similar to: Member Server creates sambaDomainName LDAP entry

Someone on the pam mailing list suggested I try my question here. In our pam.d/imap we have: account required pam_permit.so auth sufficient pam_winbind.so try_first_pass Authentication for imap works fine with this. If we switch to : account sufficient pam_winbind.so for the first line, then logins using their AD password fail. We also have a non-AD ldap

On 08/10/15 18:59, Guilherme Boing wrote: > Hi Rowland, > > This is a CentOS 6.7 server. > I was able to make some progress. I have edited > /etc/pam.d/system-auth, and now it looks like: > > auth required pam_env.so > auth sufficient pam_unix.so nullok try_first_pass > auth requisite pam_succeed_if.so uid >= 500 quiet > auth

Hi All, I've been trying for quite some time now, but feel that there's just that one situation that doesn't work, and that's probably the one thing I'd like to use. I've got a simple samba server (3.0.23c) on RHEL5 that only has one large share. That share is to be used by a certain number of users, that can exchange large amounts of data using that share, but not

I have the following box setup as a file server # cat /etc/redhat-release CentOS release 6.2 (Final) # uname -r 2.6.32-220.4.1.el6.x86_64 # rpm -qa | grep samba samba-3.5.10-114.el6.x86_64 samba-winbind-clients-3.5.10-114.el6.x86_64 samba-client-3.5.10-114.el6.x86_64 samba-winbind-3.5.10-114.el6.x86_64 samba-common-3.5.10-114.el6.x86_64 I have created a Domain Member Server for a "NT4

Hi I have configured a machine to authenticate against LDAP. When I log onto the box using the newly created user I see a LDAP search request for every user that exist in the directory. If I have only 20 users even a 100 that is not a problem but when I start going to 10000 users I start getting some weird errors and timeouts because of the time it takes to download the data to the client. I

On 11.10.2016 17:22, Harry Jede via samba wrote: > Am Dienstag, 11. Oktober 2016 schrieben Sie: >> On 11.10.2016 13:52, Harry Jede via samba wrote: >>> On 10:43:49 wrote Gavrilov Aleksey via samba: >>> Until now, you have destroyed your domain. >>> Is the ldap directory on localhost in production or is this pc in a >>> test lab? >> a copy of the

On 08/10/15 19:16, Guilherme Boing wrote: > I have removed use_auhtok from /etc/pam.d/system-auth and now passwd > is "kind of" working... > I am still able to login with my old password and the new one also. > But only on the linux servers that are authenticating through LDAP. > > On my workstation only the old password (the one I was trying to > change through

Hi When I enable a box to do authentication using LDAP it breaks cron for users like jboss. I get the following in /var/log/secure Sep 14 15:25:01 exoipatest01 crond[7214]: pam_access(crond:account): access denied for user `jboss' from `cron' I have the following in /etc/ldap.conf nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,tomcat,radiusd,news,mailman,nscd,jboss

Hi Guys, I have posted this subject long time ago but this problem still persistently happens on my linux+pdc server. Here is my server detail , CentOs5.1 + Samba-3.0.25b + Fedora Directory Server So far every is running fine. It is just one thing I don't understand what I have done wrong. Normally if you open teminal window it should be like " [root@myserver /]" but sometime

Hi Everyone. I am doing some LDAP testing. I have setup a 389 Directory Server on CentOS 5 and using the default schema I have populated it with a couple of users. I then did the configuration on the client that I thought was needed to make it authenticate. To test this I expected to be able to use id <uidNumber> of a user I had defined. But I get id: 1001: No such user id: 5001: No

Hi Rowland, This is a CentOS 6.7 server. I was able to make some progress. I have edited /etc/pam.d/system-auth, and now it looks like: auth required pam_env.so auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_ldap.so use_first_pass auth required pam_deny.so account

Hi, I'm following JHT's example doc off the web. I just applied a patch for the confiure.pl script for the smbldap-tools that John gave me. It now makes the sambaUnixIdPooldn object default to: cn=sambaDomainName=DOMAIN whereas the output of the configure.pl script given in Chapter 9 of the book is shown as: sambaDomainName=DOMAIN I now have the first version of the sambaUnixIdPooldn

I am installing smb 3.5 on a CentOS 6.2 host using smbldap-tools. I've previously installed a similar configuration on RHEL4 using smb 3.0 but CentOS now uses nss-pam-ldapd and nslcd instead of nss_ldap, so the configurations cannot be moved straight across. When I do a listing of a share directory that should have user and group ownership determined by LDAP, I get the uidNumbers and

Hello, I am having a small issue with LDAP, and I hope someone here might be able to provide a few tips. I am unable to authenticate as user 'testuser' on server 'storage' and the following errors appear in /var/log/messages on server 'storage' Sep 19 16:56:17 storage sshd(pam_unix)[3124]: check pass; user unknown Sep 19 16:56:17 storage sshd(pam_unix)[3124]:

Yes, it is an AD DC. The thing is, the only way I know to change the user password is from a Windows workstation (CTRL+ALT+DEL and go to Change password). I was trying to achieve the same thing through another Linux server that is not the AD DC. So I thought that it would be possible for them to change their AD passwords through "passwd", but it didn't seem to work properly, because

I have removed use_auhtok from /etc/pam.d/system-auth and now passwd is "kind of" working... I am still able to login with my old password and the new one also. But only on the linux servers that are authenticating through LDAP. On my workstation only the old password (the one I was trying to change through passwd(ssh)) works. I have noticed that my user now has a userPassword

Hello, On a computer, a sparc64 with Debian, with hostname tw89 and domain name KUDDE thinks `smbpasswd` that the domain name is TW89 | tw89:~ | # grep workgroup /etc/samba/smb.conf | # Change this to the workgroup/NT-domain name your Samba server will part of | workgroup = KUDDE | tw89:~ | # ldapsearch -LLxW -H ldaps://tw89 -D cn=admin,ou=people,dc=gst,dc=stappers,dc=nl \ | -b

I am trying to configure NIS, PAM, & LDAP on a CentOS 6.2 host. I've previously installed a similar configuration on RHEL4, but CentOS now uses nss-pam-ldapd and nslcd instead of nss_ldap, so the configurations are a little different. Currently, local users and groups are showing up but not LDAP users. When I do a /getent passwd/ and/getent group/ I don't get LDAP users. When I do

Hi All, I prepared a Centos 6.8 Minimal server, as part of hardening i added PAM rules under system-auth and password-auth to lock the user account for 30 minutes after 3 failed login attempts. ############system-auth############### auth required pam_tally2.so deny=3 unlock_time=1800 auth required pam_env.so auth sufficient pam_unix.so auth requisite

Hmmm...., i have made now a complete new install but the problem persists: ldap authentication works, but the host attribute is ignored. I have installed CentOS7 64bit with KDE. I did not do any 'yum update' or install of extra packages so far. these pam and ldap packages are installed: openldap-devel-2.4.39-6.el7.x86_64 openssh-ldap-6.6.1p1-11.el7.x86_64 openldap-2.4.39-6.el7.x86_64