similar to: Help integrating CentOS 6 with existing network login infrastructure

The company where I work is mostly a Windows shop, but I run a few CentOS servers and desktops. I have configured my systems as follows with Kickstart: authconfig --enablemd5 --passalgo=sha512 --enablenis --nisdomain=XXX \ --nisserver=nis1.XXX.com,nis2.XXX.com --useshadow --enablekrb5 \ --krb5realm=XXX.COM --krb5kdc=ldap.XXX.com --krb5adminserver=ldap.XXX.com The /etc/nsswitch.conf file

We currently use a combination of Kerberos and NIS to manage users on our CentOS 6 systems in a Windows AD environment. NIS is provided by Windows Services for UNIX (or something named similarly), which has some issues, and is also not going to be supported by Microsoft in the future. NIS supplies the passed file as well as the auto mount map for home directories as shown by this excerpt from

I seem to have this very odd issue with CentOS 6 WRT NIS. I have taken the package selection that I used with CentOS 5 and basically plopped it into my C6 kickstart file (see below). On C5 this works just fine and I'm able to log in with NIS credentials just fine. However, it looks like on C6 if you use a package selection like this, you also need to specify the yp-tools package as part of

Hi I read and used the article http://blog.wazollc.com/Lists/Posts/Post.aspx?ID=2 to authenticate my ad accounts when logging on to cent 5...however, once I edit the nsswitch.conf file, I can't even log on as root or any local users anymore. Kinit seems to initialize fine doing a kinit username at MYDOMAIN.COM , however doing a getent passwd adusername ....it just sits there in the shell and

The 5.3 upgrade broke the kickstart procedures for my xen virtual machines. They are installed via http. 1. The installer sets up the timezone interactively even though it is specified in the kickstart file. Not a big deal, though. 2. The installer hangs unpredictably when installing selinux-policy-targeted-2.4.6-203.el5.noarch.rpm. Performing a dozen or so installs, sometimes the

I found what I needed to do DOMAIN=MIND.UNM.EDU SHORT=MIND authconfig --enablekrb5 --krb5kdc=${DOMAIN} --krb5adminserver=${DOMAIN} --krb5realm=${DOMAIN} --enablewinbind --enablewinbindauth --smbsecurity=ads --smbrealm=${DOMAIN} --smbservers=${DOMAIN} --smbworkgroup=${SHORT} --winbindtemplatehomedir=/na/homes/%U --winbindtemplateshell=/bin/bash --enablemkhomedir --enablewinbindusedefaultdomain

I am trying to update a computer from Fedora Core 4 to Fedora Core 6. My plan is to do this using PXE and a kickstart file. I am implementing the use of an FTP and DHCP server. The computers I am updating are diskless workstations, meaning they have no hard drives and they boot off of the network. I have configured my dhcp.conf file, my ks.cfg (kickstart file), my tftp server and so on, but

My smb.conf file now looks like so [global] #--authconfig--start-line-- # Generated by authconfig on 2017/10/30 10:47:34 # DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--) # Any modification may be deleted or altered by authconfig in future workgroup = MIND password server = MIND.UNM.EDU realm = MIND.UNM.EDU security = ads idmap config * : range = 2000-7999

Hey everyone, Is anybody aware of a /true/ active/active multi-head and multi-target clustered iSCSI daemon? IE: Server 1: Hostname: host1.test.com IP Address: 10.0.0.1 Server 2: Hostname: host2.test.com IP Address: 10.0.0.2 Then they would utilize a CLVM disk between them, let's call that VG "disk" and then directly map each LUN (1,2,3,4,etc) to LV's named 1,2,3,4,... and

fedora's authconfig must edit a bunch of files On Mon, Oct 30, 2017 at 10:53 AM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > I found what I needed to do > DOMAIN=MIND.UNM.EDU > SHORT=MIND > authconfig --enablekrb5 --krb5kdc=${DOMAIN} > --krb5adminserver=${DOMAIN} --krb5realm=${DOMAIN} --enablewinbind > --enablewinbindauth --smbsecurity=ads --smbrealm=${DOMAIN}

Hi, I want to make secure my python http server.. what should i use ? chroot ? there are something more secure ? On my centos server I've SE enabled..then .. sandboxing ? Thanks very much lewis -- Linux and Windows 2003/2008 Server. http://predellino.blogspot.com/

Hello, Currently The CentOS project publishes errata on its CentOS Announce mailing list. In order to import this into a package management system (like Katello on The Foreman), one needs to parse the mailing list and convert it into XML before importing it. This is done to some extent on http://cefs.steve-meier.de/ but some more legwork needs to be done before The Foreman can understand the

OK, so I did an upgrade to PHP 5.3 on one of my servers. I noticed the uninstall of php also removed SquirrelMail and it won't install under PHP 5.3. Has anybody worked this out with a good RPM or repo solution? -- John Hinton 877-777-1407 ext 502 http://www.ew3d.com Comprehensive Online Solutions

Hi all, Isn’t it always the way that you find what you need after posting a question: net idmap set secret ‘*’ password Cheers, Mark From: Mark Cooke Sent: 04 February 2016 11:43 To: 'samba at lists.samba.org' Subject: What is the equivalent of net idmap secret in samba 4.2 ? Hi Everyone, The documented command in net(8) for setting the LDAP password appears to have gone away in

Hi Everyone, The documented command in net(8) for setting the LDAP password appears to have gone away in the refactoring between samba 4.1 and 4.2: # net idmap secret * password Invalid command: net idmap secret Does someone have a pointer to a method to set the ldap auth credentials with samba 4.2? Setup: Domain member server 1 - originally setup using SL7.0, samba 4.1, hosting the ldap

Hi, I'm facing a problem with setting up LDAP+TLS client authentication in a kickstart script on CentOS7 for several days. Setting up manualy the config with system-config-authentication works but I need to automate this in kickstart for deploying cluster nodes. This show that the server side is running fine. At this time the message is #systemctl status sssd |....

Hello! I have recently gone through the hassle of trying to get a CentOS 5 server (no gui) with Samba to use ADS for security. After several days of googling and trying different howtos I finally got it working, I now want to write a howto for CentOS 5, Samba 3.0 and Windows Server 2003 SP2. Basically it's a combination of http://www.howtoforge.com/samba_ads_security_mode and

nope that just brute forced homedir and shell. It'll work for what I want this machine for but I'd like to get the homedir and shell from AD On Mon, Oct 30, 2017 at 10:54 AM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > My smb.conf file now looks like so > [global] > #--authconfig--start-line-- > > # Generated by authconfig on 2017/10/30 10:47:34 > # DO NOT

Hi Team, I have the kick start file where my root password is store like # Root password rootpw --iscrypted $1$1SItJOAg$UM9n7lRFK1/OCs./rgQtQ/ # System authorization information auth --useshadow --passalgo=sha512 Is there any way to decry pt the password and get it as plain text. I know single user mode works but my case it in remote site. Thanks, Jegadeesh

I am not sure how to correctly troubleshoot this. I just noticed that my /var/log/xferlog file is huge. There are no files in /etc/logrotate.d/ for xferlog. This is what leads me to believe that it isnot rotating. Or perhaps I do not have it set to rotate. I am not sure. I am running CentOS release 5 (Final). Can someone tell me what I, apparently, do not have configured correctly. Thank