similar to: howto install sudo schema

Hello CentOS I am having a bit of trouble importing an ldif into openldap, tho the syntax looks a-ok to me. I am attempting to import my sudoers list into my ldap configuration and I used an application called sudoers2ldif to generate the ldif. I used the following command to import the file: ============================================= [root at bluethundr-desktop:~/txt/ldif ] $:ldapadd -h

Hi, I'm having hard time getting sssd_sudo to work: when sssd_sudo accesses Samba ldap with host principal 'dc1$@teemu.local' it can't read necessary attributes like objectclass: sudoRole. When accessing as Administrator all attributes are shown. How can I enable other users then Administrator to access sudoers' attributes? Below is an example. [root at dc1 var]# kinit

Hi all! I'm attempting to configure sudo rights from Samba ldap. Alas, libsssd_samba receives 0 rules and config doesn't work. I think I have the problem identified here but I don't understand why. The way sssd_sudo searches for sudoers leave all important attributes out and of course filtering then fails. Can you help me to understand why following search results are so different (and

So I have this centos 5.10 box which authenticates network users against ldap(authorizing)+kerberos(authentication). And I now would like to have sudo be able to allow admins (netgroup chinbeards) to sudo about. I am not using sssd though (yet). Here is the output of me trying sudo (debug on): [raub at centos5-x64 ~]$ sudo pwd LDAP Config Summary =================== uri

On Thu, 21 Apr 2016, John Gardeniers wrote: > Good news, I now have this working. Once I finish writing my notes I'll make > them available to whoever might want them. Good to hear. I tried to get his working by following some of the online docs and the sudoers docs, and never did get it to work. It'd be great if someone could put this up on the Samba wiki when it's

Hello All, I am currently changing my samba linux clients (Debian) from sssd binding to winbind. With sssd I had all sudo rules within the samba active directory. The configuration was based on: https://lists.samba.org/archive/samba/2016-April/199402.html Is there some guideline like the one mentioned available/has someone already experience with this for winbind based clients? Within the

This is annoying. I ssh to a server, then, it doesn't matter if I su - or sudo -s, I start a service (motion, if it matters), and when the service sends an email, it's from me, not from root, or the user the service runs as. I've dumped my environment, I've just dumped service's environment. I've set SUDO_USER to root, and SUDO_UID to 0, and restarted the service, and

Hi folks ! Has someone any idea on this issue on AIX 5.3 TL 10 with winbind ? I'm really stuck now ... I think everything is working pretty well with WINBIND and AD 2k3 , but not my most important point : I absolutely need the Secondary groups of each AD user which get connected to the AIX to use this filter with sudo... I only get Primary Group (which is by default "Domain Users"

hi everyone could someone show me there sasl configuration section in their dovecot.conf, i have postfix and dovecot setup for virtual users (no system users) everything works fine including tls, i have tried various examples off the web for sasl but they either have obsolete parameters or are for a setup with system users, i would prefer to use dovecots sasl implementation. dovecot --version =

On 9/2/19 3:03 PM, Sami Ketola wrote: >> On 2 Sep 2019, at 15.25, Peter Mogensen via dovecot <dovecot at dovecot.org> wrote: ... >> Is there anyway for dsync to avoid moving Gigabytes of data for could >> just be "moved" by moving the mount? > > > Not tested but you can probably do something like this in the target server: > > doveadm backup -u

Am 30.12.18 um 10:53 schrieb Sami Ketola: > >> On 29 Dec 2018, at 23.49, Hans Brage <hans at plattformen.se> wrote: >> >> Hi! >> >> I'm currently running an small imap-server on Dovecot 2.2.4 but will retire that server. I've set up an new server with Dovecot 2.3.4 and will migrate the mailboxes (maildir-format) from the old to the new server.

HI, i am trying to use sudo user to access xen server remotely. As its documented, libvirtd can be accessed only through root user or users from libvirtd usergroup. is there any tweak or possibility to access libvirt remotely through sudo user? or by using certificate? code snippet: #!/usr/bin/env python import sys import libvirt conn = libvirt.open('xen+ssh://sudo_user@xen_server') 

hi all i have samba4 ad setup and working, i am currently trying to set up passwordless ssh on my client servers, i have read this page https://wiki.samba.org/index.php/Authenticating_other_services_against_AD i have a properly configured krb5.conf file, i have a keytab from the samba dc and i can kinit and obtain a valid ticket. the only thing i have not done is to join my client which is a

Hi everyone archlinux Release: 2014.06.01 using the information on https://wiki.archlinux.org/index.php/Samba_4_Active_Directory_Domain_Controller to install my Active Directory Domain Controller :- samba-tool domain provision --use-rfc2307 --interactive --use-xattrs=yes Realm [LOCALDOMAIN]: SAT.CO.UK Domain [SAT]: Server Role (dc, member, standalone) [dc]: DNS backend (SAMBA_INTERNAL,

Hi folks I allow the user tommy to run this command as root sudoCommand: /app/appname/connectors/*/*/current/bin/* With "sudo -l" he sees the sudoers, but is unable to execute. $ sudo /app/appname/connectors/zur/namename/current/bin/othername agentsvc --i --u root --sn 1m7command Sorry, user tommy is not allowed to execute

On Sat, Dec 27, 2014 at 2:43 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote: > Yes, samba4 comes with a script: oLschema2ldif > Humm... Not liking the errors in this method. Looking at the ldif, I think we could rework this so that one could modify the LDAP schema directly using LDAP syntax. In my case, I'm using Net::LDAP. Something more like this: dn:

Thanks! That was a really useful answer. // Hans Den 2018-12-30 kl. 10:53, skrev Sami Ketola: >> On 29 Dec 2018, at 23.49, Hans Brage <hans at plattformen.se> wrote: >> >> Hi! >> >> I'm currently running an small imap-server on Dovecot 2.2.4 but will retire that server. I've set up an new server with Dovecot 2.3.4 and will migrate the mailboxes

Ok it seems like you are in the exact same situation I was. So here are the files in a tgz. Once uncompressed, you'll have to change each occurance of "DC=MYDOMAIN,DC=com" according to your configuration. you can do this with something like : perl -pi -e 's/DC=MYDOMAIN,DC=com/DC=Carlos,DC=com/g' * Then you will have to run ldbadd and ldbmodify in the correct order to upgrade

msDS-isRODC is introduced in version 32 of the schema. This is the problem I faced. You can have a look to https://lists.samba.org/archive/samba/2015-August/193258.html. --------------------------------------------- Christophe Borivant Responsable d'exploitation informatique +33 5 62 20 71 71 (Poste 503) Devinlec - Groupe Leclerc -------------------------------------------- ----- Mail

You should run : ldbsearch -H /var/lib/samba/private/sam.ldb -b "CN=msSFU-30-Mail-Aliases,CN=Schema,CN=Configuration,DC=MYDOMAIN,DC=com" -s base possSuperiors If the result is : # record 1 dn: CN=msSFU-30-Mail-Aliases,CN=Schema,CN=Configuration,DC=DEVINLECLECLERC,DC=com possSuperiors: container possSuperiors: domainDNS possSuperiors: nisMap Then it's OK, the script tried to add a