similar to: ktpass.sh error / How to generate a keytab for a new service (apache) with SAMBA4?

I was trying to get authentication via kerberos working but I'm having trouble trying to run ktpass as in step 6 here http://robertan.com/home/2015/01/14/kerberos-auth-with-apachephp/ ktpass -princ HTTP/contoso.com at CONTOSO.COM -mapuser CONTOSO\<USERNAME> -crypto all -ptype KRB5_NT_PRINCIPAL -pass <PASSWORD> -out webpage.HTTP.keytab I'm not sure of the

Hello, all: My Samba server is a member of a Windows 2000 AD domain. Authentication to the Samba server is, of course, by encrypted NTLM hashes. Authentication to the host itself, which runs Red Hat Linux 7.1, is by NIS (the AD domain controller is running Server for NIS). I want to remove NIS (or at least the passwords from NIS). To accomplish this, I wish to use pam_krb5 to authenticate users

Hi all, I’m looking to add in a kerberos principal on my server for the AD domain. I see there are ways to do this for user(s), but I don’t see how to add a principal for hosts. In general, I’ld like to add something like the following to me 4.3.4 Domain: ktpass -princ afpserver/fqdn at REALM -mapuser mapuser at domain +rndPass -out afpserver.keytab This is for a netatalk server. I’ve never

Hi, On 27-06-2016 08:58, Mark Foley wrote: > So, I'm apparently lacking in the kerberos stuff. Here's the problem -- Samba4 uses Heimdal > Kerberos and when I provisioned my domain apparently none of these needed kerberos files were > set up. I can, however, kerberos authenticate from domain workstations both WIN7 and Linux. You don't need any Samba4 stuff, to get it

Hello List, I am (unsuccessfully) trying to automatically get a valid kerberos ticket for my linux box. I have - in a test environment: - a windows 2000 server with Active directory and DNS properly set up. - a suse linux 9.0 router with samba3.0.2.rc.1 and heimdal 0.6.-67. - I am able to join the domain and get a valid ticket through kinit, if I enter the Administrator's password or the

Hello, I'm trying to access a samba share using an ADS user credentials. I always get an error, and the debug traces (log level = 5) are giving me the output in the follow. I have searched the samba ML archives, and I have found the thread http://lists.samba.org/archive/samba/2004-April/084545.html but, before asking the system admin to apply the eventual KB fixes, I would like to know if the

Hi, I have 2 samba4.0.5 DC controllers running ubuntu 12.04 in my network which are in sync. Everything works fine but I still get the following error on the first samba4 DC I installed when running /usr/local/samba/sbin/samba -i Failed to bind to uuid e3514235-4b06-11d1-ab04-00c04fc2dcd2 for e3514235-4b06-11d1-ab04-00c04fc2dcd2 at ncacn_ip_tcp

On 12 April 2015 at 14:34, Rowland Penny <rowlandpenny at googlemail.com> wrote: >> - perhaps use sssd? (which I haven't yet investigated, to be honest) > > You could try sssd, this has a backend like the winbind backend and will > also work on the DC (well it did the last time I tried it, which was some > time ago) . Thanks! I'm looking at

Hi, When provisioning a new domain, samba4 creates /usr/local/samba/private/dns.keytab. What's the best way to create that file manually, when not provisioning a new domain? My use case is how one migrates from a Windows AD+DNS to samba4+bind9. I begin by joining a new samba4 instance as a DC to an existing Windows domain (so no "/source4/setup/provision"), then getting rid of the

Hi Team, I am Riyaj from WIPRO contacting you for very stange SAMBA issue. We have Samba V 3.0.28 running on AIX 5.3 and AIX 6.1 with WIN XP as client computers on DOMAIN A Now we are planning to migrate all the client computers to WIN 7 running on DOMAIN B which has trust relationship with DOMAIN A While I provided access to the client from AIX side they are not able to access it from WIN 7

Hello, I'm running samba4 and I installed phpldapadmin to connect to the samba ldap. When I am logged in as administrator i can't see the password hashes of my users or myself. Does samba need any extra configuration/ compile parameters to view the password hashes? Or does samba has a default "manager" ldap account? Best Regards Tim Vangehugten

Hello, I am currently migrating from OpenLDAP to samba4 and encountered the following problem, I only can bind to CN=sambaadmin,CN=Users,DC=example,DC=com. So I was wondering if it is possible to bind to the CN=Schema,CN=Configuration,DC=example,DC=com? If so, where can I find the credentials? Best Regards Tim Vangehugten

Hello to every Samba expert out there, We've been having a hard time figuring out a particular problem with Samba. After joining the Server 2003 ADS, which is on a different subnet - just going through a router, the membership would drop all of a sudden. Everything works great when the Samba server is on the same subnet as the Server 2003 ADS. I have posted some details on forums, here is a

Hi folks, "somehow" similar to the thread "under some kind oof attack" started by "MJ": I have dovecot shielded by fail2ban which works fine. But since a few days I see many many IPs per day knocking on my doors with wron password and/or users. But the rate at which they are knocking is very very low. So fail2ban will never catch them. For example one IP: Jul 25

Hi, i need to construct a link as following "<a href=\"#{CONFIG[''URLS''][''Xyz'']}\#{url}\"#{tag_options}>#{name || url}</a>" But here due to escape character #{url} not give actual value it treated as a string. how to solve this ? if i do "<a

I'm trying to integrate Samba with my kerberos configuration on Solaris 10 (with Samba 3.0.23d) and I have one basic issue - probably I don't understand something. Hopefully one of you experts can help. We have an AD based organization but we do a lot of Unix work on Solaris 10 and AIX 5.3 - I have about 75 *nix servers of various flavors. There's a lot of value in SSO

Am 16.09.2016 um 22:00 schrieb Robert Moulton via samba: > Achim Gottinger via samba wrote on 9/15/16 1:20 AM: >> >> >> Am 15.09.2016 um 09:35 schrieb Rowland Penny via samba: >>> On Wed, 14 Sep 2016 16:23:27 -0500 >>> Michael A Weber via samba <samba at lists.samba.org> wrote: >>> >>>>> On Sep 14, 2016, at 2:00 PM, Achim

Hello, ALL. I am trying to organize a transparent single sign-on concept for my Active Directory users into Dovecot via IMAP. On the user's desktop I use Thunderbird 6.0 as a mail client (MUA), Windows XP as an operating system. Domain is controlled by Windows 2008 Server SP2 with Active Directory. I have installed on my Mail server Debian GNU/Linux 6.0.2 (Squeeze) and Dovecot 2.0.13 from

> On Sep 14, 2016, at 2:00 PM, Achim Gottinger <achim at ag-web.biz> wrote: > > > > Am 14.09.2016 um 20:33 schrieb Michael A Weber: >> >>> On Sep 14, 2016, at 1:10 PM, Achim Gottinger <achim at ag-web.biz <mailto:achim at ag-web.biz>> wrote: >>> >>> >>> >>> Am 14.09.2016 um 19:53 schrieb Michael A Weber:

Am 15.09.2016 um 09:35 schrieb Rowland Penny via samba: > On Wed, 14 Sep 2016 16:23:27 -0500 > Michael A Weber via samba <samba at lists.samba.org> wrote: > >>> On Sep 14, 2016, at 2:00 PM, Achim Gottinger <achim at ag-web.biz> >>> wrote: >>> >>> >>> >>> Am 14.09.2016 um 20:33 schrieb Michael A Weber: >>>>>