similar to: Apache + auth_mod_kerb + Active Directory = SSO

On 30/06/16 18:30, Turner,Jonas wrote: > I have been trying to get SSO to work correctly with the following packages, and I appear I am missing something and I was wondering if anyone can help me or point me in the right direction? > > I am currently using the "auth_ntlm_winbind_module" for apache to try and authenticate and was hoping to get SSO to work. > > I have gone

All; My Google foo is failing me, and searching through the last 10 months on this mailing list hasn't helped either. We have an existing Active Directory domain set up, and I'd like to add a CentOS 8 Workstation to it. I have experience using both realmd and manual configuration to allow local login with AD accounts to various Linux distribution, and have this working on my test

I actually spent the entire last day getting 'ad' backend to work. Adding 'idmap config SAMDOM : backend = ad' and related lines in the client's smb.conf results in `getent passwd` ... Use : getent passwd username Check if wbinfo -u works also. As tip, if you try these. id username getent passwd username wbinfo -u | grep username If all work and show your usename,

Hello, I have a running setup with a dovecot imap4/pop3 proxy to a few dovecot backend servers which actually store the mailboxes. This is running smoothly and allows me to transparently distribute mailboxes. I'm using some "extrafield" configured in the LDAP passdb. However, now I would like to use GSSAPI (preferred) and NTLM for single sign-on. Both are pretty straightforward to

Announcement: The self service can be configured for passwordless SSO with Okta/OpenID. PHP 8.3 is supported and a new cron job can deactivate inactive accounts based on lastBind overlay data. This is a test version. Please report any issues till 2024-03-12. Full changelog: https://www.ldap-account-manager.org/lamcms/changelog Download:

Announcement: The self service can be configured for passwordless SSO with Okta/OpenID. PHP 8.3 is supported and a new cron job can deactivate inactive accounts based on lastBind overlay data. There is also a security fix included. Full changelog: https://www.ldap-account-manager.org/lamcms/changelog Download: https://www.ldap-account-manager.org/lamcms/releases Features: * management

moin *, sorry for the cross-post; follow-ups should go to xdg@ (the only one of those lists i'm subscribed to). i'm pondering with the idea to implement SingleSignOn based on an authentication agent like the ones employed by ssh and gnupg. the system would consist of the two main components: - fdo-keyagent, certainly a d-bus service - pam_keyagent. a PAM module that would authenticate

>That should tell you something. You're absolutely right on that. >> - Samba + (sssd) + Winbind + LDAP? Couldn't try this one, as I seen >> that basically sssd=Winbind (yet there WAS a module for Winbind to >> use sssd?) > >The winbind daemon came first and is used to connect Samba to AD, from >my understanding it was mostly written by one person. That

I have been trying to get SSO to work correctly with the following packages, and I appear I am missing something and I was wondering if anyone can help me or point me in the right direction? I am currently using the "auth_ntlm_winbind_module" for apache to try and authenticate and was hoping to get SSO to work. I have gone through all the steps on SEVERAL sites trying to figure out how

On Tue, 14 May 2024 07:29:25 +0000 Gerg? V?ri via samba <samba at lists.samba.org> wrote: > Hi! > > My goal is to connect Authentik to Samba (running on Ubuntu). > > What I tried (with no success): > - Samba directly to the LDAP outpost (as Authentik can expose it's > internal DB like that): this would/will work but Authentik can't use > the Samba scheme at

Hello list, I'm using samba/winbind (rhel4, samba-3.0.10, w2k-dc) for single sign on for windows users . When logged on to the linux mashine they run an application, which checks if the user has the same group rights ( appl. has local Unix-user/group "app", so the windows user should also be member of this group). I've tried with group mapping (map "app" to

On Tue, 24 Oct 2017 16:59:51 -0500, Robert Giles stated: >Hi folks, > >I've been sifting through various threads on GSSAPI and NTLM support, >and I'm wondering if anyone out there can confirm or deny GSSAPI IMAP >auth support in Microsoft Outlook 2016 (Windows)? Perhaps there's some >magic registry key to change IMAP auth from PLAIN to GSSAPI? > >We're

On 1 Aug 2019, at 12.26, Gert van Dijk via dovecot <dovecot at dovecot.org> wrote: > > passdb { > args = proxy=y host=127.0.0.1 port=1143 pass=#hidden_use-P_to_show# .. > auth: Info: static(username,1.2.3.4,<9WOjSwWP8toKAAYE>): No password > returned (and no nopassword) I think this is why it's not using the passdb at all. Try adding password=something to the

I have FC3 with samba 3.0.10-1. I've followed guidelines about Domain Menbership of The Official Samba-3 HOWTO and Reference Guide. All seems work fine. Win2K3 users log in my FC3, getent passwd and groups show all it must, testjoin is ok, "wbinfo -a user%password" reports : plaintext password authentication succeeded - challenge/response password authentication succeeded, ... When I

On Fri, 18 Jan 2019 09:15:18 +0000 Harpoon via samba <samba at lists.samba.org> wrote: > > ............ > > > > > You can, provided you have a user.map in smb.conf > > > > Oeps, Ah yes, forgot that, because he was testing on the DC. > > And DC's dont use the user.mapping. > > > > Thanks for the correction. > > With regard to tdb

Hi! My goal is to connect Authentik to Samba (running on Ubuntu). What I tried (with no success): - Samba directly to the LDAP outpost (as Authentik can expose it's internal DB like that): this would/will work but Authentik can't use the Samba scheme at the moment. - Samba -> PAM -> sssd -> LDAP outpost: in theory this worked a long time ago (SMBv1?) but as the password is not

So I was googling around about this over the last week and here is what I found: nis/yp is for some reason bad. Kerbos is holy, but no how-to's that don't involve windows and active directory. What is the recommended sso approach for centos? Where are there examples / docs to follow? Jason -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- -

Hi folks, I've been sifting through various threads on GSSAPI and NTLM support, and I'm wondering if anyone out there can confirm or deny GSSAPI IMAP auth support in Microsoft Outlook 2016 (Windows)? Perhaps there's some magic registry key to change IMAP auth from PLAIN to GSSAPI? We're trying to do single sign-on + e-mail for Windows domain users; Thunderbird GSSAPI works

I have a customer that I''m developing a solution for on RoR. They have IIS today and use Sharepoint for their intranet. Is it possible to have some kind of single sign-on between these systems? So when a user is logged in to ther Sharepoint she will also be logged in to my rails-app? We haven''t decided yet on what to deploy rails on so I''m open to suggestions... If we

Hi, I?ve been reading up on SSO-based logins for the last couple of weeks. I?ve found a lot of information about it, but nothing that matches my situation. Here?s the gist of my situation... - I have a Samba 3 PDC in our corporate office as well as three remote offices. - Each remote office is in a different physical building and connected to the Corporate office either via Point-to-Point T-1