similar to: Proposal for collaboration

On 10/06/16 13:46, Kaplan, Andrew H. wrote: > Hello -- > > The winbind packages that are installed on the server are the following: > > Package Description > libnss-winbind 4.3.9+dfsg-0ubuntu0.14.04.3 amd64 Samba nameservice integration plugins > libpam-winbind 4.3.9+dfsg-0ubuntu0.14.04.3 amd64 Windows domain authentication

On 10/06/16 12:47, Kaplan, Andrew H. wrote: > Hello -- > > I started a thread on the list that you suggested in your e-mail, and thank-you for the reference. > > Also, I checked the auth.log file on the server, and the following entries were present: > > I checked the auth.log file, and the following entries were present: > > Jun 10 07:10:50 <samba server>

Hello -- I removed the ldap and sssd packages from the server, and I am trying to get winbind to work on the system. The configuration of the /etc/samba/smb.conf file's global section is the following: [global] ## Browsing/Identification ### # Change this to the workgroup/NT-domain name your Samba server will part of security = ads realm = <domain name> workgroup =

Hello -- The version of Samba that I am running on the server is the 4.3.9 Ubuntu package. To that end, I reconfigured the smb.conf file to reflect the entries listed in your e-mail. I added the syntax: default shell = /bin/bash to the smb.conf file, and restarted the samba and winbind daemons. Unfortunately, the getent passwd command indicated the /bin/false shell was still the default. What

The problem that I am now facing is the fact there is no NIS domain that can be selected from the dropdown menu, which, in turn, prevents the login shell from being modified. ________________________________ From: Data Control Systems - Mike Elkevizth [mike at datacontrolsystems.com] Sent: Friday, June 10, 2016 3:14 PM To: Kaplan, Andrew H. Cc: samba at lists.samba.org; Rowland penny Subject:

On 15/05/2020 14:56, Orion Poplawski wrote: > On 5/15/20 12:56 AM, Rowland penny via samba wrote: >> On 14/05/2020 21:59, Orion Poplawski via samba wrote: >>> Sorry, I thought I had re-enabled delivery, but I had not.? So >>> trying to reply >>> to Rowland Penny here: >>> >>>> On 14/05/2020 18:46, Orion Poplawski via samba wrote:

I think the subject says it all. We don't run named. It seems there are chronic issues with bind. Can these packages be removed? We locally authenticate. I see this: Removing for dependencies: bind-utils ipa-client sssd sssd-ad sssd-ipa We shouldn't need any of that with local authentication (/etc passwd and /etc/shadow) right? This message contains information which may be

Thanks for the direction Jeremy - the people of sssd-users are indeed good and helpful people and have pointed me to the fix :) (see https://lists.fedorahosted.org/archives/list/sssd-users at lists.fedorahosted.org/thread/UJJYWCIJL5AFGV3RACYCBFPHN3NMJMNY/ ). BTW, thanks for all your great contributions to Samba! On Sat, Nov 5, 2016 at 4:54 PM, Jeremy Allison <jra at samba.org> wrote: >

Hello -- The winbind packages that are installed on the server are the following: Package Description libnss-winbind 4.3.9+dfsg-0ubuntu0.14.04.3 amd64 Samba nameservice integration plugins libpam-winbind 4.3.9+dfsg-0ubuntu0.14.04.3 amd64 Windows domain authentication integration plugin libwbclient0 4.3.9+dfsg-0ubuntu0.14.04.3 amd64 Samba

Hi, I have a feeling that Rowland is correct that all the different authentication methods are interfering with one another. I can say all I have is winbind and it works fine for me. My relevant pam-auth-update modules are: [*] Unix authentication [*] Winbind NT/Active Directory authentication [*] Register user sessions in the systemd control group hierarchy [*] Create home directory on login

Hello everybody, What is the status of the freeipa/sssd and samba conflicts in the repositories? I can not wrap my mind around that two big packages are not getting security updates anymore, because they are conflicting. I will go to FOSDEM in Belgium this year to figure out more, but I am considering moving my centos systems to rockylinux. Kind regards, Jelle de Jong On 12/16/22 16:59,

El 30/03/15 a les 17:33, Luca Olivetti ha escrit: >> >> If you are having problems with installing sssd with the sernet >> packages, I would suggest that you ask for help on the sssd mailing list. > > Maybe. Or maybe not: https://lists.fedorahosted.org/pipermail/sssd-users/2014-January/001303.html :-( Bye -- Luca Olivetti Wetron Automation Technology

On 30/03/15 21:19, buhorojo wrote: > On 30/03/15 21:55, Luca Olivetti wrote: >> El 30/03/15 a les 17:33, Luca Olivetti ha escrit: >> >>>> If you are having problems with installing sssd with the sernet >>>> packages, I would suggest that you ask for help on the sssd mailing >>>> list. >>> Maybe. >> Or maybe not: >> >>

On 2015-11-08 at 11:47 +0100, buhorojo wrote: > On 08/11/15 00:32, Michael Adam wrote: > >On 2015-11-07 at 23:51 +0100, buhorojo wrote: > >>On 07/11/15 23:20, Rowland Penny wrote: > >>>you would need the RFC2307 attributes, something that doesn't happen on > >>>the DC at present. > >>rfc2307 attributes are a reality on DCs and have been ever

Hi, What version of Samba are you running (samba --version)? Some of the smb.conf parameters have changed in more recent versions. I'm running the standard version supplied with Ubuntu which is currently 4.3.9. My configuration on member servers is as follows: [global] # Base options workgroup = <NETBIOS DOMAIN> realm = <AD DOMAIN> netbios name = <THIS MACHINE'S NETBIOS

On 12 April 2015 at 14:34, Rowland Penny <rowlandpenny at googlemail.com> wrote: >> - perhaps use sssd? (which I haven't yet investigated, to be honest) > > You could try sssd, this has a backend like the winbind backend and will > also work on the DC (well it did the last time I tried it, which was some > time ago) . Thanks! I'm looking at

Hello ? Thank-you for your e-mail. I corrected the syntax in the file, and I have confirmed the permissions are correct: -rw-------. 1 root root 266 Jun 23 08:45 sssd.conf Unfortunately, the error condition and messages listed in my initial e-mail are still present. From: l at avc.su [mailto:l at avc.su] Sent: Thursday, June 23, 2016 8:34 AM To: CentOS mailing list; Kaplan, Andrew H.

Hi, You need to make sure that the user has the rfc2307 "loginShell:" attribute set. See https://wiki.samba.org/index.php/Administer_Unix_Attributes_in_AD_via_ADUC for how to set it. Mike E. On Fri, Jun 10, 2016 at 2:11 PM, Kaplan, Andrew H. <AHKAPLAN at partners.org> wrote: > Hello -- > > The version of Samba that I am running on the server is the 4.3.9 Ubuntu >

Hello, I have set up IPA on a private network and have hit some bumps configuring sudo access for the clients. kinit seems to work fine for both client and server, user and root. When I run sudo on the server I see the following in /var/log/messages: Oct 17 17:53:52 192-168-0-100 [sssd[krb5_child[29237]]]: Decrypt integrity check failed Oct 17 17:53:52 192-168-0-100 [sssd[krb5_child[29237]]]:

Hi all, At my organisation we have an LDAP infrastructure built on OpenLDAP, between Unix boxes running OpenSSH at multiple sites. It works well but the SSH key management is something of an inconvenience, especially as we would like to implement SSO with ssh-agent and passphrased keys. There is an OpenSSH patch called LPK which can allow the authorized_keys to be stored in LDAP, and that