Displaying 20 results from an estimated 7000 matches similar to: "winbind offline logon"
2023 Dec 28
1
winbind offline logon
On Thu, 28 Dec 2023 19:08:45 +0000
bd730c5053df9efb via samba <samba at lists.samba.org> wrote:
> > >
> > > # here are the per-package modules (the "Primary" block)
> > > auth [success=2 default=ignore] pam_unix.so nullok
> > > auth [success=1 default=ignore] pam_winbind.so cached_login
> > > krb5_auth krb5_ccache_type=FILE
2023 Dec 28
1
winbind offline logon
Sent with Proton Mail secure email.
On Thursday, December 28th, 2023 at 15:59, Rowland Penny via samba <samba at lists.samba.org> wrote:
> On Thu, 28 Dec 2023 18:18:22 +0000
> bd730c5053df9efb via samba samba at lists.samba.org wrote:
>
> > Hi all!
> >
> > As a die hard slackware user and as a part of my learning pam process
> > I installed debian
2023 Dec 28
1
winbind offline logon
On Thu, 28 Dec 2023 18:18:22 +0000
bd730c5053df9efb via samba <samba at lists.samba.org> wrote:
> Hi all!
>
> As a die hard slackware user and as a part of my learning pam process
> I installed debian bookworm (12.4.0) in a vm and setup a domain
> member server per the instructions in the wiki trying to figure out
> how debian does it so I can correct some issues I have
2010 Apr 16
1
offline logon in 3.4.7-58
Having issues adapting our 3.4 configuration that worked very well using idmap rid in 3.3.
It seems like winbind does not cache the credentials despite all of the settings being present. I can set winbind offline via smbcontrol and have it work, but if I reboot the machine (important for my laptops) off the network winbind complains that it can't find the logon server.
When disconnected and
2023 Dec 28
2
winbind offline logon
Hi all!
As a die hard slackware user and as a part of my learning pam process I installed debian bookworm (12.4.0) in a vm and setup a domain member server per the instructions in the wiki trying to figure out how debian does it so I can correct some issues I have with how it's done in slackware.
Everything seems to be working fine except for the winbind offline logons, what I tried was to
2009 Oct 01
1
Linux offline logon
We have our linux servers setup to authenticate against Windows AD using
idmap config DOMAIN: backend = RID
When a domain user logins to the system, all works fine, if its their
first time loggin in then their home directory is created, and by using
RID backend, all UIDs are consistent across all Linux servers.
If we stop winbind, processes running under the username no longer show
username, but
2011 Nov 29
3
offline logon with AD
Hi
yesterday I configured my laptop to login via AD usernames/passwords.
This was working finally with using the sadms. Now I want to enable
login when the user is not connected to the network. I found that you
need to enable "winbind offline logon = yes" in the smb.conf. But
actually this is not working.
I'm using ubuntu 11.10 and whenever I logon via the desktop i get
2007 Apr 16
1
Winbind offline logon
Hi,
I have a question about Winbinds offline logon capabilities.
We are working on integration of laptops with winbind in to our Linux Workstation Managment System, but have some difficulties to verify the desired functionality. For that we are running the latest samba (currently 3.0.25rc1) . Authentication is setup against Windows AD 2003 with R2 extensions (rfc2703bis) .
Smb.conf:
2019 Feb 14
6
winbind offline logon
Hi all, I have a problem in libpam-winbind: offline logon doesn't seems
to work. The first version of samba in which I have found the problem is
4.1 and the last is 4.7 but I fear that newer version are affected too.
Hopefully there is a workaround: you have to remove
krb5_ccache_type=FILE from /etc/pam.d/common-auth
I have opened a bug report[¹] where you can find more details.
Any one
2019 Jan 28
2
Winbind, cached logons and 'user persistency'...
On Mon, 28 Jan 2019 12:52:45 +0100
Marco Gaiarin via samba <samba at lists.samba.org> wrote:
> Mandi! Rowland Penny via samba
> In chel di` si favelave...
>
> > > Strictly speaking, why winbind cache ''PAM'' data and not ''NSS''
> > > one (seems to me)?
> > The problem is (for myself anyway), I do not understand the
>
2019 Oct 18
2
Offline logon and NSS...
Mandi! Rowland penny via samba
In chel di` si favelave...
> No, if you have 'winbind offline logon = yes' set that is it as far as Samba
> is concerned, you also have to set up PAM to use cached logins.
> Winbind caches the users passwd etc, but renews it if the cache time has
> been exceeded unless an AD DC cannot be contacted i.e. they are all offline.
Speaking simply
2020 Jul 28
2
kerberos ticket on login problem
I'm experimenting with smb + winbind.
My host is joined to AD and I can login to my host fine using my AD
credentials via SSH.?? The only issue is that I don't get a Kerberos
ticket generated.
In /etc/security/pam_winbind.conf I have:
krb5_auth = yes
krb5_ccache_type = KEYRING
In /etc/krb5.conf, I also have:
default_ccache_name = KEYRING:persistent:%{uid}
Using wbinfo -K jas, then
2019 Apr 15
2
winbind offline login - NT_STATUS_NO_SUCH_USER (0xc0000064)
Hello All,
I am at the switch from sssd to winbind based samba domain members (Debian
9 stretch).
I am using Samba 4.10.2 packages from Louis ( http://apt.van-belle.nl/ )
and rid backend for idmap.
*My problem:*
I am able to logon to my domain members using winbind_pam as long as my
client is connected to a network where a domain controller is reachable.
As soon as I shutdown and connect a
2023 May 26
1
PAM Offline Authentication in Ubuntu 22.04...
Mandi! Rowland Penny via samba
In chel di` si favelave...
Sorry for the late answer.
> I have Ubuntu 22.04 with Samba 4.15.13 running in a VM and it just works
> for myself.
Exactly the same, but on a real hardware.
> Had the user 'gaio' logged in previously, it will not work if the user
> hasn't logged in at least once before the network has disconnected.
Sure!
2015 Oct 12
2
getting error Ignoring parameter browse directory and winbind sequence directory
Hi Rowland,
Yes, Joined to the domain, ftp uses pam authentication. After upgrading
samba
On Fri, Oct 9, 2015 at 8:08 PM, Rowland Penny <rowlandpenny241155 at gmail.com>
wrote:
> On 09/10/15 15:28, VigneshDhanraj G wrote:
>
>> Hi Rowland,
>>
>> I updated samba from 40.25 to 4.1.20, now ftp is not working.
>>
>>
> Very cryptic, why isn't ftp
2016 Dec 08
4
How to join join Ubuntu desktop to AD
On Thu, 8 Dec 2016 13:03:49 -0500
lingpanda101 via samba <samba at lists.samba.org> wrote:
> On 12/8/2016 12:52 PM, Rowland Penny via samba wrote:
> > On Thu, 8 Dec 2016 12:27:20 -0500
> > lingpanda101 via samba <samba at lists.samba.org> wrote:
> >
> >> I think I have a issue with ldconfig not finding winbind. I create
> >> the sym links and
2016 Sep 30
2
Samba Member NT_STATUS_NETWORK_SESSION_EXPIRED
On Fri, 30 Sep 2016 13:32:18 +0200
Oliver Werner <oliver.werner at kontrast.de> wrote:
> the interface part is ok. eth0 has another IP as eth0:35
>
> DCs show me the profiles
>
> unix authentication
> register user session in the systemd….
> inheritable capabilities management
> OLIVER WERNER
> Systemadministrator
>
I use Devuan and I get:
Kerberos
2020 Apr 01
1
Missing domain user tickets with winbind
On 01/04/2020 12:20, L.P.H. van Belle via samba wrote:
> For that to work, you need to add the CIFS/hostname.fqdn at REALM to the host your logging in.
> The COMPUTER$ should hold it.
> Allow the computer to delegate the cifs service. ( or all )
Thing is, the OP is trying to use a users ticket to mount, but seems to
be doing it as root, which isn't going to work, mainly because
2015 Jan 09
2
getting NT_STATUS_LOGON_FAILURE
On 09/01/15 17:26, Bob of Donelson Trophy wrote:
>
>
> On 2015-01-09 10:23, Rowland Penny wrote:
>
>> On 09/01/15 15:47, Bob of Donelson Trophy wrote:
>>
>> On 2015-01-09 09:27, Rowland Penny wrote:
>>
>> On 09/01/15 15:00, Bob of Donelson Trophy wrote:
>> On 2015-01-09 08:44, Rowland Penny wrote: W7 client "Preferred DNS server" is set
2019 Aug 19
3
How does "winbind refresh tickets" work?
Hi list,I want to make winbind kerberos ticket refresh work but I couldn't do it with configuration below:
------ smb.conf ------security = ADS
workgroup = MYDOMAINrealm = MYDOMAIN.ORG
log file = /var/log/samba/%m.loglog level = 6enable core files = no
idmap config * : backend = tdbidmap config * : range = 3000-7999idmap config MYDOMAIN : backend = rid
idmap config MYDOMAIN : range =