similar to: Linux SSO with samba4?

Hi, When I have a service on a client that tries to use kerberos and I get errors such as these in the log.samba file: Kerberos: UNKNOWN -- host/ubuntu-test.mydomain.net @ MYDOMAIN.NET: no such entry found in hdb Does this mean that the kerberos authentication system is looking for the principal "host/ubuntu-test.mydomain.net @ MYDOMAIN.NET" in samba4's domain or in the

Hi, I have set up a standard samba4 server via http://wiki.samba.org/index.php/Samba4/HOWTO and have tested that windows machines can join the samba4 AD. Now I am trying to join an Ubuntu machine to the same samba4 ad but it is failing for me with the following message: # net ADS JOIN -U Administrator Enter Administrator's password: Failed to join domain: failed to lookup DC info for domain

Hi, I am doing some kerberos testing with samba4 using ssh. I have setup samba4 using the howto at http://wiki.samba.org/index.php/Samba4/HOWTO and active directory seems to be working both with Windows and Linux clients. ssh unfortunately is not kerberos authenticating via GSSAPI. The client krb5.conf contains this: ===================================================== [libdefaults]

Hi, I solved my ssh GSSAPI problem. There were a lot of solutions on google referring to a proper fqdn in the /etc/hosts file and having the fqdn's/principals in the kerberos server's keytab file but I found out that my problem was that the samba4/kerberos server was running on a multi-homed machine and that the ssh server kerberos authentication needed the following parameter in order

Hi all *Context:* I'm trying to use the s4bind scripts ( http://linuxcostablanca.blogspot.com.es/p/s4bind.html) k5start is running So far, i've succeeded in * modifying (posixifying) the built-in "Domain Users" * adding a user to this group and i can login with this user (ssh), create files that are correctly owned, etc... The user also shows up correcly in ADUC. * retrieving

Hi all, i've got samba 3.6 joined to a ad domain (s4 in this case) running winbind all looks ok, but i ran into a problem (for us that is) i've got 2 groups (students and employes) who have there home dirs in 2 different places. /home/students/<user> /home/employ/<user> so far so good, but i can't make the [homes] work for both of them (just 1 group) in winbind

Question: Right now samba4 is great as in all-in-one solution (samba, kerberos, ldap, dns) into one service. Is it possible to split it up so that for example, I run openldap on one server, kerberos on another server, and then dns/samba on a third server? br, Quinn

Hi, I am trying to configure the nslcd service on an Ubuntu client for kerberos authentication against samba4. My /etc/nslcd.conf contains the following: uid nslcd gid nslcd uri ldapi:///cofil01.mydomain.net base dc=mydomain,dc=net sasl_mech GSSAPI krb5_ccname FILE:/tmp/host.tkt I have added the host principal "host/ubuntu-test.mydomain.net @ MYDOMAIN.NET" to /etc/krb5.keytab on both

On Thu, 27 Aug 2015 23:03:39 -0400 Robert Moskowitz <rgm at htt-consult.com> wrote: > > On 08/27/2015 08:45 PM, Jim Seymour wrote: > > On Thu, 27 Aug 2015 17:00:28 -0400 > > Robert Moskowitz <rgm at htt-consult.com> wrote: > > > >> Ah, LDAP is included within Samba, I find. Don't install provided > >> one... [snip] > > >

moin *, sorry for the cross-post; follow-ups should go to xdg@ (the only one of those lists i'm subscribed to). i'm pondering with the idea to implement SingleSignOn based on an authentication agent like the ones employed by ssh and gnupg. the system would consist of the two main components: - fdo-keyagent, certainly a d-bus service - pam_keyagent. a PAM module that would authenticate

I have a working Samba 4.0.0 AD DC running and am able to manage users etc using the Windows tools. Great. Now I want to as much as possible eliminate the need for an additional directory service (OpenLDAP and/or Open Directory) if not entirely. I need automount working and Posix users. I believe it's possible to set this up but haven't been able to find any solid documentation - Can

Hi folks, Have been battling with this for a while. I have a Debian 6/Samba 4 install working nicely. Have migrated my old Samba 3 domain and can see all users/groups via AD management tools fine. I am now trying to get the *nix side sorted. Have followed the guide here: https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd Which works up to a point. All users and

Hello list, I need update my samba, I run firtly ./configure.developer, and when I run make I get this message 123/3913] Compiling lib/replace/replace.c In file included from ../lib/replace/replace.c:26: ../lib/replace/replace.h:112:24: error: bsd/string.h: No such file or directory ../lib/replace/replace.h:116:24: error: bsd/unistd.h: No such file or directory Waf: Leaving directory

Hi list, I'm looking for someone out there, using samba as a member server in a multi-domain Active Directory forest (maybe even with nss_/pam_winbind for unix users/groups). It took quite a long time to get things working at all here, and we're still not really comfortable with our current solution (especially the unix nss/pam part). I'd be glad if someone out there was interested

I am trying to download a 200MB ISO file and each time I attempt to do so it will timeout after around 30 MB. I've used both a Microsoft and a FreeBSD tftp client with the same results. When PXE booting a pc and letting it download the ISO it either hangs halfway through or the ISO appears to be corrupted when trying to boot to it from ramdisk. I am looking for suggestions on how to

I have been trying to get SSO to work correctly with the following packages, and I appear I am missing something and I was wondering if anyone can help me or point me in the right direction? I am currently using the "auth_ntlm_winbind_module" for apache to try and authenticate and was hoping to get SSO to work. I have gone through all the steps on SEVERAL sites trying to figure out how

I'm very confused. I have a Samba4 AD/DC which works great for Windows Authentication with our Windows 7 workstations. Now, I am trying to implement single-sign-on for our coming-soon Linux workstations. All web documentation I've so far found on this references OpenLDAP as the server and describes server-side commands such as kadmin and slapd-config to get things set up on the

So I was googling around about this over the last week and here is what I found: nis/yp is for some reason bad. Kerbos is holy, but no how-to's that don't involve windows and active directory. What is the recommended sso approach for centos? Where are there examples / docs to follow? Jason -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- -

Hi, I?ve been reading up on SSO-based logins for the last couple of weeks. I?ve found a lot of information about it, but nothing that matches my situation. Here?s the gist of my situation... - I have a Samba 3 PDC in our corporate office as well as three remote offices. - Each remote office is in a different physical building and connected to the Corporate office either via Point-to-Point T-1

I actually spent the entire last day getting 'ad' backend to work. Adding 'idmap config SAMDOM : backend = ad' and related lines in the client's smb.conf results in `getent passwd` ... Use : getent passwd username Check if wbinfo -u works also. As tip, if you try these. id username getent passwd username wbinfo -u | grep username If all work and show your usename,