Displaying 20 results from an estimated 2000 matches similar to: "Samba as member of multi domain AD (nss/pam)"
2012 Feb 23
1
Error accessing others domains in forest
Hello all.
After last update (from winbind-3.5.3 and krb5-1.8.1 to winbind-3.5.10
and krb5-1.9.1) users from a trusted domain can't authenticate any more.
Machines are joined to domain PERSONALE, and users from domain STUDENTI
aren't recognized. Domains are handled by W2k8 or W2k8r2 (I have no
control on these).
Last lines from /var/log/samba/log.wb-STUDENTI report:
[2012/02/23
2011 Nov 30
1
Failing identification of users in trusted domains?
Hi all.
I'm getting mad at this.
I use winbind to authenticate users in multiple domains from AD. The
config worked well, before upgrading from 3.5.3 to 3.5.10 in Mandriva.
Now, if I 'winbind -i user.name' (so using the joined domain PERSONALE)
I get the correct info, but if I do a 'winbind -i
STUDENTI\\another.name' the answer is a 'Could not get info for user
2012 May 23
2
multi home dir locations
Hi all,
i've got samba 3.6 joined to a ad domain (s4 in this case)
running winbind
all looks ok, but i ran into a problem (for us that is)
i've got 2 groups (students and employes)
who have there home dirs in 2 different places.
/home/students/<user>
/home/employ/<user>
so far so good, but i can't make the [homes] work for both of them (just
1 group)
in winbind
2009 Nov 19
1
Other troubles
Hello again.
There are some more issues I still couldn't fix, and can't say if it's
only a misunderstanding on my side, something that can't be done or a
bug (I doubt).
1) In our organization we have two "primary" domains (a lot of others,
but they're not interesting here). I tried changing the default
'PERSONALE' (where machine is joined) to
2012 Jul 30
1
'x' bit always set?
Hello all.
Seems I can't find the root cause of $subj.
When I store a file on my "home", it gets chmodded ugo+x ...
My smb.conf is:
-8<--
[global]
workgroup = PERSONALE
realm = PERSONALE.EXAMPLE.COM
server string = Local shares
netbios name = STR00160-SAMBA
security = ADS
encrypt passwords = true
password server =
2012 Feb 20
1
A couple of quick questions
Hi, Everybody,
I have a couple of quick questions that I'm having a little of
difficulty with. I'm guessing these will be pretty easy to answer.
The first is;
1) Is it possible to deterministically set the domain name that will
be used when the "winbind use default domain = Yes" option is
configured in /etc/samba/smb.conf? I want to set a default domain,
however I do not
2015 Jan 21
2
Is anyone using C7 in production yet? (sssd, nss-pam-ldapd, kerberos, etc)
> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Gordon Messmer
> Sent: den 21 januari 2015 05:47
> To: CentOS mailing list
> Subject: Re: [CentOS] Is anyone using C7 in production yet? (sssd,
nss-pam-
> ldapd, kerberos, etc)
>
> On 01/20/2015 05:26 PM, Dan Irwin wrote:
> > Before I fire up a
2015 Jan 21
2
Is anyone using C7 in production yet? (sssd, nss-pam-ldapd, kerberos, etc)
Hi all,
Is anyone using C7 in production with LDAP and kerberos?
Currently all of my machines run C5 or C6 with nss-pam-ldapd or nss_ldap,
with kerberos and pam_krb5 for authentication.
Before I fire up a test VM (is it even worth it?) I wanted to check
feedback from the community.
Cheers!
Dan
2015 Jan 21
4
Is anyone using C7 in production yet? (sssd, nss-pam-ldapd, kerberos, etc)
> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Fred Smith
> Sent: den 21 januari 2015 15:35
> To: centos at centos.org
> Subject: Re: [CentOS] Is anyone using C7 in production yet? (sssd, nss-pam-
> ldapd, kerberos, etc)
>
> > > > Before I fire up a test VM (is it even worth it?) I wanted to
2019 Oct 17
4
Offline logon and NSS...
I'm revising some docs, and i've returned on the 'offline logon' tema.
Looking at:
https://wiki.samba.org/index.php/PAM_Offline_Authentication
and smb.conf manpage, it is clear that 'offline logon' is
a pam/authentication only, does not involve NSS.
Considering a 'full offline' DM client (supposing a portable), there's
a 'winbind permanent nss
2009 Feb 12
1
OpenSUSE 11.1 with OpenLDAP => some surprises (ldap.conf, nss-ldap.conf, nsswitch.conf)
Hi,
this has nothing directly to do with samba, but there might be some
people who try to use samba with (Open)LDAP on OpenSUSE 11.1 like me.
Between 10.2 and 11.1 the nss_ldap configuration has changed a bit.
The file which configures the access to ldap is now /etc/nss-ldap.conf
and seems to have the identical layout as the former /etc/ldap.conf.
Also needed is the "nslcd"
2012 Jul 24
0
Config doubt
Hello all.
Is it right to have:
idmap backend = tdb
idmap uid = 2000-9999
idmap gid = 2000-9999
idmap config PERSONALE:backend = rid
idmap config PERSONALE:base_rid = 500
idmap config PERSONALE:range = 100000 - 49999999
idmap config STUDENTI:backend = rid
idmap config STUDENTI:base_rid = 500
idmap config STUDENTI:range =
2013 May 20
1
[Samba4] modifying attributes: no write access to self
Hi all
*Context:*
I'm trying to use the s4bind scripts (
http://linuxcostablanca.blogspot.com.es/p/s4bind.html)
k5start is running
So far, i've succeeded in
* modifying (posixifying) the built-in "Domain Users"
* adding a user to this group and i can login with this user (ssh), create
files that are correctly owned, etc... The user also shows up correcly in
ADUC.
* retrieving
2015 Apr 23
1
Samba 4.1 Member Server and Winbind
Greetings, Peter Ross!
> problem solved but part of the mystery remains:
> It has to do with the root shell!!
Oh? I'm no expert, but I could probably explain it.
If you're using statically linked shell (busybox comes to mind), you are
locked to whatever libs have been linked in at the compile time.
Also re: your previous wonder about library name, it may differ between
2011 Oct 31
3
NSS ldap problems
I'm having trouble setting up ldap based authenication.
I have a virtual (KVM) CentOS 5.4 box set up to authenticate to a 389 (fedora) directory server, and that works fine.
However, I set up a virtual box running CentOS 6, and I can't get it to authenicate.
I've run authconfig with the appropriate flags, ldapsearch properly finds the data, but I can't log in. /var/log/secure
2018 Jul 10
0
NSS on Debian Stretch with libnss3: Can not initialize SSL context
I am unable to get 2.7.4 to work with NSS support as provided by libnss3
2:3.26.2 on Debian stretch.
Currently NSS supports two database formats identified by prefixes "sql:" for
the new database and "dbm:" for the legacy database.
I created the NSS database in directory /etc/nut with command
certutil -N -d dbm:NSS_db --empty-password
I copied over public key and
2002 Jun 06
3
pxelinux and image selection?
Hi!
I've been working with pxelinux for quite some time now, and I'd like to
use PXE and a simple kind of selection menu (like syslinux does).
But I couldn't get it to work. I can enter several "label" sections to
my pxelinux.cfg/<something> but it'll never ask, just boot the
first/default one ...
Is this currently supported at all? Or did I miss something?
2002 Jun 15
2
Bug in 1.75 PXE code
Hi!
I've spent the last days trying to get PXE working (with all the nice
stuff that's in the specification - doesn't work :-( )
So I tried the new 1.75 with the Intel DOSUndi Bootdisk (which should
verify that everything works correctly) but it does no longer work
with syslinux-1.75!
1.74 is fine - so I guess something is broken here ...
Please have a look at it - and let me know
2008 Feb 29
4
help
Dear Sir/Madam,
I got some problem about using R.
I am a student, and need to use R a lot. But sometimes when I am working in
computer lab, we can not install some particular pacakges by ourselves because
of the previliges.
Can the folder of Librabry of R, move to, for instance the personal folder, my
documents... then we can install any specified package?
Best regards,
2015 Aug 19
2
Samba 4 DC - no AES kerberos tickets - only arcfour
Hi Trever,
things improved after resetting user/machine passwords, however only the session key is using aes256 now, the ticket itself is still arcfour:
root at ubuntu1:~# kinit user09999
user09999 at S4DOM.TEST's Password:
root at ubuntu1:~# klist -v
Credentials cache: FILE:/tmp/krb5cc_0
Principal: user09999 at S4DOM.TEST
Cache version: 4
Server: krbtgt/S4DOM.TEST at