015 Nov 10
2
How to configure Winbind to use uidNumber and gidNumber
Hi all, How can we configure winbind to retrieve uidNumber and gidNumber declared in AD? Thanks and regards, mathias
2016 Apr 21
2
Winbind idmap question
Hi Jonathan, Thank you for that, that solved the issue. Unfortunately I get another issue: on one DC id <user> gives "no such user". Adding domain (id ad.domain\\<user>) does not help. Adding the whole domain (id ad.domain.tld\\<user>) does not help more. I did checked PAM, NSS and Samba configurations, this server is using same configurations as the two working DC.
2015 Nov 12
0
How to configure Winbind to use uidNumber and gidNumber
...files winbind > > > > > >and pam.d files are both configured: > > >--------------------------------------------------------------------- > > >grep winb /etc/pam.d/* > > >/etc/pam.d/fingerprint-auth:account [default=bad success=ok > > >user_unknown=ignore] pam_winbind.so > > >/etc/pam.d/fingerprint-auth:session optional pam_winbind.so > > >/etc/pam.d/fingerprint-auth-ac:account [default=bad success=ok > > >user_unknown=ignore] pam_winbind.so > > >/etc/pam.d/fingerprint-auth-ac:session optio...
2016 Nov 28
0
domain member with winbind, slow smbcacls or smbclient listing
...00 > dedicated keytab file = /etc/krb5.keytab > kerberos method = secrets and keytab > > /etc/nsswitch.conf > passwd: compat winbind > group: compat winbind > > grep -r winbind /etc/pam.d > /etc/pam.d/fingerprint-auth-ac:account [default=bad success=ok > user_unknown=ignore] pam_winbind.so > /etc/pam.d/system-auth-ac:auth sufficient pam_winbind.so > use_first_pass > /etc/pam.d/system-auth-ac:account [default=bad success=ok > user_unknown=ignore] pam_winbind.so > /etc/pam.d/system-auth-ac:password sufficient pam_winbind.so >...
2015 Nov 11
4
How to configure Winbind to use uidNumber and gidNumber
...iles winbind > >group: files winbind > > > >and pam.d files are both configured: > >--------------------------------------------------------------------- > >grep winb /etc/pam.d/* > >/etc/pam.d/fingerprint-auth:account [default=bad success=ok > >user_unknown=ignore] pam_winbind.so > >/etc/pam.d/fingerprint-auth:session optional pam_winbind.so > >/etc/pam.d/fingerprint-auth-ac:account [default=bad success=ok > >user_unknown=ignore] pam_winbind.so > >/etc/pam.d/fingerprint-auth-ac:session optional pam_winbind...
2007 Sep 19
1
LDAP / PAM -- Invalid Credentials Error
.../lib/security/$ISA/pam_winbind.so use_first_pass auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so broken_shadow account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet account [default=bad success=ok user_unknown=ignore] /lib/ security/$ISA/pam_ldap.so account [default=bad success=ok user_unknown=ignore] /lib/ security/$ISA/pam_winbind.so account required /lib/security/$ISA/pam_permit.so password requisite /lib/security/$ISA/pam_cracklib.so retry=3 password sufficient /lib/secur...
2008 May 18
0
pam_winbind module and "account" use
..._winbind failing. ssh uses /etc/pam.d/system-auth in Redhat, and Redhat has this account related clump: account required pam_unix.so broken_shadow account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_ldap.so account [default=bad success=ok user_unknown=ignore] pam_krb5.so account [default=bad success=ok user_unknown=ignore] pam_winbind.so account required pam_permit.so ssh logins using winbind authentication are working well with the above account clump in place....
2017 May 09
2
ssh not connecting to Active Directory in Fedora 25 workstation, wbinfo -u works; child_read_request: read_data failed: NT_STATUS_CONNECTION_RESET
...ss auth sufficient pam_winbind.so cached_login use_first_pass auth required pam_deny.so account required pam_unix.so broken_shadow account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 1000 quiet account [default=bad success=ok user_unknown=ignore] pam_sss.so account [default=bad success=ok user_unknown=ignore] pam_winbind.so cached_login account required pam_permit.so Some logs from log.wb-DSDEV: [2017/05/09 10:05:36.038999, 3] ../source3/winbindd/winbindd_ads.c:412(query_user_list) ads query_user_list gave 43369 entrie...
2015 May 08
4
ldap host attribute is ignored
...pam_sss.so use_first_pass auth required pam_deny.so auth required pam_env.so auth optional pam_gnome_keyring.so account required pam_unix.so broken_shadow account sufficient pam_succeed_if.so uid < 2000 quiet account [default=bad success=ok user_unknown=ignore] pam_sss.so account required pam_permit.so account requisite pam_unix.so try_first_pass account sufficient pam_localuser.so account required pam_sss.so use_first_pass account sufficient pam_localuser.so password requisite pam_pwquality.so try_...
2015 May 11
2
ldap host attribute is ignored
...id >= 200 quiet_success > auth sufficient pam_sss.so use_first_pass > auth required pam_deny.so > > account required pam_unix.so broken_shadow > account sufficient pam_succeed_if.so uid < 2000 quiet > account [default=bad success=ok user_unknown=ignore] pam_sss.so > account required pam_permit.so > > password requisite pam_pwquality.so try_first_pass > local_users_only retry=3 authtok_type= > password sufficient pam_unix.so md5 shadow nullok try_first_pass > use_authtok > password sufficient...
2010 Apr 16
1
offline logon in 3.4.7-58
...th sufficient pam_winbind.so cached_login use_first_pass auth required pam_deny.so account required pam_unix.so broken_shadow account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_krb5.so account [default=bad success=ok user_unknown=ignore] pam_winbind.so cached_login account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 minlen=12 dcredit=1 ucredit=1 lcredit=1 ocredit=1 password sufficient pam_unix.so...
2015 May 11
3
ldap host attribute is ignored
On 05/09/2015 01:24 PM, Jonathan Billings wrote: > Is it normal to have pam_unix and pam_sss twice for each each section? No. See my previous message. I think it's the result of copying portions of SuSE configurations.
2003 Jun 27
0
authentication to ADS via Kerberos at login?
..._unix.so likeauth nullok auth sufficient /lib/security/pam_krb5.so use_first_pass auth sufficient /lib/security/pam_ldap.so use_first_pass auth required /lib/security/pam_deny.so account required /lib/security/pam_unix.so account [default=bad success=ok user_unknown=ignore service_err=ignore system_err=ignore] /lib/security/pam_ldap.so account [default=bad success=ok user_unknown=ignore service_err=ignore system_err=ignore] /lib/security/pam_krb5.so password required /lib/security/pam_cracklib.so retry=3 type= password sufficient /lib/secu...