similar to: autofs + cifs + kerberos

Displaying 20 results from an estimated 5000 matches similar to: "autofs + cifs + kerberos"

2024 Feb 06
3
Samba, Kerberos, Autofs: Shares get disconnected
Hi, I am still trying to figure out the best settings for Samba and Kerberos with autofs. My setup so far works good, users can log in on their computers using AD credentials, and they can access network shares with AD credentials as well. This works perfect. Also I notice that some Kerberos ticket is created upon user login, which allows the users to access a Samba share without entering the
2013 Sep 28
2
mount.cifs and kerberos failure
Hi guys, This seems to be a well-known problem with mount.cifs on Ubuntu 12.04. Unfortunately, although I have applied the suggestions I found with google, I can't seem to be able to get mount.cifs to work with kerberos. I am trying to use kerberos to mount my Windows shares because this is the only allowed secure way in my company to connect to shares. Before anyone asks, I can successfully
2015 Nov 04
2
Pam_mount not working with "sec=krb5"
So finally here is the solution that works for me. If you have any questions, just ask. I use pam_mount with the following volume definition in the "/etc/security/pam_mount.conf.xml": <volume fstype="cifs" server="server" path="home/%(USER)" mountpoint="/home/%(USER)" sgrp="domain users"
2015 Nov 02
2
Pam_mount not working with "sec=krb5"
Hi all, this is not really a Samba question, but related, and I hope that some of you are using this and can tell me what I am doing wrong. On a member server, I can mount my shares by hand specifying "-o username=xxx,domain=yyy,password=zzz". But as soon as I put "sec=krb5" in the mount options (and leaving out the password part), I get this error: # mount error(126):
2024 Jan 30
1
permission denied with windows acls
On Mon, 29 Jan 2024 16:42:20 -0800 Peter Carlson via samba <samba at lists.samba.org> wrote: > > On 1/29/24 13:08, Rowland Penny via samba wrote: > > On Mon, 29 Jan 2024 12:51:37 -0800 > > Peter Carlson via samba<samba at lists.samba.org> wrote: > > > > > >> Just did a quick test, the big T comes after setting permissions in > >>
2015 Nov 04
3
Pam_mount not working with "sec=krb5"
> > If by "key" you meant keytab then you were right. A keytab is a file > dedicated to contains credentials (https://kb.iu.edu/d/aumh or > http://web.mit.edu/Kerberos/krb5-1.12/doc/basic/keytab_def.html). > > Keytab are used when you want to automate actions which need > authentication. When some automated action requires credentials you > have to provide
2015 Nov 04
2
Pam_mount not working with "sec=krb5"
Am 04.11.2015 um 14:49 schrieb mathias dufresne: > 2015-11-04 13:58 GMT+01:00 Ole Traupe <ole.traupe at tu-berlin.de>: > >> Mathias, thanks again! This sounds like a very reasonable approach. I know >> that with remote ssh and public key authentication you can set the limit to >> a single possible command. is this also possible with AD users? >> > I'm
2015 Nov 04
3
Pam_mount not working with "sec=krb5"
Mathias, thanks again! This sounds like a very reasonable approach. I know that with remote ssh and public key authentication you can set the limit to a single possible command. is this also possible with AD users? Unfortunately, I don't have 'multiuser' support in my current cifs-utils version 4.8. So I would end up with your designated user being the owner of all the files and
2015 Jan 22
2
ACL ignored on cifs mounted share
Am 22.01.2015 um 12:28 schrieb Rowland Penny: > On 22/01/15 10:53, Norbert Heinzelmann wrote: >> Hello, >> >> I have the problem that the ACLs are ignored when I mount a share via >> cifs. I have an AD with Samba 4.1.6 Ubuntu 14.04 (but I also tried it >> with Gentoo and samba 4.1.14). So I joined a member server like the >> wiki describes. Everything
2015 Jan 23
2
ACL ignored on cifs mounted share
Am 22.01.2015 um 17:17 schrieb Rowland Penny: > On 22/01/15 12:57, Norbert Heinzelmann wrote: >> Am 22.01.2015 um 12:28 schrieb Rowland Penny: >>> On 22/01/15 10:53, Norbert Heinzelmann wrote: >>>> Hello, >>>> >>>> I have the problem that the ACLs are ignored when I mount a share >>>> via cifs. I have an AD with Samba 4.1.6 Ubuntu
2024 Feb 28
3
Samba, Kerberos, Autofs: Shares get disconnected
Hallo again, I would like to ask if there exists any possibility to have a Samba mount point with multiuser and with a credentials file or something similar. After a couple weeks testing I just find that my shares get disconnected after one week, which is not acceptable: I have stored some large project files on the Samba share which is opened in some calculation software, and simulations take up
2015 Jan 23
1
ACL ignored on cifs mounted share
Am 23.01.2015 um 10:19 schrieb Rowland Penny: > On 23/01/15 07:34, Norbert Heinzelmann wrote: >> >> Am 22.01.2015 um 17:17 schrieb Rowland Penny: >>> On 22/01/15 12:57, Norbert Heinzelmann wrote: >>>> Am 22.01.2015 um 12:28 schrieb Rowland Penny: >>>>> On 22/01/15 10:53, Norbert Heinzelmann wrote: >>>>>> Hello,
2024 Jan 30
1
permission denied with windows acls
On 1/29/24 13:08, Rowland Penny via samba wrote: > On Mon, 29 Jan 2024 12:51:37 -0800 > Peter Carlson via samba<samba at lists.samba.org> wrote: > > >> Just did a quick test, the big T comes after setting permissions in >> windows >> >> root at fs1:/var/log# cd /data >> root at fs1:/data# mkdir -m 1777 test2 > No it doesn't, you are setting
2024 Feb 12
2
Samba, Kerberos, Autofs: Shares get disconnected
On Mon, 12 Feb 2024 09:38:01 +0100 "Pluess, Tobias via samba" <samba at lists.samba.org> wrote: > Good day > > please excuse my delayed response. > Thanks for the hint with the machine account. I will try this. > I realised I can also manually refresh Kerberos tickets. > > I have the following: > > $ klist > Valid starting Expires
2013 Sep 09
1
Samba4 automount schema: convert from flat files to LDAP
Hi I think I've managed to get the automount classes into the the schema: ldbsearch --url=/usr/local/samba/private/sam.ldb.d/"CN=SCHEMA,CN=CONFIGURATION,DC=HH3,DC=SITE.ldb" | grep "dn: CN=automount" dn: CN=automountKey,CN=Schema,CN=Configuration,DC=hh3,DC=site dn: CN=automount,CN=Schema,CN=Configuration,DC=hh3,DC=site dn:
2024 Feb 07
1
Samba, Kerberos, Autofs: Shares get disconnected
Op 07-02-2024 om 12:27 schreef Rowland Penny via samba: > On Wed, 7 Feb 2024 11:57:28 +0100 > Kees van Vloten via samba <samba at lists.samba.org> wrote: > >> Op 07-02-2024 om 11:34 schreef Rowland Penny via samba: >>> On Wed, 7 Feb 2024 10:34:15 +0100 >>> Kees van Vloten via samba <samba at lists.samba.org> wrote: >>> >>>> Op
2024 Feb 12
1
Samba, Kerberos, Autofs: Shares get disconnected
Good day please excuse my delayed response. Thanks for the hint with the machine account. I will try this. I realised I can also manually refresh Kerberos tickets. I have the following: $ klist Valid starting Expires Service principal 02/12/2024 08:39:44 02/12/2024 18:39:44 krbtgt/CAMPUS renew until 02/13/2024 08:39:40 so this ticket is valid until 12. February 18:39.
2015 Nov 03
4
Pam_mount not working with "sec=krb5"
>> I mean, putting the key in the keytab looks like a security risk to me. > In what way does it appear any more of a risk than having the keys > which you have there already? Even if someone steals the keytab, > they're gonna be hard pressed to crack the key in the few hours before > the tgt expires. Do you have very sensitive data maybe? Ok. And maybe I misunderstood
2015 Nov 02
3
Pam_mount not working with "sec=krb5"
Am 02.11.2015 um 13:12 schrieb buhorojo: > On 02/11/15 12:54, Ole Traupe wrote: >> Hi all, this is not really a Samba question, but related, and I hope >> that some of you are using this and can tell me what I am doing wrong. >> >> On a member server, I can mount my shares by hand specifying "-o >> username=xxx,domain=yyy,password=zzz". But as soon as I
2015 Jun 17
5
AutoFS mystery ...
I need a second pair of eyes here, please. I have a CentOS 6.6 server (let's call it 'S1") that has a Samba share on it that is currently working. We can mount that drive on our Windows work stations and transfer/delete from it just fine. It's setup as a "guest" config so no user specific passwords or any other restrictions like that. I'm trying to setup another