Displaying 20 results from an estimated 12000 matches similar to: "[Bug 2080] New: Add debug statements for gss_krb5_copy_ccache"
2003 Sep 18
1
ssh-openbsd-2003091700 distribution missing gss_krb5_copy_ccache
Build attempts of the new ssh-openbsd-2003091700 distribution fail
like this on OpenBSD 3.2:
cc -o sshd sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o sshpty.o sshlogin.o servconf.o
serverloop.o uidswap.o auth.o auth1.o auth2.o auth-options.o session.o auth-chall.o auth2-chall.o
groupaccess.o auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o auth2-none.o auth2-passwd.o
2003 Aug 10
9
updated gssapi diff
this is the proposed gssapi diff against OpenSSH-current (non-portable).
note: if this goes in, the old krb5 auth (ssh.com compatible) will be
removed.
please comment.
jakob
Index: auth.h
===================================================================
RCS file: /home/hack/jakob/mycvs/sshgss/auth.h,v
retrieving revision 1.1.1.2
retrieving revision 1.3
diff -u -r1.1.1.2 -r1.3
--- auth.h
2007 Jan 17
3
[Bug 1276] Link stage fails when gssapi exists
http://bugzilla.mindrot.org/show_bug.cgi?id=1276
Summary: Link stage fails when gssapi exists
Product: Portable OpenSSH
Version: v4.5p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Build system
AssignedTo: bitbucket at mindrot.org
ReportedBy: jengelh
2005 Jul 06
0
[PATCH] Simplify Kerberos credentials cache code
The attached patch removes the duplicated credentials cache generation
code in auth-krb5.c and gss-serv-krb5.c, by turning it into a procedure
which is then called by both sections of code.
It's against the latest portable CVS tree.
Cheers,
Simon.
-------------- next part --------------
Index: auth-krb5.c
===================================================================
RCS file:
2006 Mar 01
3
[Bug 1166] openssh-4.3p1 has some issues compiling
http://bugzilla.mindrot.org/show_bug.cgi?id=1166
Summary: openssh-4.3p1 has some issues compiling
Product: Portable OpenSSH
Version: 4.3p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: bitbucket at mindrot.org
ReportedBy:
2016 Oct 11
2
Problems with GSSAPI and LDAP
On 2016-10-11 11:03, Aki Tuomi wrote:
> On 11.10.2016 11:56, Juha Koho wrote:
>>
>> On 2016-10-11 10:00, Aki Tuomi wrote:
>>> On 11.10.2016 10:43, Juha Koho wrote:
>>>>
>>>> On 2016-10-11 09:18, Aki Tuomi wrote:
>>>>> On 11.10.2016 10:13, Juha Koho wrote:
>>>>>> Hello,
>>>>>>
2016 Oct 11
2
Problems with GSSAPI and LDAP
On 2016-10-11 10:00, Aki Tuomi wrote:
> On 11.10.2016 10:43, Juha Koho wrote:
>>
>> On 2016-10-11 09:18, Aki Tuomi wrote:
>>> On 11.10.2016 10:13, Juha Koho wrote:
>>>> Hello,
>>>>
>>>> I have a Dovecot 2.2.25 set up with OpenLDAP back end. I was trying
>>>> to
>>>> set up a GSSAPI Kerberos authentication with
2003 Oct 30
1
Patch to make sshd work on multihomed systems
As far as I know this patch has no security implications -- I don't
believe that allowing sshd to use get_local_name() (in canohost.c) on
a connected socket to determine it's own fqdn will allow a malicious
client (or router or dns server) to make it come to the wrong
conclusion. But please let me know if you think I'm wrong.
Please also let me know if you're just not interested
2010 Nov 19
1
winbind - wbinfo problem - SOLVED
Hi John,
The same smb and winbind configuration ( same SUSE box ) works good other
Windows AD servers.
"#wbinfo -u" and "#wbinfo -g" returns the users and groups respectively.
Thanks for your great help !!!
what is the difference between "#net rpc" and "#net ads" ?..if you have
time, give some explanation..
Regards,
Vivek
On Mon, Nov 15, 2010 at 6:56
2016 Oct 11
2
Problems with GSSAPI and LDAP
Hello,
I have a Dovecot 2.2.25 set up with OpenLDAP back end. I was trying to
set up a GSSAPI Kerberos authentication with the LDAP server but with
little success. Seems no matter what I try I end up with the following
error message:
dovecot: auth: Error: LDAP: binding failed (dn
(imap/host.example.com at EXAMPLE.COM)): Local error, SASL(-1): generic
failure: GSSAPI Error: Unspecified GSS
2016 Oct 11
2
Problems with GSSAPI and LDAP
On 2016-10-11 09:18, Aki Tuomi wrote:
> On 11.10.2016 10:13, Juha Koho wrote:
>> Hello,
>>
>> I have a Dovecot 2.2.25 set up with OpenLDAP back end. I was trying to
>> set up a GSSAPI Kerberos authentication with the LDAP server but with
>> little success. Seems no matter what I try I end up with the following
>> error message:
>>
>> dovecot:
2007 Dec 04
0
keytab file issues
I am trying to join a samba server and have the keytab file set. After
joining there was no keytab file so I ran the command:
/usr/sfw/sbin/net ads keytab add host -d 10
This was the result:
[2007/12/04 21:40:09, 5] lib/debug.c:(391)
INFO: Current debug levels:
all: True/10
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
2013 Mar 08
0
samba 4.0.3: ads_sasl_spnego_krb5_bind failed with "Did not find a plugin for ccache_ops" [solaris]
Hi everybody,
I've compiled samba 4.0.3 with gcc 4.4.4 on openindiana.
But now I have a problem joining the domain....
/usr/local/samba/bin/net ads join -d 10 -U jvanthienen
...
"ads_sasl_spnego_krb5_bind failed with: Miscellaneous failure (see
text) : Did not find a plugin for ccache_ops, calling kinit"
...
Is this ccache plugin really needed? Can I disable this and how ? any
2007 Apr 03
1
Winbind 3.0.25-pre2 problems with sid2uid
Hi,
I have tested winbind in samba-3.0.25-pre2 and encountered some problems. We have a working config with Linux samba-3.0.23d and W2k3 AD R2 rfc2307bis, but when I switch to 3.0.25 it stopped working. I am not quite familiar with the new configuration directives for idmap, but the old config did not work either with 3.0.25, so I tried to use the new ones.
Is there apparent errors in my config
2005 Jun 17
0
net ads join fails on W2K3 server with latest MS patches
Hi All,
For the past few months I've been running a SUSE 9.2 server here
(mostly as an app server) which was a member of an AD domain
(w2k3 domain controller.) I used winbind to enable domain members
to log into the box, all was well.
This week the w2k3 server had some MS security patches applied
and suddenly logins became impossible, because winbind was unable
to retrieve user info from the
2006 Jul 28
1
Could not join to domain with krb5 error: Message stream modified
Hi all,
I have a situation in which my SAMBA 3.0.14a could not join the a very
large windows 2003 AD domain with tens of domain controllers all over
the world. With an error I have never seen before.
The kinit part went OK but the net ads join part failed.
What we tried is to have our SAMBA joined one of the OU in which we have
the credentials to join.
BTW we had no problem to join other
2010 Nov 16
0
Still have problems with secure NFS and Kerberos
Both pc13267 and pc14113 run CentOS 5.5. On pc14113, my test user gets a
home directory when logging in, but not on pc13267. But why?
All logs below are from /var/log/messages. I have removed dates and
stuff from the beginning of lines to make them more readable, and then
grouped lines about the same thing from both machines.
> pc13267 Using keytab file '/etc/krb5.keytab'
>
2008 Apr 01
1
Strong(er) authentication required when joining Active Directory (Samba 3.0.28)
Hello all,
I'm having problems getting Samba to join a Windows AD. I am delegated
OU admin, and have no direct access to the domain controller. We have 3
DCs in one domain where my OU exists. The users I wish to authenticate
are in a different domain.
I have set up Kerberos and can receive tickets correctly.
I run
net -d 4 ads join createcomputer=[Delegated OU] -U [account with join
2015 Jun 03
0
Cannot join Ubuntu12.04 Samba 4.1.17 to domain
I reproduced error WERR_DEFAULT_JOIN_REQUIRED in two scenarios:
- user account that is used to join machine to domain is not part of Domain
Admin group.
- OU path for computer (specified in createcomputer) is invalid
In both of those cases I'm getting detailed error messages: 'insufficient
access' and 'invalid path' respectively but on customer site I'm always
getting:
2009 Mar 19
1
Can join ADS domain, all accounts/auth work fine, but leaving domain fails
Hello all,
As the subject says, as far as I can tell everything works on my ads
integrated samba server. Domain accounts can be used for ssh, and
accessing shares, I just can't leave the domain. Here is a successful
join command followed by an unsuccessful leave command at debug level 4.
Any ideas?
TIA,
Mark
user@dordal:~$ sudo net ads join -U administrator@MYDOMAIN.COM -d 4
[2009/03/19