similar to: FreeBSD ssh AD authentication

I having been trouble by this for a few days now and was wondering if anyone else has had any luck with this? I am currently running Samba 2.2.6pre2 on FreeBSD 4.7-RELEASE I have successfully set up samba to be the PDC I am unsuccessfully trying to change the passwords on the W2k box and I am recieving the error that the user name/password are incorrect make sure the caps lock is not on. When I

Hi, I've configured opie (one time passwords) under FreeBSD and I came across the following problem. It looks like libpam does not stop the authentication process when a 'requisite' module fails. I find this strange as the pam 'requisite' is defined in the man pages as: requisite - failure of such a PAM results in the immediate termination of the authentication process; Here

I'm running samba 2.5 on a FreeBSD box using winbind to do authentication with my PDC/BDC. I'm able to configure shares that everyone on the NT network can access but when I configure private shares (only 1 or 2 users have access to) the users get prompted for a username and password and are not allowed access. What am I doing wrong? Below I have included a copy of my smb.conf and pam.conf

I'm setting up a freebsd server which will authenticate against an Active Directory I mean: the server will NOT have any local users (except mandatory and minimum required for management and configuration) and will authenticate requests for login and access FOR EVERY SERVICE against an Active Directory Server I have configured the samba service and currently I can login to local terminal,

I've built a domain member. It works pretty good with the exception that I want on-the-fly home directories being built. I'm not sure this is doable with a domain member as everything I've tried isn't even called - as far as I can tell. Using log level 3. If anyone can shed light on how to dynamically create home directories, that'd be great. anyway, here's my

Login seems to be ignoring my /etc/login.access settings. I have the following entries (see below) in my login.access, yet any new user (not in the wheel group) is still allowed to login. What am I missing? # $FreeBSD: src/etc/login.access,v 1.3 1999/08/27 23:23:42 peter Exp $ # -:ALL EXCEPT wheel:console -:ALL EXCEPT wheel:ALL Thanks, -- Scott Gerhardt, P.Geo. Gerhardt Information

Hi, I'm trying to setup one-time passwords on freebsd5.2.1 >From what I've read so far, if the user is present in opiekeys, the opieaccess file determines if the user (coming from a specific host or network) is allowed to use his unix password from this specific network. As my opieaccess file is empty and the default rule (as mentionned in the man file) is deny, I should not be

I am having problems upgrading samba 3.0.36 to 3.3.7. I have a working installation of Samba 3.0.36 on FreeBSD 7.2 amd64, configured as a domain member in a 2003 AD, running in native mode. Domain controllers have Services for Unix 3.5 installed and I am using idmap backend with SFU schema mode. I have enclosed my configuration files and compile options further down. When I upgrade to version

Hello, I'm trying to set up a sendmail server on 4.8 that supports auth-based relaying. I followed the procedures at http://puresimplicity.net/~hemi/freebsd/sendmail.html, and aside from having to run makes manually in the library directories, I had no difficulty. I did not use the rebuild world recommendation, though. Everything is up and running, but whenever I try to send mail

Hi list, Sorry for the cros-post, I'm not sure which list is better for me as I got a question related to samba, configuration, FreeBSD. I'm trying to configure NT authentication on FreeBSD 5.4 with Samba 3.0.12 (installed form the ports collection). I've folowed the Samba 3 howto I've managed the following : wbinfo -g returns correctly the domain groups wbinfo -u returns all

Hi list, Sorry for the cros-post, I'm not sure which list is better for me as I got a question related to samba, configuration, FreeBSD. I'm trying to configure NT authentication on FreeBSD 5.4 with Samba 3.0.12 (installed form the ports collection). I've folowed the Samba 3 howto I've managed the following : wbinfo -g returns correctly the domain groups wbinfo -u returns all

Hmm, I thought using .opiealways would be the solution see: http://www.onlamp.com/pub/a/bsd/2003/02/20/FreeBSD_Basics.html Or http://people.freebsd.org/~des/diary/2002.html But I can still login with the standard password even if the opieaccess file is empty. -----Original Message----- From: owner-freebsd-security@freebsd.org [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Didier

Hello All: I am trying to authenticate against an Active Directory using winbind in my /etc/pam.d/sshd configuration (below). If the user is in the local password file, I can authenticate successfully using that user's Active Directory credentials. However, if the user is not in the local password file, I get the following errors. Nov 3 10:07:48 mailnat pam_winbind[29805]: request failed:

I've reproduced this bug in versions openssh-3.7p1 and openssh-3.8p1 I've verfived that it works PERFECTLY in versions openssh-3.6p1 and openssh-2.9p2 I have not tested any other versions. The problem is sshd will not authenticate passwords off a NT4 domain using winbind and pam. Broken Debug output is: debug1: PAM: initializing for "user" debug1: PAM: setting PAM_RHOST to

I've been trying for a couple of weeks to get FreeBSD + winbindd + PAM working, without success. I'm hoping that someone here has bumped into my problem before and has some advice to give. My current setup is winbindd from Samba 2.8.8a on both FreeBSD 4.8-RELEASE and 5.1-BETA. I've configured Samba with the following options: syslog, nocups, utmp, msdfs, quota, recycle, audit,

Okay, I guess I?ll be the first to take Colin Percival up in that the following statement applies to me: ?If you find a security problem -- or even if you find something which might possibly be a security problem but you're not certain if it is or not -- then please let us know.? I recently installed pam_radius according to the instructions located at the following address:

Greeting- I have a mixed network of ms-windows, macintosh and freebsd systems. I am setting up a FreeBSD 9.0 system as a PDC using samba. I can from a FreeBSD box attach to the SMB server as a user that is defined on the Samba Server. [wynkoop at dt0 ~]$ smbclient -L hp1 Enter wynkoop's password: Domain=[HARAPARTNERS] OS=[Unix] Server=[Samba 3.6.4] Sharename Type

Hi All I installed samba 3.0.23d on the FreeBSD 5.4 through the port tree and join to the Windows 2000 Domain. But I can't su anymore. And the Windows client cannot go into the share folder. I have pam_winbind.so at /usr/lib and /usr/local/lib. The error message shows: Jan 30 18:50:36 BSDSVR01 pam_winbind[26131]: request failed: No such user, PAM error was unknown user (13), NT error was

As an experiment I set up Challenge/response authentication on a Linux system with PAM using a pam_opie module (this module works fine with console logins and su). I can log into the box using the opie password, *but* it does not give me the challenge - which can make things a little tricky :-) I can well believe this might be a fault in the PAM pam_opie module I am using, so has anyone got

Hello, I am trying to keep my samba accounts in sync with my unix accounts. I want to login ssh. Syncing passwords works. Scenario: I create a new user: useradd -m testuser passwd testuser When I log in with the user pam_smbpass should create a corresponding samba user. I modified system-auth which is included in sshd: #### /etc/pam.d/system-auth auth requisite pam_unix.so