similar to: not permitted to access this share [Solved]

I've checked the wbinfo all returns as expected . I've checked the user on the UNIX server can access the files and dir - no problem. I don't understand if SAMBA is actually try to map FIRSTGROUP\admandymarr on to the share ? If it is then it wont work, as the share only specifies the username not the domain and username. I'm not using PAM for these shares , is it needed ? Am I

Hi, I managed to set up a Samba server that accepts Kerberos 5 TGTs via SPNEGO/GSSAPI for login. However, when I don't have a TGT it fails for Unix clients. It asks for username/password for Windows clients and then fails trying to do NTLMv2 authentication. How can I set up a Samba server that asks for username/password and then uses a Unix Kerberos KDC (Heimdal v. 1.2 in my case) for

Hi Samba people I'm trying to join a Solari10 server using Samba Version 3.0.33 server to an ADS. But the ADS is not in DNS. I thought I could get round this by putting the ADS IP in the servers local hosts file, and telling the krb5.conf not to use dns but it doesn't seem to work. 1. Can it be done ? 2. If it can how ? Output of my net join ads, still seems to be using DNS [root at

José, La función survfit espera como argumento una fórmula. Al pie del help de la función survfit dice: "Versiones anteriores del código también permiten la especificación de una sola curva al omitir el lado derecho de la fórmula, es decir, ~ 1. El manejo de este caso requiere algunas manipulaciones poco comunes y frágiles, este caso ya no es compatible." (sepan disculpar la

Hola Jose, y podrias enviar algun link al libro o enviar esa parte escaneada ?? para minimizar la posibilidad de que haya algo en la transcripcion del script ... Slds, eric. On Fri 04 Oct 2013 01:59:33 PM CLT, daniel wrote: > José, > > La función survfit espera como argumento una fórmula. Al pie del help de la > función survfit dice: > > "Versiones anteriores del código

En el libro EPICALC (pagina 229-230) en el que está el siguiente script, todo nos funciona bien, pero cuando vamos a life table, ya allí no avanza, lo señalamos en el script, por favor quizá se nos haya ido algún detalle, pero fuimos siguiéndolo por el libro paso a paso y no no hemos percatado Todos los de el paquete survival de la ayuda del R funcionan perfectamente

IPSec is very complex with certificates. try first with PSK authentication and then with certificates -- Eero 2016-04-01 20:21 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>: > I generated according to the docs . Which produced > my server.secrets as below > > used the command > > ipsec newhostkey --configdir /etc/ipsec.d --output >

The cheapest sollution is probably compiling a private openssl somewhere on the system and then compiling apache using that private openssl version instead of the default system-wide one. Regards, Dennis On 17.04.2015 13:20, Eero Volotinen wrote: > Yep, maybe using ssl offloading devices like (BigIP) that receives tls1.2 > and tlsv1.2 and then re-encrypts traffic with tls1.0 might be

To be fair its not highly sensitive info we are dealing with. -----Original Message----- From: "Eero Volotinen" <eero.volotinen at iki.fi> Sent: ?21/?03/?2016 17:51 To: "CentOS mailing list" <centos at centos.org> Subject: Re: [CentOS] IPSec multiple VPN setups Err. Sounds like security nightmare. 21.3.2016 7.47 ip. "Glenn Pierce" <glennpierce at

You must define connection address and key in ipsec.secrets. -- Eero 2016-04-01 19:38 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>: > Just trying to follow the instructions here > > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Securing_Virtual_Private_Networks.html > > I don't think I am doing anything special.

On 04/16/2015 05:00 PM, Eero Volotinen wrote: > in fact: modgnutls provides easy way to get tlsv1.2 to rhel 5 > > -- > Eero > If you do that, then you are at the mercy of Mr. Bergmann to provide updates for all security issues for openssl. Has he updated his RPMs since 2014-11-19 23:57:58? Does his patch work on the latest RHEL/CentOS EL5 openssl-0.9.8 package? The answer right

Hi,volotinen: as it mentioned in your web link: "Your on the right track your module need to be signed", my question how to sign test_file_system.ko? thanks, w.k. ------------------ ???? ------------------ ???: "eero.volotinen";<eero.volotinen at iki.fi>; ????: 2016?1?22?(???) ??3:42 ???: "CentOS mailing list"<centos at

Yes reinstall. I get you have to purchase a new instance for a time to move over. -----Original Message----- From: "Eero Volotinen" <eero.volotinen at iki.fi> Sent: ?21/?03/?2016 18:38 To: "CentOS mailing list" <centos at centos.org> Subject: Re: [CentOS] IPSec multiple VPN setups err. upgrades? You mean reinstall? As upgrading between major releases are not

So you are using pkcs12 on centos: https://www.sslshopper.com/article-most-common-openssl-commands.html -- Eero 2016-04-01 17:44 GMT+03:00 Glenn Pierce <glennpierce at gmail.com>: > Sorry but I have looked for over two days. Trying every command I could > find. > > There is obviously a misunderstanding somewhere. > > After generating a key pair with > ipsec newhostkey

Will ask my boss :) We are hosted on memset so not so easy to update Thanks On 21 March 2016 at 17:36, Eero Volotinen <eero.volotinen at iki.fi> wrote: > Centos 5 is still soon end of life. Using it as ipsec gateway is .. > > Eero > 21.3.2016 7.25 ip. "Mike - st257" <silvertip257 at gmail.com> kirjoitti: > >> On Mon, Mar 21, 2016 at 1:17 PM, Mike -

Yep, maybe using ssl offloading devices like (BigIP) that receives tls1.2 and tlsv1.2 and then re-encrypts traffic with tls1.0 might be "cheapest" solution. -- Eero 2015-04-17 14:15 GMT+03:00 Johnny Hughes <johnny at centos.org>: > On 04/16/2015 05:00 PM, Eero Volotinen wrote: > > in fact: modgnutls provides easy way to get tlsv1.2 to rhel 5 > > > > -- >

I generated according to the docs . Which produced my server.secrets as below used the command ipsec newhostkey --configdir /etc/ipsec.d --output /etc/ipsec.d/www.example.com.secrets : RSA { # RSA 3328 bits ***.**.net Fri Apr 1 15:39:32 2016 # for signatures only, UNSAFE FOR ENCRYPTION

in fact: modgnutls provides easy way to get tlsv1.2 to rhel 5 -- Eero 2015-04-16 21:02 GMT+03:00 Eero Volotinen <eero.volotinen at iki.fi>: > well. this hack solution might work: > http://www.tuxad.de/blog/archives/2014/11/19/openssl_updatesenhancements_for_rhel__centos_5/index.html > > -- > Eero > > 2015-04-16 17:30 GMT+03:00 Leon Fauster <leonfauster at

Glenn Pierce wrote: > Yes reinstall. I get you have to purchase a new instance for a time to > move over. I'd figure that they just move you to an instance that's already running a newer version of the o/s, giving you time to test for breakage. I really don't see them charging, except, possibly, for running in parallel during testing. mark > > -----Original

I think, this SIG would/should care about hardening CentOS itself as a system not a complete environment (proxies, firewalls, etc.) The examples of the opener show this. Something else could be integrity checking possibly. I imagine a tool/script that could apply hardening stuff. Regards Tim Am 22. April 2015 09:23:52 MESZ, schrieb Eero Volotinen <eero.volotinen at iki.fi>: >Sounds