Displaying 20 results from an estimated 6000 matches similar to: "samba, PAM and active directory"
2012 May 31
1
Tangential Issue: idmap backend = ad and Active Directory 2008R2
Tried single quotes on Domain Admins in the pam.d file as well as a backslash on the space with no effect. I've found several references that just say "no spaces in group names." Is there really no way to do this?
Also, most references I find to using these lines in pam.d say that "sufficient" should work, but I'm finding that users in the named group can then log in
2015 May 11
0
ldap host attribute is ignored
Hmmm...., i have made now a complete new install but the problem
persists: ldap authentication works, but the host attribute is ignored.
I have installed CentOS7 64bit with KDE.
I did not do any 'yum update' or install of extra packages so far.
these pam and ldap packages are installed:
openldap-devel-2.4.39-6.el7.x86_64
openssh-ldap-6.6.1p1-11.el7.x86_64
openldap-2.4.39-6.el7.x86_64
2015 May 11
0
ldap host attribute is ignored
I am still not understanding why your using MD5? Is it because everyone in InfoSec declared that everyone finally went from md5 to sha512 or what?
-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of Ulrich Hiller
Sent: Monday, May 11, 2015 1:40 PM
To: CentOS mailing list
Subject: Re: [CentOS] ldap host attribute is ignored
one more
2015 May 09
0
ldap host attribute is ignored
On May 8, 2015, at 11:14 AM, Ulrich Hiller <hiller at mpia-hd.mpg.de> wrote:
>
> /etc/pam.d/system-auth:
> -----------------------
> #%PAM-1.0
> # This file is auto-generated.
> # User changes will be destroyed the next time authconfig is run.
> auth required pam_env.so
> auth sufficient pam_unix.so nullok try_first_pass
> auth
2015 May 08
4
ldap host attribute is ignored
>> But instead i get
>> centos: sshd[7929]: pam_unix(sshd:session): session opened for user
>> <username>
>
> "pam_unix" should be an indication that <username> appears in the local
> unix password files. Make sure that it doesn't.
Nope. None of the usernames i tried is in /etc/passwd or /etc/shadow
>
> What do /etc/pam.d/sshd and
2015 May 11
2
ldap host attribute is ignored
one more thing: firewalld service and selinux are deactivated.
On 05/11/2015 07:06 PM, Ulrich Hiller wrote:
> Hmmm...., i have made now a complete new install but the problem
> persists: ldap authentication works, but the host attribute is ignored.
>
> I have installed CentOS7 64bit with KDE.
> I did not do any 'yum update' or install of extra packages so far.
>
>
2010 Feb 16
2
pam_mount
Hi all,
I am a bit confused about the usage of pam_mount.
Here is my /etc/pam.d/system-auth:
auth required pam_env.so
auth required pam_mount.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_krb5.so use_first_pass
auth required pam_deny.so
account
2017 Feb 13
0
pam_tally2 after unlock time
Hi All,
I prepared a Centos 6.8 Minimal server, as part of hardening i added PAM
rules under system-auth and password-auth to lock the user account for 30
minutes after 3 failed login attempts.
############system-auth###############
auth required pam_tally2.so deny=3 unlock_time=1800
auth required pam_env.so
auth sufficient pam_unix.so
auth requisite
2014 Oct 29
1
samba ssh change password Error was: Wrong password
passwd: Authentication token manipulation error
smbpasswd: machine 127.0.0.1 rejected the password change: Error was :
Wrong Password
best regards
[FACILITY/btombul at samba ~]$ passwd
Changing password for user FACILITY/btombul.
Changing password for FACILITY/btombul
(current) NT password:
New password:
Retype new password:
passwd: Authentication token manipulation error
[FACILITY/btombul at
2015 Oct 08
0
Changing User password from ssh member server
On 08/10/15 18:59, Guilherme Boing wrote:
> Hi Rowland,
>
> This is a CentOS 6.7 server.
> I was able to make some progress. I have edited
> /etc/pam.d/system-auth, and now it looks like:
>
> auth required pam_env.so
> auth sufficient pam_unix.so nullok try_first_pass
> auth requisite pam_succeed_if.so uid >= 500 quiet
> auth
2015 Oct 08
2
Changing User password from ssh member server
Hi Rowland,
This is a CentOS 6.7 server.
I was able to make some progress. I have edited /etc/pam.d/system-auth, and
now it looks like:
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_ldap.so use_first_pass
auth required pam_deny.so
account
2007 Aug 22
1
problem with poppassd
Dear All,
I have recently installed CentOS 5 and is workin perfect
i recently download n installed poppassd daemon ver 1.6a so as to let the
users to change their password
but when i try to change password i get the folling error
500 'BAD PASSWORD: it is based on a dictionary word'
i tried googlin arround and tried to play with
system-auth-ac file in /etc/pam.d but no use
my
2012 Jan 17
0
Samba 3.5.10 pam authentication question
So I have Samba 3.5 set up to use pam to authenticate against kerberos. This seems to be working fine when I connect to the from a linux system using smbclient. However, when I try to connect from a windows system, it fails. I cranked up the debug level, but I'm unable to figure why this does not work. I feel I'm missing a component to this.
I use samba on a handful of our servers,
2020 Jul 28
0
kerberos ticket on login problem
On 7/28/2020 3:59 PM, Jason Keltz via samba wrote:
> I'm experimenting with smb + winbind.
>
> My host is joined to AD and I can login to my host fine using my AD
> credentials via SSH.?? The only issue is that I don't get a Kerberos
> ticket generated.
>
> In /etc/security/pam_winbind.conf I have:
>
> krb5_auth = yes
>
> krb5_ccache_type = KEYRING
>
2010 Jan 12
0
Strange SAMBA Winbind behavior - WBC_ERR_AUTH_ERROR - NT_STATUS_WRONG_PASSWORD
Hello All,
I am having a weird behavior and after 2 days of trying to fix it, I
just decided to ask the experts in this group!
I have a RHEL5 box running SAMBA 3.4.3-41.el5. Users authenticate via
Winbind to a Windows 2008R2 Domain controller.
Authentication is fine, users can log in but ...
1. When user type their login/username, it takes 3 seconds to get
the password
2010 Sep 14
1
cron breaking when enabling ldap
Hi
When I enable a box to do authentication using LDAP it breaks cron for users like jboss.
I get the following in /var/log/secure
Sep 14 15:25:01 exoipatest01 crond[7214]: pam_access(crond:account): access denied for user `jboss' from `cron'
I have the following in /etc/ldap.conf
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,tomcat,radiusd,news,mailman,nscd,jboss
2006 Dec 06
3
Winbind do not maintains mappings between UIDs, GIDs and SIDs
Hello,
I?m trying to use winbind to allow my AD users to logon to our linux
computers.
I?m using FC6 and Samba 3.0.23c-2.
I have several problems:
1. When I start linux machine and immediately ofter logging in I try to
check trust secret by running wbinfo -t
I receive this error:
checking the trust secret via RPC calls failed
error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc0000233)
2007 Nov 06
0
authenticate using pam_ldap.so
Hi All,
I've been trying for quite some time now, but feel that there's just
that one situation that doesn't work, and that's probably the one
thing I'd like to use.
I've got a simple samba server (3.0.23c) on RHEL5 that only has one
large share. That share is to be used by a certain number of users,
that can exchange large amounts of data using that share, but not
2011 Aug 31
1
Auto creation of home directories on Samba-3.5.4(CentOS 6) using PAM authenticating via ADS
Hi,
I have installed samba 3.5.4 on Centos 6 and have set it up to
authenticate to a Windows 2008 Domain Controller. When I do a "su -
some-domain-user", the home directory gets created. However, I want
the home directory to be created when a user accesses the samba
shares(no shell access). Following are the relevant configurations.
What are the PAM changes I need to make? Help is much
2008 Oct 27
0
system-auth on CentOS 5.2
Hi al.I have a problem with pam.d authentication rules.
I searched on google and modified my system-auth file.Bu some rules
does not works properly
my system-auth like below:
--------------------------
auth required pam_env.so
auth required pam_tally.so onerr=fail per_user deny=3
auth sufficient pam_unix.so md5 nullok try_first_pass
auth requisite