similar to: question regarding Perl + PAM + Winbindd

Talking to myself again ;-) Samba-tool is working a little bit different then the silo/policy management on a Windows-DC. On a Windows-DC after assigning the user and host to the silo you have to assign the silo to the user and the host. When assigning the user and host to the silo with samba-tool, the assignment to the user and the host will be done at the same time. So now my policy looks

Thanks Rob for chiming in. Stefan, I do want to be very clear, one of the big challanges that we as developers face building these kind of tools is that we don't run AD domains day-to-day. So we really value good feedback on the ergonomics. If you can test with our work in progress, we are keen to adapt the tooling where possible to be more in line with what is 'naturally expected, so

Hi Stefan, We had a long weekend in New Zealand, I'm catching up now to your emails. Some of the slight differences between Windows tools I've already picked up on and are in my PR Andrew Bartlett mentioned on Friday, but I'm always open to learning what things are missing or different etc. On 23/10/23 02:58, Stefan Kania via samba wrote: > Talking to myself again ;-) > >

I'd like to: 1) use samba3 as a PDC, and 2) not use LDAP as the account backend database, and 3) specify samba to use but use "encrypt passwords = true", and 4) use an ldap server as the authentication source for samba. Is that possible? I'd assumed it would be given that samba is pam-aware, and I can tell pam to use ldap for authN. However, the man page for smb.conf seems to

Hello all, I am trying to understand how SAMBA finds nearest Domain Controller when configured to use Active Directory for AuthN. There are some great articles and wikis about how to configure SAMBA against AD, but couldn't find much on what I was looking for. For example 1. Does Samba have built in dc locator functionality like windows clients ? 2. What is the default authN it uses, NTLM

Hi all, We have Exim using Dovecot for authentication. Dovecot, in turn, consults a custom internal server that answers Dovecot?s userdb queries. When IMAP connections arrive, for some users we want to forward those connections--without authentication--to an external IMAP server. For these users, we return ?proxy_maybe? and ?nopassword? in the authn response from our userdb server. This tells

CentOS Errata and Bugfix Advisory 2014:0641 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0641.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 569fc16f6dfa7b701f3b62c505f63516e71eea94cdf8ad7722420992f8fee107 perl-Authen-SASL-2.13-3.el6.noarch.rpm x86_64:

CentOS Errata and Bugfix Advisory 2014:1679 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1679.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 1c0de42b7e9c425bbe61b7ebf40c18881c3d08a61d2bb02dcb9cab89c2aebc49 perl-Authen-SASL-2.15-10.el7.noarch.rpm Source:

[ using FreeBSD 8.2, but I don't think the problem is specific to their port ] For fail2ban purposes I'd like to log failed SSH authentication attempts of correct (i.e., existing) usernames. I have no issue with the logging of authn attempts to non-existing usernames. I've tried to set LogLevel=VERBOSE and MaxAuthAttempts=1 in sshd_config, but even then I didn't see

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

I've setup samba to use ldap. I've propogated the directory. I've setup the kerberos realm. I can authen to samba & browse shares via uid/passw held in ldap. I cannot seem to get samba to accept kerb authen instead of uid/passw. Help...... Thanks. Read the #$@^(!*&$!* manual, and about 200 webpages. Scanning news groups, recompiling..... Grrrrr!

On 24/09/2020 03:23, Chris Olive via samba wrote: > Been using Samba since the early days and it's always worked terrifically. > Install it from RPM or apt or yum, make a few tweaks to the smb.conf and > I'm off and running without fail. > > So to run into a situation where I'm getting denied has really stumped me. > I dialed up logging to try and get a peek into

Good day to all! We would like to authenticate our ejabberd against Dovecot with perl there's such a script http://www.ejabberd.im/files/contributions/check_dovecot.pl.txt that script uses following perl library - http://cpansearch.perl.org/src/SASHA/Authen-SASL-Authd-0.04/lib/Authen/SASL/Authd.pm Authentication is OK, but sub user_dovecot wich queues information about a specific user

I still can't get winbindd working properly even though I am making some progress here. I retrieved the latest CVS version last night and now I can finally use non-anonymous connections - that works very well. I *did* update both of the pam modules in /lib and /lib/security winbindd runs under the account of a regular domain user "wbinfo -u" shows me all users and "getent

Hi, Quick question...I read in the docs that: "Master user is still subject to ACLs just like any other user, which means that by default the master user has no access to any mailboxes of the user." ... and that the standard workaround is to return master_user=%u from the userdb. But why is the master_user authn-id used in the ACLs and not the authz-id (requested-login-user) ?

hello, i am getting this error when i am trying to update my system. yum update Gathering header information file(s) from server(s) Server: CentOS-3 - Addons Server: CentOS-3 - Base Server: Dag RPM Repository for Red Hat Enterprise Linux Server: CentOS-3 - Extras Server: CentOS-3 - Updates Finding updated packages Downloading needed headers Resolving dependencies ....Unable to satisfy

No real "standalone" or domains explicitly specified in the smb.conf file. This is a host with containers on it, but at this level, this is the smb.conf file for the host itself. Ironically when I install SMB in a container and spin it up it works fine. At the machine level it does not. All these issues took place before I tried it in a container, so the log I originally sent was when

hello perl experts i am working with "ast-rad-acc.pl" from http://www.voip-info.org/tiki-index.php?page=PortaOne+Radius+auth i dont know why $cdr{'DNID'} and $cdr{'CALLERID'} under 'sub send_acc {' are empty. i m successfully connected with asterisk manager and when call i hangup my perl application is getting that all other thing are ok but i dont know why only

Hi, I understand from earlier discussions that the reason dovecot doesn't support proxying of other SASL mechanisms than those which supply the plaintext password is that in general it would be possible to proxy any SASL mechanism since it might protect against man-in-the-middle attacks (which would prevent proxying). However, that has led to choice between letting users use PLAIN (or