Displaying 11 results from an estimated 11 matches for "windowsdomain".
2018 Mar 27
5
ODP: Re: freeradius + NTLM + samba AD 4.5.x
...ads join.
Most important configuration to make mschapv2 only with ntlmv1 overall
disabled (except for mschapv2) is setting in freeradius in
/mods-available/mschap:
mschap {
.....
ntlm_auth = "/path/to/ntlm_auth *--allow-mschapv2* --request-nt-key
--username=%{mschap:User-Name} --domain=WINDOWSDOMAIN
--challenge=%{%{mschap:Challenge}:-00}
--nt-response=%{%{mschap:NT-Response}:-00}"
OR (if your Freeradius supports it)
winbind_username = "%{%{mschap:User-Name}:-00}"
winbind_domain = "WINDOWSDOMAIN"
The former works just fine, the latter requires freeradius to be buil...
2018 Mar 28
0
ODP: Re: freeradius + NTLM + samba AD 4.5.x
...o make mschapv2 only with ntlmv1 overall
> disabled (except for mschapv2) is setting in freeradius in
> /mods-available/mschap:
>
> mschap {
>
> .....
>
> ntlm_auth = "/path/to/ntlm_auth *--allow-mschapv2* --request-nt-key
> --username=%{mschap:User-Name} --domain=WINDOWSDOMAIN
> --challenge=%{%{mschap:Challenge}:-00}
> --nt-response=%{%{mschap:NT-Response}:-00}"
>
> OR (if your Freeradius supports it)
>
> winbind_username = "%{%{mschap:User-Name}:-00}"
> winbind_domain = "WINDOWSDOMAIN"
>
> The former works just fine,...
2018 Mar 27
2
ODP: Re: freeradius + NTLM + samba AD 4.5.x
ok, tested it, and it works.
so to summarize:
on samba ad 4.7.x in smb.conf "ntlm auth" is set to "mschapv2-and-ntlmv2-only"
fr + samba domain member (4.6 and 4.7) in mods-available/mschap you have to add to ntlm_auth --allow-mschapv2 to the whole string OR just use winbind method, which sets correct flag without explicitly adding it.
with those settings ntlmv1 is blocked
2015 Jun 17
2
centos 7 dovecot 2.2.10 segmentation fault on devcot/auth using ldap driver in userdb
.../etc/dovecot/dovecot-ldap-userdb.conf3.ext
# Default fields can be used to specify defaults that LDAP may override
#default_fields = home=/home/virtual/%u
}
#ldap conf
---------------
hosts = myDChost
base = dc=company,dc=testdomain,dc=dom
ldap_version = 3
auth_bind = yes
auth_bind_userdn = windowsdomain\%u
user_filter = (&(objectclass=person)(|(mail=%u)(sAMAccountName=%n)))
user_attrs =
=uid=vmail,=gid=vmail,=home=/users/vmail/maildomain.com/%n,=mail_location=maildir:/users/vmail/maildomain.com/%n/Maildir
tls = yes
tls_require_cert = never
dovecot -n
---------------
# 2.2.10: /etc/dovecot/do...
1998 Apr 24
0
Password requred for IPC$
...og file = /usr/local/samba/var/log.smb
lpq cache time = 5
message command = /bin/mail -s 'SMB_Msg from %f@%m' root < %s; rm -f %s
netbios name = SAMBASERVER
password server = NTSERVER
preserve case = yes
security = user
smbrun = /usr/local/samba/bin/smbrun
syslog = 0
workgroup = WINDOWSDOMAIN
--
Best regards.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Alexey V. Abashkin AKA alx@star.ssu.runnet.ru
2004 Nov 25
0
smb.conf for PDC
...rity
#hosts allow = 127.0.0.1 192.168.?.?
security = user
logon home=\\%L\%U\.profiles
logon drive = H:
logon path = \\%L\profiles\%U
[netlogon]
path = /home/samba/netlogon
browsable = no
Now when I try to add the machine, where the samba server is running to the windows domain:
#net rpc join -w windowsdomain -U Administrator%passwd
I get the error:
Could not connect to the server
The username or password was not correct or the command is false?
Can somebody plz tell me, what I am doing wrong.
Cheers
Alam
________________________________________________________________
Verschicken Sie romantische, c...
2005 May 05
0
Login problems in Windows XP
First, I dont know if this issue is related to Samba or to Windows, but
since all of our clients logon to a samba-served windowsdomain I suspect
this problem at least is related to samba.
Background
We have 80 clients serving around 1000 users (this is a computerroom for
students). Clients are running a Windows XP SP1 fully pathed
installation. All users log on to a samba domain (samba 3.0.13 running
on a fully pathed Solari...
2018 Mar 26
2
freeradius + NTLM + samba AD 4.5.x
...docs it actually still uses
ntlm_auth, but for whatever reason this works, and "traditional"
ntlm_auth doesn't.
So in your freeradius mods-enabled/mschap instead of ntlm_auth...... put
something like this:
winbind_username = "%{mschap:User-Name}"
winbind_domain = "*WINDOWSDOMAIN*"
(not sure about external links in the mailing list, but here is the link to the freeradius doc explaining in detail:
https://wiki.freeradius.org/guide/Active-Directory-direct-via-winbind
What I can't test right now, if it will work with mchapv2 password change (if required), since free...
2018 Mar 26
3
freeradius + NTLM + samba AD 4.5.x
Ok, I finally could try it out, and it seems to actually work, but You
need samba 4.7 on all machines, not only AD, but also server with
freeradius. I didn't get a chance to test it locally, that is samba AD +
freeradius on the same server.
Setup: 4.7.6 AD server and 4.6.2 samba member + freeradius didn't work
(got simple "nt_status_wrong_password")
but: 4.7.6 AD and 4.7.1
2015 Jun 04
5
Cannot join Ubuntu12.04 Samba 4.1.17 to domain
On 03/06/15 23:54, ivenhov wrote:
> I've made all changes to 3 files you mentioned, also removed everything
> except localhost in hosts file.
> SO I have minimal smb.conf and minimal krb5 file
>
> Unfortunately error is still the same.
>
> If I try to join with full OU path I get kerberos_kinit_password
> testuser at MYNAT.MYCO.BCU failed: Cannot contact any KDC for
2015 Jun 04
3
Cannot join Ubuntu12.04 Samba 4.1.17 to domain
...ox.
> It's just this particular site (with large AD infrastructure) where it's
> failing.
I never got it to work with the quation marks, so I used "net ads join
createcomputer=My/Ou/For/Servers -U testuser", where 'testuser' only
have got the "add computer to Windowsdomain privileges" on named OU.
Samba version 4.1.12.
> I don't quite understand is why it complains about KDC why in fact I can
> ping it and get ticket via kinit.
> What would be next step to diagnose it? I'm out of ideas at this point.
>
I had a similar error as you first pr...