Displaying 20 results from an estimated 5000 matches similar to: "Anything like "nss_updatedb" for ldapsam account information backend?"
2019 Oct 17
3
Offline logon and NSS...
Mandi! Rowland penny via samba
In chel di` si favelave...
> > Considering a 'full offline' DM client (supposing a portable), there's
> > a 'winbind permanent nss cache' or a general nss cache (like
> > nss-updatedb):
> > https://wiki.debian.org/LDAP/NSS#Offline_caching_of_NSS_with_nscd
> > have to be used? Thanks.
> No, you cannot use
2005 May 12
3
New ADS infrastructure with winbind - Which is the best ID-mapping: IDMAP_RID or IDMAP LDAP with ADS + SFU schema ?
A question for the best winbind SID-UID/GID mapping in our situation:
I'm building a new infrastructure with Windows 2003SP1 ADS
Domaincontrollers and some Debian Servers (File: Samba+NFS; Mail; Web;
....) and varios XP and Debian Clients.
After reading Chapter 12. (Identity Mapping) in the Samba-HOWTO is
IDMAP_RID in couple with winbind an easy way to solve the problem with
syncr.
2019 Oct 17
0
Offline logon and NSS...
On 17/10/2019 10:32, Marco Gaiarin via samba wrote:
> Mandi! Rowland penny via samba
> In chel di` si favelave...
>
>>> Considering a 'full offline' DM client (supposing a portable), there's
>>> a 'winbind permanent nss cache' or a general nss cache (like
>>> nss-updatedb):
>>>
2019 Jan 25
2
Winbind, cached logons and 'user persistency'...
On Fri, 25 Jan 2019 16:32:56 +0100
Marco Gaiarin via samba <samba at lists.samba.org> wrote:
> Mandi! L.P.H. van Belle via samba
> In chel di` si favelave...
>
> I come back in this thread, sorry.
>
> > Maybe https://wiki.debian.org/LDAP/NSS is a better solution for
> > the mailserver.
>
> Probably better use directly LDAP info with native MTA tools
2012 Mar 02
1
ldapsam and Windows LDAP account information?
I can browse our Windows account information with ldapsearch as below.
Can I configure ldapsam passdb backend to use account information from
this LDAP directory?
$ ldapsearch -b dc=example,dc=com -h 192.168.1.23 -U jack -Y DIGEST-MD5
'(sAMAccountName=jack)'
SASL/DIGEST-MD5 authentication started
Please enter your password:
SASL username: jack
SASL SSF: 128
SASL data security layer
2019 Oct 17
4
Offline logon and NSS...
I'm revising some docs, and i've returned on the 'offline logon' tema.
Looking at:
https://wiki.samba.org/index.php/PAM_Offline_Authentication
and smb.conf manpage, it is clear that 'offline logon' is
a pam/authentication only, does not involve NSS.
Considering a 'full offline' DM client (supposing a portable), there's
a 'winbind permanent nss
2006 Nov 06
1
Samba with AD
I am stuck with Samba -Active Directory communication. Trying to bring my SUSE 10.0 to speak with AD Domain.
net rpc testjoin - brings a unable to find suitable server message
net join - kerberos_kinit_password preauthentication failed and ads_connect preauthentication failed
wbinfo -u works fine
wbinfo -t works fine
getent passwd/group works too
smb is running
nmb is running
winbindd is
2019 Jan 28
0
Winbind, cached logons and 'user persistency'...
Mandi! Rowland Penny via samba
In chel di` si favelave...
> > Strictly speaking, why winbind cache ''PAM'' data and not ''NSS'' one
> > (seems to me)?
> The problem is (for myself anyway), I do not understand the difference
> between 'PAM' and 'NSS' data.
'PAM' is authorization scenario (eg, «user X use the correct
2005 Mar 11
2
Practical guide to migrate from tdbsam to ldapsam
Hello people!
I'd like to know about a practical guide which helps to migrate users
from a perfect working Samba PDC running with tdbsam backend to a new
backend to LDAP. Does "pdbedit -i xxx -e xxx" make all the job? My
network is growing and I need a directory service to help find people so
I'd like to see a LDAP server running well with Samba without rebuild my
user
2010 Oct 29
2
migrating users to openldap
I noticed that when I migrated my users with the migrate_passwd.pl
tool from PADL it didn't migrate the actual passwords (just the rest
of the posixAccount info). I think I need to set the EXTENDED_SCHEMA
variable and then try running the tool again. does anyone know what
this should be?
I actually thought there might be a migrate_shadow.pl tool that could
accomplish this, but there
2003 Mar 29
2
SIP Retransmission Patch
I've also noticed that my SIP phones (snom [12]00) seem to deregister
themselves after some time, and not be able to re-register until
Asterisk is restarted. This problem only manifested with the latest
CVS.
-- Luke
--
Luke Howard | PADL Software Pty Ltd | www.padl.com
2004 Apr 19
1
Migrate Samba 3.0x tdb to Samba-3.0.2a ldapsam
Hi guys/girls,
How are you ?
I'm looking at migrating my Samba-3.0.1 server which has the standard tdb
backend to Samba-3.0.2a with an LDAP backend.
I plan to use nss_ldap too.
What would be the best way of doing this ? Any assistance would be greatly
appreciated.
Kindest regards
David Wilson
D c D a t a
Tel +27 33 342 7003
Fax +27 33 345 4155
Cell +27 83 267 7500
http://www.dcdata.co.za
2005 Apr 07
1
Samba and slapd.conf's TLSVerifyClient
I have Samba 3.0.13 and LDAP 2.2.24 installed. I have placed the following
directive in my slapd.conf file.
TLSVerifyClient demand
I have the PADL stuff configured and working fine.
ldapsearch with -ZZ works fine.
I even have the Idealx smbldap-tools working fine.
Samba won't work though unless I set
TLSVerifyClient try
According to the slapd.conf man page, "try" causes a
2009 Feb 11
2
filebucket retrieval
Hi,
While at LCA this year I was talking to James Turnbull, and I think he
said it was possible to
a) pull files off a puppet client to the puppet master
b) push those files out to other puppet clients
I''ve been reading up on FileBucket and I don''t understand how I can
achieve that, or if I''m on the right track. Whats at
2003 Dec 22
2
OpenSSH + PADL pam_ldap.so + password aging
First, my config:
Solaris 8
PADL pam_ldap v165 and pam_nss v211
OpenSSH 3.7.1.p2
All compiled with gcc 2.95.3 that ships with the Sun companion CD
LDAP PAM authentication is working well with OpenSSH, privsep is disabled,
challenge-response authentication is enabled. I would like to turn on
password aging, which seems to be well supported by pam_ldap. Logins going
through /bin/login correctly
2005 May 05
2
Fwd: Follow Up - Problem with groups & joining domain.- LDAP
Follow up to original post.
If I created local groups and users in /etc/passwd &
/etc/groups I get farther along.
For instance, if I have a Samba PDC with LDAP basically like I listed
in my post. If I browse from a w2k pro box to the samba server
without the workstation having joined the domain, I can authenticate
to the samba server with a user who is not in /etc/passwd but is in
LDAP. So
2015 May 05
4
ldap host attribute is ignored
On 05/05/2015 06:47 PM, Gordon Messmer wrote:
> On 05/05/2015 03:02 AM, Ulrich Hiller wrote:
>> /etc/openldap/ldap.conf contains the line:
>> ------------------------------------------
>> pam_check_host_attr yes
>
> /etc/openldap/ldap.conf is the configuration file for openldap clients.
> It is not used for system authentication or name service.
>
>>
2008 Aug 27
3
Solaris nss_ldap vs PADL nss_ldap
Hi All,
Any thoughts on why, while everything seems ok at the OS level
(getent , id -a ) Samba
doesn't pickup any supplementary groups when Solaris is configured with
'group: files ldap' in
nsswitch.conf and using it's own native nss_ldap.so.1 but does when
using PADL's nss_ldap?
Everything else is equal.
Do they use/accept different calls or could it be an
2002 Sep 05
2
using LDAP and PDC together
Hello,
I am in the process of migrating to
passdb backend = ldapsam
on debian unstable with the latest 3.0pre samba package.
All users have a ldap sambaAccount object which was added by hand after
using migrationtools from padl.com. Testing auth with smbclient works
fine, however when using samba as a PDC from WinXP I can't log into the
domain as I used to when "passdb backend =
2019 Jan 28
2
Winbind, cached logons and 'user persistency'...
On Mon, 28 Jan 2019 12:52:45 +0100
Marco Gaiarin via samba <samba at lists.samba.org> wrote:
> Mandi! Rowland Penny via samba
> In chel di` si favelave...
>
> > > Strictly speaking, why winbind cache ''PAM'' data and not ''NSS''
> > > one (seems to me)?
> > The problem is (for myself anyway), I do not understand the
>