Displaying 20 results from an estimated 1000 matches similar to: "question regarding Perl + PAM + Winbindd"
2023 Oct 22
1
Question about silos and Authentication policies
Talking to myself again ;-)
Samba-tool is working a little bit different then the silo/policy
management on a Windows-DC.
On a Windows-DC after assigning the user and host to the silo you have
to assign the silo to the user and the host. When assigning the user and
host to the silo with samba-tool, the assignment to the user and the
host will be done at the same time. So now my policy looks
2023 Oct 23
2
Question about silos and Authentication policies
Thanks Rob for chiming in.
Stefan,
I do want to be very clear, one of the big challanges that we as
developers face building these kind of tools is that we don't run AD
domains day-to-day. So we really value good feedback on the
ergonomics.
If you can test with our work in progress, we are keen to adapt the
tooling where possible to be more in line with what is 'naturally
expected, so
2023 Oct 23
2
Question about silos and Authentication policies
Hi Stefan,
We had a long weekend in New Zealand, I'm catching up now to your emails.
Some of the slight differences between Windows tools I've already picked
up on and are in my PR Andrew Bartlett mentioned on Friday, but I'm
always open to learning what things are missing or different etc.
On 23/10/23 02:58, Stefan Kania via samba wrote:
> Talking to myself again ;-)
>
>
2012 May 15
1
would like to use samba3 pdc, no ldap account backend db, but use ldap for authN
I'd like to:
1) use samba3 as a PDC, and
2) not use LDAP as the account backend database, and
3) specify samba to use but use "encrypt passwords = true", and
4) use an ldap server as the authentication source for samba.
Is that possible?
I'd assumed it would be given that samba is pam-aware, and I can tell pam to use ldap for authN.
However, the man page for smb.conf seems to
2012 May 09
2
AD and SAMBA
Hello all,
I am trying to understand how SAMBA finds nearest Domain Controller when
configured to use Active Directory for AuthN.
There are some great articles and wikis about how to configure SAMBA
against AD, but couldn't find much on what I was looking for.
For example
1. Does Samba have built in dc locator functionality like windows
clients ?
2. What is the default authN it uses, NTLM
2020 Sep 28
1
custom userdb server, Exim, and proxying
Hi all,
We have Exim using Dovecot for authentication. Dovecot, in turn, consults a custom internal server that answers Dovecot?s userdb queries.
When IMAP connections arrive, for some users we want to forward those connections--without authentication--to an external IMAP server. For these users, we return ?proxy_maybe? and ?nopassword? in the authn response from our userdb server. This tells
2014 Jun 09
0
CEBA-2014:0641 CentOS 6 perl-Authen-SASL FASTTRACK Update
CentOS Errata and Bugfix Advisory 2014:0641
Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0641.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
569fc16f6dfa7b701f3b62c505f63516e71eea94cdf8ad7722420992f8fee107 perl-Authen-SASL-2.13-3.el6.noarch.rpm
x86_64:
2014 Oct 23
0
CEBA-2014:1679 CentOS 7 perl-Authen-SASL FASTTRACK BugFix Update
CentOS Errata and Bugfix Advisory 2014:1679
Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1679.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
1c0de42b7e9c425bbe61b7ebf40c18881c3d08a61d2bb02dcb9cab89c2aebc49 perl-Authen-SASL-2.15-10.el7.noarch.rpm
Source:
2011 Jun 22
0
Logging failed attempts to correct usernames
[ using FreeBSD 8.2, but I don't think the problem is specific to their port ]
For fail2ban purposes I'd like to log failed SSH authentication attempts
of correct (i.e., existing) usernames.
I have no issue with the logging of authn attempts to non-existing
usernames.
I've tried to set LogLevel=VERBOSE and MaxAuthAttempts=1 in sshd_config,
but even then I didn't see
2014 Jun 10
0
CentOS-announce Digest, Vol 112, Issue 4
Send CentOS-announce mailing list submissions to
centos-announce at centos.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-request at centos.org
You can reach the person managing the list at
centos-announce-owner at centos.org
When
2014 Oct 24
0
CentOS-announce Digest, Vol 116, Issue 13
Send CentOS-announce mailing list submissions to
centos-announce at centos.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-request at centos.org
You can reach the person managing the list at
centos-announce-owner at centos.org
When
2003 Oct 09
1
Samba3 ADS without Microsoft?
I've setup samba to use ldap.
I've propogated the directory.
I've setup the kerberos realm.
I can authen to samba & browse shares via uid/passw held in ldap.
I cannot seem to get samba to accept kerb authen instead of uid/passw.
Help......
Thanks.
Read the #$@^(!*&$!* manual, and about 200 webpages. Scanning news groups, recompiling..... Grrrrr!
2020 Sep 24
0
Can't connect after AuthN: NT_STATUS_ACCESS_DENIED
On 24/09/2020 03:23, Chris Olive via samba wrote:
> Been using Samba since the early days and it's always worked terrifically.
> Install it from RPM or apt or yum, make a few tweaks to the smb.conf and
> I'm off and running without fail.
>
> So to run into a situation where I'm getting denied has really stumped me.
> I dialed up logging to try and get a peek into
2013 Nov 20
1
dovecot perl sasl ejabberd
Good day to all!
We would like to authenticate our ejabberd against Dovecot with perl
there's such a script http://www.ejabberd.im/files/contributions/check_dovecot.pl.txt
that script uses following perl library - http://cpansearch.perl.org/src/SASHA/Authen-SASL-Authd-0.04/lib/Authen/SASL/Authd.pm
Authentication is OK, but sub user_dovecot wich queues information about a specific user
2002 Jun 07
0
winbindd + wbinfo -> NT_STATUS_CANT_ACCESS_DOMAIN_INFO
I still can't get winbindd working properly even though I am making some
progress here.
I retrieved the latest CVS version last night and now I can finally use
non-anonymous connections - that works very well. I *did* update both of the
pam modules in /lib and /lib/security
winbindd runs under the account of a regular domain user
"wbinfo -u" shows me all users and "getent
2014 Feb 09
1
master user and ACL's
Hi,
Quick question...I read in the docs that:
"Master user is still subject to ACLs just like any other user, which
means that by default the master user has no access to any mailboxes of
the user."
... and that the standard workaround is to return master_user=%u from
the userdb.
But why is the master_user authn-id used in the ACLs and not the
authz-id (requested-login-user) ?
2006 Jul 16
2
yum fails on resolving dependencies
hello,
i am getting this error when i am trying to update my
system.
yum update
Gathering header information file(s) from server(s)
Server: CentOS-3 - Addons
Server: CentOS-3 - Base
Server: Dag RPM Repository for Red Hat Enterprise
Linux
Server: CentOS-3 - Extras
Server: CentOS-3 - Updates
Finding updated packages
Downloading needed headers
Resolving dependencies
....Unable to satisfy
2020 Sep 24
1
Can't connect after AuthN: NT_STATUS_ACCESS_DENIED
No real "standalone" or domains explicitly specified in the smb.conf file.
This is a host with containers on it, but at this level, this is the
smb.conf file for the host itself. Ironically when I install SMB in a
container and spin it up it works fine. At the machine level it does not.
All these issues took place before I tried it in a container, so the log I
originally sent was when
2005 Jul 18
0
why $cdr{'CALLERID'} and $cdr{'DNID'} are empty in perl agi connected with asterisk manager
hello perl experts
i am working with "ast-rad-acc.pl" from
http://www.voip-info.org/tiki-index.php?page=PortaOne+Radius+auth
i dont know why $cdr{'DNID'} and $cdr{'CALLERID'}
under 'sub send_acc {' are empty. i m successfully
connected with asterisk manager and when call i hangup
my perl application is getting that all other thing
are ok but i dont know why only
2015 Feb 25
2
Proxying of non "plain" SASL mechnisms.
Hi,
I understand from earlier discussions that the reason dovecot doesn't
support proxying of other SASL mechanisms than those which supply the
plaintext password is that in general it would be possible to proxy any
SASL mechanism since it might protect against man-in-the-middle attacks
(which would prevent proxying).
However, that has led to choice between letting users use PLAIN (or