Displaying 20 results from an estimated 20000 matches similar to: "Restrict users from logging in: winbind"
2004 May 14
0
winbind - pam_listfile.so for solaris
We use samba 2.2.9 with winbind. We use winbind for authentication.
I was able to selectively limit pop3 use among winbind users on redhat 9
with this pam configuration. (As you would use it in ftpusers, in the
reverse sense.)
auth required /lib/security/pam_listfile.so item=user onerr=fail
sense=allow file=/etc/pop3users
This is the best solution for my situation, and I want to have that on my
2013 May 29
1
Enable IMAP only for certain users/IP
Hi,
I'm trying to config dovecot to enable IMAP protocol only for certain
IPs and users.
The logical steps I've followed are:
1. If a user is trying to login from an IP that I've authorized (
listed in a file) the request is authorized.
2. If not, if the user is listed in a second file the request is
authorized.
3. If also this check fails the request is rejected.
I'm using PAM
2016 Oct 13
0
How to tell spicy client to use SASL authentication?
I'm using libvirt in desktop environment. Single host machine, pair of users, a few guest machines. The first thought was that unix socket restricted to specific group is just enough for authentication. But virsh has the power like sudo: you could define pool on real device and write anything on it. So I decided to authenticate with password for each virsh use. I'm using SASL + saslauthd +
2007 Apr 26
1
Winbind: limiting groups that can log-in
Hi,
I am currently trying to configure AD (Windows 2003) + Linux (CentOS
4.4) to allow user logins for certain users, namely, developers.
The winbind authentication part of it is working correctly, but every
user in AD can login to the servers via ssh.
I have tried to limit users by adding
valid_users = @"domain+developers" (+ is the separator)
on /etc/samba/smb.conf, but this
2002 Feb 13
2
Problem with using both pam_listfile to deny logins and pubkey authentication
Hi,
I'm trying to use pam_listfile.so to deny logins from all others but few
users (names in /etc/loginusers). With password authentication it works
fine, but with public key authentication OpenSSH lets in users whose
names arent't in /etc/loginusers. AllowUsers in sshd_config does what
one would expect.
I'm using OpenSSH-3.0.2p1 on Debian testing (package version
1:3.0.2p1-6)
2013 Oct 12
1
Problem with PAM, vpopmail and Roundcube
Hello,
I have a problem to which I have not been able to find a solution by
myself or online.
I have Dovecot running together with Qmail on a CentOS server. I need
to be able to control which users are allowed IMAP access and at the
same time allow IMAP access for all users when the requests are coming
from a specific IP.
My problem has two parts, detailed below.
2009 Jul 10
1
vsftpd not able to log in
Hi folks,
I can't seem to log into my system via
vsftpd. All other services using PAM are fine...Am I missing something simple?
ftp> user
(username) user
331 Please specify the password.
Password:
530 Login incorrect.
# getenforce
Permissive
here is the event in /var/log/audit/audit.log:
type=USER_AUTH msg=audit(1247235151.569:9781): user pid=21052 uid=0 auid=0
2009 Nov 05
3
ADS, pam_winbind and vsftpd
Greets ... I am not getting it.
I have samba (old one, 3.0.22-11-SUSE-CODE10) in an ADS-context, winbind
works OK ...
I am trying to connect vsftpd to winbind via PAM, this works TOO GOOD ;-)
currently I am able to login to vsftpd with ANY password, that's bad.
I am not understanding that PAM-stuff and I have some pressure to get
that ftp-server up, so please would someone help me out?
My
2005 Aug 02
0
where is "pam_listfile.so" for static userdb?
hi all,
i'm setting up Dovecot on OSX to use PAM authentication against a
flat_file/static userdb (tho i will _eventually_ mv to pgsql ...).
iiuc, to do so i need something like:
===================================
(EDITOR) /etc/pam.d/dovecot.imap
auth required pam_listfile.so item=user sense=allow file=/var/dovecot/imapusers
onerr=fail
===================================
for a userdb
2004 Jan 12
1
PAM_ERROR_MSG and PAM_TEXT_INFO from modules
Hi,
I have tested the current snapshot portable release (dated Jan 9
2004).
configuration has:
UsePAM yes
PasswordAuthentication no
ChallengeResponseAuthentication yes
UsePrivilegeSeparation yes
two problems:
first pam_motd does not work anymore.
second, I needed a quick way to disable normal user logins without
disabling admin accounts (members of group wheel). the best option i
could come
2004 Jan 12
0
Winbind & Wrong Password - PAM Issue?
Good Morning,
I have been a user of winbind and Samba for about a year now. It's been
working well for me on Red Hat v. 8.0 and 9.0.
Recently I purchased and installed Red Hat Enterprise Linux WS 3.0 and
configured winbind and samba the same way I normally do. However when I
attempt to authenticate to the Linux workstation before I am even prompted
to enter my password, winbind submits a
2004 Jan 13
0
Winbind & Wrong Password - PAM Issue? NT_STATUS_WRONG _PASSWORD?
Anyone have suggestions?
Thanks.
-----Original Message-----
From: Eisenstein, Doug
Sent: Monday, January 12, 2004 9:06 AM
To: 'samba@lists.samba.org'
Subject: [Samba] Winbind & Wrong Password - PAM Issue?
Good Morning,
I have been a user of winbind and Samba for about a year now. It's been
working well for me on Red Hat v. 8.0 and 9.0.
Recently I purchased and installed Red
2003 Nov 18
0
Samba PDC trying rid null logins
> We are trying to have linux authenticate to linux server running samba
> 3.0. We have the XP Pro, 6.2 redhat, and 7.3 redhat machines. They all
> authenticate to the linux server but we are having problems with blank
> passwords or the user can type any password. We are using pam modules for
> the authentication on the client machines.
> I have included the config files for
2015 Oct 12
1
getting error Ignoring parameter browse directory and winbind sequence directory
On 12/10/15 08:27, VigneshDhanraj G wrote:
> Hi Rowland,
>
> Thanks for the help.
>
> Yes, Joined to the domain, ftp uses pam authentication. After
> upgrading samba i found ftp pam authentication not working
>
> /etc/pam.d/ftp contains
>
> #%PAM-1.0
> auth sufficient /lib/security/pam_smbpass.so
> auth sufficient /lib/security/pam_winbind.so
2003 Nov 19
0
FW: Samba PDC trying rid null logins
> -----Original Message-----
> From: Reed, Tameika
> Sent: Monday, November 17, 2003 5:56 PM
> To: 'samba@lists.samba.org'
> Subject: Samba PDC trying rid null logins
>
>
>
>
> We are trying to have linux authenticate to linux server running samba
> 3.0. We have the XP Pro, 6.2 redhat, and 7.3 redhat machines. They all
> authenticate to the
2009 Oct 08
3
TOSHAG-Winbind.xml translate finished and some bug found
Now, TOSHARG-VFS.xml translate to Japanese finished(3.4.0 base).
And some bug found.
<indexterm><primary>UID</primary></indexterm>
<indexterm><primary>GID</primary></indexterm>
<indexterm><primary>SID</primary></indexterm>
<indexterm><primary>idmap uid</primary></indexterm>
2007 Jan 15
1
Winbind caching group membership issue
Hi All,
I am using samba-common-3.0.10-1.4E.9 on a RHEL4_U4 x86 machine. The
ADS server is WS03 sp1 running in Windows Server 2003 interim mode. In
general thing are working well. However, when winbind caching is
enabled (default), group membership does not appear to update, i.e.
"wbinfo -r bob" and "groups bob" don't reflect changes in ADS group
membership.
2010 Jan 13
1
AD DNS scavenging and winbind:
Red Hat Enterprise Linux Server release 5.4 (Tikanga)
Samba 3.0.33-3.15.el5_4.1
I have run into an issue where the DNS records added by a net ads join seem to be being scavenged. From what I understand, Windows servers/workstations check in (update their host record) on the AD DNS server on a regular basis. So the question is, how can I have samba/winbind do the same?
I could just setup a cron
2010 Feb 03
1
Winbind Auth - prevent some users from logging on
Hey folks,
New to the list - and I hope this isn't a dumb question.
I am in the process of revamping the way we authenticate to our Linux
servers. Moving away from pam_ldap and pam_nss, in favor of winbind and
pam_nss. The reason for this is that I feel winbindd does a better job of
failing over from a unavailable authentication server than pam_ldap.
In any case - I have it all working
2011 Jul 11
1
Active Directory failover problem with winbind
Hello,
I have configured a Nagios server to be part of a Windows 2003 domain.
The Linux server is RedHat 5.3 with winbind version 3.0.22. The
configuration is using kerberos and pam with winbind to support
Windows user and local account.
Everything is working fine until we test the active directory failover.
The system is still accessible through domain account but it's very
slow and the