similar to: Winbind authenticating its default domain but not trusted domains

Displaying 20 results from an estimated 7000 matches similar to: "Winbind authenticating its default domain but not trusted domains"

2011 Aug 31
1
Auto creation of home directories on Samba-3.5.4(CentOS 6) using PAM authenticating via ADS
Hi, I have installed samba 3.5.4 on Centos 6 and have set it up to authenticate to a Windows 2008 Domain Controller. When I do a "su - some-domain-user", the home directory gets created. However, I want the home directory to be created when a user accesses the samba shares(no shell access). Following are the relevant configurations. What are the PAM changes I need to make? Help is much
2003 Jun 27
0
authentication to ADS via Kerberos at login?
Hello Andrew, I'm a little stuck with my login authentication for my Samba 3 box. With the new features in Samba 3 - Should I be able to provide username@domain & password at login that would authenticate me against our W2K ADS PDC and obtain my kerberos ticket? Please advise on the suggested way to authenticate against our Active Directory domain at login if I'm way off base on
2006 Sep 12
0
Samba, winbind, krb5 Auth problem
Hi all I'm actually trying to setup an AD authentication on linux workstations. - I've setup an windows AD 2003 server, which work fine. - I've setup linux redhat 4 enterprise server (used as a workstation for the moment) - On the redhat, I already have setup smb.conf, krb5.conf, nsswitch.conf, pam.d/login, pam.d/system_auth. I have pasted all these files below. ==> I get
2012 Jan 17
0
Samba 3.5.10 pam authentication question
So I have Samba 3.5 set up to use pam to authenticate against kerberos. This seems to be working fine when I connect to the from a linux system using smbclient. However, when I try to connect from a windows system, it fails. I cranked up the debug level, but I'm unable to figure why this does not work. I feel I'm missing a component to this. I use samba on a handful of our servers,
2006 Sep 06
0
AD logins using winbind looking for user in /etc/shadow
I'm running CentOS 4.3 with the most recent samba-client and samba-common rpms. I've managed to configure samba/winbind to allow me to join the box to the AD, create the UID and GID mappings, etc. However, when I try to connect via ssh, the account cannot log in. /var/log/messages says the following: Sep 5 17:15:25 kdcdmz sshd[6263]: error: Could not get shadow information for
2010 Apr 16
1
offline logon in 3.4.7-58
Having issues adapting our 3.4 configuration that worked very well using idmap rid in 3.3. It seems like winbind does not cache the credentials despite all of the settings being present. I can set winbind offline via smbcontrol and have it work, but if I reboot the machine (important for my laptops) off the network winbind complains that it can't find the logon server. When disconnected and
2010 Feb 16
2
pam_mount
Hi all, I am a bit confused about the usage of pam_mount. Here is my /etc/pam.d/system-auth: auth required pam_env.so auth required pam_mount.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_krb5.so use_first_pass auth required pam_deny.so account
2015 Jun 03
0
ID command does not show up correct group memberships on Winbind
Hi, I have these following configurations: Active Directory 1 = DomainA.com AD1 Primary Group = Domain Users AD1 Group 1 = Linux (member: DomainB\ad2testuser1) Server joined = linux1.DomainA.com (configured Kerberos and Winbind Samba4 from sernet) Active Directory 2 = DomainB.com AD2 Primary Group = Domain Users (member: DomainB\ad2testuser1) AD2 User 1 = ad2testuser1 note: (1)
2013 Apr 05
0
Struggling with Samba + AD member config (winbind auth failing) :(
Hello Samba List, I am struggling with connecting samba to our AD servers. Thought it will be easy as before but I was wrong. DCs: Windows Server 2012 (2x) with AD Domain Forest/Level 2003 NATIVE. + SBS 2003 (will be removed, migrating from SBS AD to new 2012 servers) -standard AD schema with exchange attributes DID NOT INSTALL UNIX attributes. This is required for SSSD. Thought i would go
2015 Apr 02
0
kinit succeeded but ads_sasl_spnego_krb5_bind failed: Cannot contact any KDC for requested realm
Hi, I've successfully joined a CentOS server to our AD domain: AD: Windows Server 2008 RC2 with Windows Services for UNIX AD member: CentOS 6.6, sernet-samba-4.1.14-9, authentication via Kerberos and Winbind >From time to time the following entries show up in the messages file: Apr 2 11:54:15 barbarella nss_wins[4254]: [2015/04/02 11:54:15.339983, 0]
2014 Jan 19
1
sudo (+ldap+kerberos) not accepting password
So I have this centos 5.10 box which authenticates network users against ldap(authorizing)+kerberos(authentication). And I now would like to have sudo be able to allow admins (netgroup chinbeards) to sudo about. I am not using sssd though (yet). Here is the output of me trying sudo (debug on): [raub at centos5-x64 ~]$ sudo pwd LDAP Config Summary =================== uri
2013 Jan 08
0
{Samba4] Problem with Joining Samba3 to Samba4 AD Domain
Hello everyone I have reached the end of my rope and desperately need help. I recently installed two Samba4 Active Directory Domain Controllers on CentOS 6.3 which are working perfectly, and I had joined a Samba3 Server to this domain and everything went well. I could authenticate users on samba3 server and could see all the groups in the domain, but I was having permissions problem accessing the
2019 Mar 09
0
GSSAPI and usernames, not Kerberos ticket names
Hi all, I've got a Dovecot v2.3.3 IMAP with GSSAPI auth set up. This server is in main domain, 'contoso.com'. I also have several subdomains. My problem is usernames with GSSAPI authentication: When I try to login as 'user' or as 'user at CONTOSO.COM' - everything works. But, 'user at contoso.com' auth fails. But when I try to login as subdomain user,
2012 May 31
1
Tangential Issue: idmap backend = ad and Active Directory 2008R2
Tried single quotes on Domain Admins in the pam.d file as well as a backslash on the space with no effect. I've found several references that just say "no spaces in group names." Is there really no way to do this? Also, most references I find to using these lines in pam.d say that "sufficient" should work, but I'm finding that users in the named group can then log in
2008 Nov 27
3
SMBD not authenticating against Active Directory
Hi, Iam trying to setup Samba version 3.2.3 on Redhat (RHEL5) server to use Active Directory for authentication. I followed the instructions from article in following website: http://technet.microsoft.com/en-au/magazine/dd228986.aspx Setup Winbind + Samba + Kerberos and it seems to work fine. I can see the users in Active Directory through winbind as well as authenticate users using NTLM
2005 Dec 16
1
samba Active directory and SSO
Dear all, I guess there were a lot of posts about this subject, but Im really stuck & prefer start a new thread hoping that some of you won't mind re-posting to help the Samba NewBie that I am. well, here is my situation: - more than 1000 users on a hetegenous network, One Domain & the need to keep only one. - I need my Linux Boxes' users to get authenticated against a single
2006 Jan 18
4
Linux/AD authentication stops working after ~5 minutes
I'm trying to do something fairly simple: login to a Linux box using a Windows AD-based account. I've followed the various recipes available online for configuring Linux (winbind, PAM, etc.) to this send, and I've got it working ... almost. I'm able to authenticate an AD-based user immediately after bringing up the Linux box, but a short time later (roughly 5 minutes, but it
2013 Jun 19
1
"The account is not authorized to login from this station"
Good Day, I am testing, in a lab environment, samba shares with ad authentication for access. My setup is as follows : * Windows 2008 RC2 * RHEL 5.9 * Windows 7 * Windows XP SP3 * Samba 3.0.33-3.39.el5_8 All machines, including the RHEL Server having been added to the Domain running on the Windows 2008 RC2 Server. As per the subject, when trying to connect, from XP or Win 7, to the shares I
2007 May 25
0
Sometimes PC can not find network path
Dear all, I have a linux server that uses redhat AS4.I want to make a samba file server.Because we have a windows 2003 domain,I must use "security = ADS".The samba version is samba-3.0.10-1.4E.9. The samba server joined windows 2003 domain successful.I can find samba server in the "network neighborhood".Client PC access samba server must confirms with PDC.The domain member
2016 Jan 19
0
Samba AD/DC, Single-Sign-On, domain users cannot change password
On Tue, 19 Jan 2016 15:15:15 Rowland penny <rpenny at samba.org> wrote: > I have attached a new version of change_AD_pass, would you like to test it ? Yes, I will give it a shot! > I am also wondering if there is a need for a script that would change a > users password and at the same time set the unixUserPassword ? My domain users do not have a local Unix entry in /etc/passwd,