similar to: Strong security in user's accounts and paswords..

Displaying 20 results from an estimated 1000 matches similar to: "Strong security in user's accounts and paswords.."

2008 Feb 04
0
RE: Strong security in user's accounts and paswords..[SOLVE]
Hi Mark and thanks for your soon answer.. I found this excellent guide on internet http://www.puschitz.com/SecuringLinux.shtml... here I could fine all I was looking for about securing my database server running on CentOS.. Regards Israel, >I'm running RHEL 4.6 and am using the features you are looking to >implement. PAM is the direction to look. I have included my
2010 Feb 18
7
Augeas pam.d argument checking
I''m trying to change the password complexity requirements in pam.d/system-auth using augeas. I can append the values (lcredit=-1, ucredit=-1, etc) onto the correct place, but if another value is already present (i.e. lcredit=-2), the onlyif match statement doesn''t seem to support checking regular expressions inside of strings. How do I check that any numeric value exists in the
2014 Nov 17
1
exercising pam_cracklib from the command line
CentOS-6.6 Is there any command line program that determines and reports what pam_cracklib.so returns for a given password; subject to variation in the command line options and values provided? For example, assuming a cli driver program called cli_driver_pgm: cli_driver_pgm pam_cracklib.so difok=8 minlen=14 dcredit=3 ucredit=3 lcredit=3 ocredit=3 minclass=2 maxrepeat=3 maxsequence=3
2010 Sep 14
1
cron breaking when enabling ldap
Hi When I enable a box to do authentication using LDAP it breaks cron for users like jboss. I get the following in /var/log/secure Sep 14 15:25:01 exoipatest01 crond[7214]: pam_access(crond:account): access denied for user `jboss' from `cron' I have the following in /etc/ldap.conf nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,tomcat,radiusd,news,mailman,nscd,jboss
2009 Mar 02
31
Using Augeas type to update sshd_config's AllowGroups
Hey gang, I seem to be having a brain disconnect on how to get the Augeas type to manage things that have multiple values (i.e. an Augeas tree) via Puppet. If I run this in augtool: augtool> set /files/etc/ssh/sshd_config/AllowGroups/1000 sshuser augtool> save I see this in /etc/ssh/sshd_config: AllowGroups sshuser However, if I try this in an Augeas type: augeas {
2016 Oct 12
2
Replacement pdc samba3 to samba4 nt classic
On 11.10.2016 17:22, Harry Jede via samba wrote: > Am Dienstag, 11. Oktober 2016 schrieben Sie: >> On 11.10.2016 13:52, Harry Jede via samba wrote: >>> On 10:43:49 wrote Gavrilov Aleksey via samba: >>> Until now, you have destroyed your domain. >>> Is the ldap directory on localhost in production or is this pc in a >>> test lab? >> a copy of the
2010 Apr 16
1
offline logon in 3.4.7-58
Having issues adapting our 3.4 configuration that worked very well using idmap rid in 3.3. It seems like winbind does not cache the credentials despite all of the settings being present. I can set winbind offline via smbcontrol and have it work, but if I reboot the machine (important for my laptops) off the network winbind complains that it can't find the logon server. When disconnected and
2008 Oct 27
0
system-auth on CentOS 5.2
Hi al.I have a problem with pam.d authentication rules. I searched on google and modified my system-auth file.Bu some rules does not works properly my system-auth like below: -------------------------- auth required pam_env.so auth required pam_tally.so onerr=fail per_user deny=3 auth sufficient pam_unix.so md5 nullok try_first_pass auth requisite
2006 Nov 09
4
openssh with radius server unreachable
Hello, I think to have find a small pb with openssh when a Radius server is unreachable. I use radius authentication with pam my system-auth is the following auth [success=done auth_err=die default=ignore] /lib/security/pam_radius_auth.so try_first_pass debug auth [success=ignore auth_err=ignore default=ignore] pam_nologin.so file=/etc/raddb/radiusfailure auth
2011 Mar 23
1
Issue with "change password" on windows dialog
Hi everybody! I am having an issue regarding my samba/pam configuration. I am trying to sync my unix/samba passwords, but everything i found online doesn't help. My System runs Gentoo/Samba 3.5.8 as PDC(roaming profiles host and so on) , and WinXP Clients. Domainjoin and Login work fine. But I want to change the Passwords from the Windows interface. When I try to change the password using
2002 Dec 05
2
Locking user accounts
Hello all, At this moment I am running a samba-ldap-pdc. This works really good. But what worries me is the following thing: user accounts never get locked. This is a problem cause anyone can guess or use bruteforce to enter password. Is there a solution/workaround for this? I want the following situation : when a user tries to logon for 4 times I want the account to lock out the account.
2008 May 22
4
winbind,ads, win2k3, trusted domains, user mapping
I have been ready everything I can regarding this setup but am having a problem that I am unsure of. I am unable to authenticate any user despite the following commands working: %> getent passwd <username> %> wbinfo -u %> wbinfo -g With the getent passwd I am able to see all of my UID/GID being mapped via winbdind to the rid of the domain user account. This command fails: %>
2009 Nov 25
2
how to join to AD ?
We have a small Ubuntu 9.10 file server in a large Win 2003/2008 domain. There is no X nor web browser in the server. I have rights to join machines to the domain, but I'm not an Administrator There is about 10 users in this server, who want to authenticate with domain passwords when they mount their home directories to WindowsXP workstations. The ssh passwords should be local and separated
2013 Jun 19
1
"The account is not authorized to login from this station"
Good Day, I am testing, in a lab environment, samba shares with ad authentication for access. My setup is as follows : * Windows 2008 RC2 * RHEL 5.9 * Windows 7 * Windows XP SP3 * Samba 3.0.33-3.39.el5_8 All machines, including the RHEL Server having been added to the Domain running on the Windows 2008 RC2 Server. As per the subject, when trying to connect, from XP or Win 7, to the shares I
2010 Apr 20
3
CentOS 5 - locking out users afer 3 failed attempts
Hi I am trying to lock users after 3 attempts and then set the timeout before they can log in again. I thought i could achieve this with auth required pam_tally.so deny=3 unlock_time=600 in /etc/pam.d/system-auth but it seems to not be the case - I cant find a working config for this anywhere and i wonder if anyone has one they can share? thanks
2005 Jun 14
2
automatically create home directories
I have a Suse 9.1 Enterprise Server connected to our Windows 2003 Active Directory Domain for use a file server, housing peoples home(backup) directories. The Suse box is connected to AD with winbind and it's connected fine. The problem is that when I create a user on the windows box it's not creating a home directory in Linux. It says I don't have create access on the server when I
2005 Jan 21
1
tdbsam (local) to ldap (tdbldap) backend migration causes pam restrictions not to work anymore?
Hi, I am using samba 3.0.10 on Debian and have had my users in tdbsam backend untill now. They have had the ability to change their unix password along with samba password and besides that I was able to apply some PAM restrictions to the users password strength via pam_cracklib.so library. I have now moved the users into ldap and auth works ok, but I cannot change users password and still have
2004 Feb 23
1
home directories with winbind
Hello all, I've installed samba-3.0.1 on a linux machine that has a role of domainmember in an NT domain. What I would like is that there would be nothing to do on the linux machine when adding a user in teh NT domain. For that I have started and configured winbind that works fine. But I want to create a share for each user on the NT domain. I have in my smb.conf a [homes] share, but when a
2016 Oct 12
0
Replacement pdc samba3 to samba4 nt classic
Am Mittwoch, 12. Oktober 2016 schrieben Sie: > Thanks to your help, earned. > > 1. I reinstalled ldap > > 2. remove all entries except sambaDomainName According to your logs, you have had three entries > 2. smbldap-populate > > 3. /usr/local/sbin/smbldap-passwd -s root > > 4. net rpc join -S 127.0.0.1 -U root%secret > > 5. restore from a backup of users,
2016 Oct 10
6
Replacement pdc samba3 to samba4 nt classic
Migration was held in connection with the breakdown of the old server after setting up a new server stopped working to add windows pc to a domain root at pdc:/var/log/samba# cat /etc/samba/smb.conf [global] # Default options allow nt4 crypto = yes client ntlmv2 auth = no disable spoolss = yes dns proxy