similar to: kerberos/Samba integration questions

Hello. We're running Samba 4.3.9 AD on two Ubuntu 16.04 LTS machines. I'm managing AD users and DNS from Windows 10 joined to the domain, by using ADUC. Last week I noticed the following error when starting ADUC as Administrator of the AD domain: ---- Naming information cannot be located because: The RPC server is unavailable. Contact your system administrator to verify that your domain

I am trying to get puppet to manage my LDAP users but I don''t appear to be having much success. What I have in puppet.conf is this [puppetmasterd] ldapserver=ldap.myorg.company.com ldapbase=dc=myorg,dc=org ldapuser=cn=admin,dc=myorg,dc=org ldappassword=mysecret ldapparentattr=dc=myorg,dc=org I added the ldapparentattr in desperation and doubt if

Hello, ALL. I am trying to organize a transparent single sign-on concept for my Active Directory users into Dovecot via IMAP. On the user's desktop I use Thunderbird 6.0 as a mail client (MUA), Windows XP as an operating system. Domain is controlled by Windows 2008 Server SP2 with Active Directory. I have installed on my Mail server Debian GNU/Linux 6.0.2 (Squeeze) and Dovecot 2.0.13 from

Hi. First, i would like to thank samba developers for producing such a good product. Second, i have a few questions/remarks : I have recently replaced a w2k file server running in w2k domain (native mode) with samba 2.2.7a on RH 7.3 with the latest kernel, no acl, configured winbind, and ran into the problem described here :

Hello, I am using OpenSSH on a FreeBSD box (OpenSSH_3.5p1 FreeBSD-20030201, SSH protocols 1.5/2.0, OpenSSL 0x0090701f) and I noticed that the manual page for ssh_config probably needs to be fixed. The manual page says that the default value for the parameter HostKeyAlgorithms is "ssh-rsa,ssh-dss" but that seems to be wrong, because ssh only uses RSA-Keys in my .ssh/known_hosts if I

Hi All, We have a PHP site running on apache 1.3 and Im trying to graft typo onto it at /blog/. Ive got the running using the symlink method but apache/fastcgi are clunky to say the least so I want to move typo over to lighttpd. Ive got this all working and Im now trying to get a proxy working through from apache. Im using this: RewriteRule ^/blog/?(.*)$ http://blog.myorg.net:8080/$1 [P]

Hi, I'am experimenting an error on a Samba 3.0.20 pdc with ldap backend : When I have a try with the MS Win2k ACL editor to change a file permissions located on a Samba share, I can add or suppress domain users related acls, but with group related acls, an error occurs : MS Editor correctly shows the group SID, but cannot map the SID with the associated group name. smbd.log gives :

Please!!! does anyone know what's going on? I?really need to solve this problem and don't know how and didn't find bug report that matched with my description. ? ----- Original Message?----- From?: Gonzalo Britti [mailto:gonzalo.britti@idea-factory.net] Sent?: S?bado, 11 de Septiembre de 2004 04:24 p.m. To?: 'samba@lists.samba.org' Subject?: Samba(PDC) - LDAP problem only with

Hi, I was trying to get a new keytab in samba4 for my apache service. So I tried the following command: sh ktpass.sh --out /etc/apache.keytab --princ HTTP/myhost.samba.my.domain at SAMBA.MY.DOMAIN --pass VerySecure123 --enc des-cbc-md5 I get the following error: Unable to find kvno for principal HTTP/myhost.samba.my.domain at SAMBA.MY.DOMAIN Am I doing something wron or shouldn't I be

Hi guys, I'm running a Sernet-samba-ad-4.1.17-11.el6.x86_64 PDC with another 4 Samba4 DC's all joined to the same AD domain myorg.local My client wants me to disable all USB ports for all the users joined to the domain. Is it possible to do this via a group policy so that users logging onto any of the DC's will not be able to use their USB ports? I currently admin my AD with a

I was trying to get authentication via kerberos working but I'm having trouble trying to run ktpass as in step 6 here http://robertan.com/home/2015/01/14/kerberos-auth-with-apachephp/ ktpass -princ HTTP/contoso.com at CONTOSO.COM -mapuser CONTOSO\<USERNAME> -crypto all -ptype KRB5_NT_PRINCIPAL -pass <PASSWORD> -out webpage.HTTP.keytab I'm not sure of the

Hello, all: My Samba server is a member of a Windows 2000 AD domain. Authentication to the Samba server is, of course, by encrypted NTLM hashes. Authentication to the host itself, which runs Red Hat Linux 7.1, is by NIS (the AD domain controller is running Server for NIS). I want to remove NIS (or at least the passwords from NIS). To accomplish this, I wish to use pam_krb5 to authenticate users

Hi, I have been struggling with this for a few days and think that now's the time I can ask for help :) It's not an area I have delved into before, so I have been trying to follow the documentation, do my own research, and do as much configuration/testing as I can myself; but I am now confused. (I am running 4.2.0 throughout). I have successfully set up and configured a member server

El 23/5/2015 3:27 p. m., "Nico Kadel-Garcia" <nkadel at gmail.com> escribi?: > > On Wed, May 20, 2015 at 6:10 AM, Neil <nwilson123 at gmail.com> wrote: > > Hi guys, > > > > I'm running a Sernet-samba-ad-4.1.17-11.el6.x86_64 PDC with another 4 > > Samba4 DC's all joined to the same AD domain myorg.local > > > > My client wants

Hi Louis, Thank you very much for your speedy response. I'll definitely go ahead and investigate further. Much appreciated. Regards. Neil Wilson. On Wed, May 20, 2015 at 1:24 PM, L.P.H. van Belle <belle at bazuin.nl> wrote: > yes, this is possible, by GPO. > > In GPO, go to: > (user or computer )Configuration > - Policy > ? Administrative

Thank you Rowland, that clearly explains why it isn't working for me. Appreciated. I was trying to achieve my goal of having two domain controllers for redundancy, without having additional physical machines - it looks like I'm now in the same boat as the other current thread ("Domain controller in a chroot"), which is unfortunate! :( My scenario is that I have one ESXi

Hi, We're trying to set up a Red Hat 9 box as a BDC for a domain, the PDC for that domain is another RH9 machine. To do it we're using samba 2.2.7a and openLDAP 2.0.7 in both machines. We've followed the instructions from the Samba-PDC-Howto and Samba-BDC-Howto from the samba.org. The PDC works fine but when I try to list the shares of the BDC using my user I get a NT_LOGON_FAILURE

Hi, I want to use Dovecot LDA (or rather LMTP) use as local deliver with Postfix MTA. Users are in LDAP DB with structure as: dn: cn=username, ou=rank, o=myorg cn: username objectClass: Person gidNumber: uNNN uidNumber: gNNN userPassword: (somehow hashed, can only bind verification) homeDirectory: /Home/$rank/$username mailActive: 0/1 mail: usera at OneDomain mail: userb at

Now on to my next question.. I've got the search and indexing working well for now.. My next quest is to implement a system of creating custom fields in the index. Our site is fully dynamic. That is, every page is generated in PHP and there are enough different kinds of pages that I wouldn't want to get into the business of indexing the DB directly, so I think that using htdig to crawl

Hi, I've successfully installed Fedora Core 4 as a server with default settings and running KDE. - fedorabox I've entered it into the DNS. I can ping it by its hostname and by its IP. And I can ping from it to my machine by hostname and IP. I'm trying to set up a share on fedorabox so I can copy files from my pc mypcxp (Windows XP) to fedorabox. We are on a AD domain (pdc in