Displaying 20 results from an estimated 3000 matches similar to: "Best way to integrate CentOS in Windows AD environment"
2014 Jun 10
2
How to configure user accounts without NIS
The company where I work is mostly a Windows shop, but I run a few CentOS
servers and desktops. I have configured my systems as follows with Kickstart:
authconfig --enablemd5 --passalgo=sha512 --enablenis --nisdomain=XXX \
--nisserver=nis1.XXX.com,nis2.XXX.com --useshadow --enablekrb5 \
--krb5realm=XXX.COM --krb5kdc=ldap.XXX.com --krb5adminserver=ldap.XXX.com
The /etc/nsswitch.conf file
2011 Aug 25
1
Help integrating CentOS 6 with existing network login infrastructure
I've updated my kickstart configuration files to work with CentOS 6 and am most of the way there integrating a CentOS 6 system into our LDAP/NIS environment. My authconfig line in the kickstart file is as follows:
authconfig --enablemd5 --passalgo=sha512 --enablenis --nisdomain=XXX --nisserver=nis.XXX.com --useshadow --enablekrb5 --krb5realm=XXX.COM --krb5kdc=ldap.XXX.com
2017 Oct 30
2
winbind rfc2307 not being obeyed
I found what I needed to do
DOMAIN=MIND.UNM.EDU
SHORT=MIND
authconfig --enablekrb5 --krb5kdc=${DOMAIN}
--krb5adminserver=${DOMAIN} --krb5realm=${DOMAIN} --enablewinbind
--enablewinbindauth --smbsecurity=ads --smbrealm=${DOMAIN}
--smbservers=${DOMAIN} --smbworkgroup=${SHORT}
--winbindtemplatehomedir=/na/homes/%U --winbindtemplateshell=/bin/bash
--enablemkhomedir --enablewinbindusedefaultdomain
2008 Jun 05
4
using windows ad accounts for centos 5
Hi I read and used the article
http://blog.wazollc.com/Lists/Posts/Post.aspx?ID=2 to authenticate my ad
accounts when logging on to cent 5...however, once I edit the
nsswitch.conf file, I can't even log on as root or any local users
anymore. Kinit seems to initialize fine doing a kinit
username at MYDOMAIN.COM , however doing a getent passwd adusername ....it
just sits there in the shell and
2017 Oct 30
2
winbind rfc2307 not being obeyed
My smb.conf file now looks like so
[global]
#--authconfig--start-line--
# Generated by authconfig on 2017/10/30 10:47:34
# DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)
# Any modification may be deleted or altered by authconfig in future
workgroup = MIND
password server = MIND.UNM.EDU
realm = MIND.UNM.EDU
security = ads
idmap config * : range = 2000-7999
2007 Oct 01
2
HowTo: Samba with ADS security in CentOS 5
Hello!
I have recently gone through the hassle of trying to get a CentOS 5 server
(no gui) with Samba to use ADS for security. After several days of googling
and trying different howtos I finally got it working, I now want to write a
howto for CentOS 5, Samba 3.0 and Windows Server 2003 SP2.
Basically it's a combination of
http://www.howtoforge.com/samba_ads_security_mode and
2011 Sep 27
3
Odd issue with C6 and NIS
I seem to have this very odd issue with CentOS 6 WRT NIS. I have taken the package selection that I used with CentOS 5 and basically plopped it into my C6 kickstart file (see below). On C5 this works just fine and I'm able to log in with NIS credentials just fine. However, it looks like on C6 if you use a package selection like this, you also need to specify the yp-tools package as part of
2018 Jun 14
3
CentOS7: Setting up ldap over TLS in kickstart file
Hi,
I'm facing a problem with setting up LDAP+TLS client authentication in a
kickstart script on CentOS7 for several days.
Setting up manualy the config with system-config-authentication works but I need
to automate this in kickstart for deploying cluster nodes.
This show that the server side is running fine.
At this time the message is
#systemctl status sssd
|....
2008 Sep 27
2
Graphical net install
Is it at all possible to do a graphical netinstall ?
I am using centos 5.2, and i have been doing net installs (pxe) for a
while in console mode...
--
Test <test at remedial-teacher.nl>
2017 Oct 30
0
winbind rfc2307 not being obeyed
fedora's authconfig must edit a bunch of files
On Mon, Oct 30, 2017 at 10:53 AM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote:
> I found what I needed to do
> DOMAIN=MIND.UNM.EDU
> SHORT=MIND
> authconfig --enablekrb5 --krb5kdc=${DOMAIN}
> --krb5adminserver=${DOMAIN} --krb5realm=${DOMAIN} --enablewinbind
> --enablewinbindauth --smbsecurity=ads --smbrealm=${DOMAIN}
2017 Oct 30
0
winbind rfc2307 not being obeyed
nope that just brute forced homedir and shell. It'll work for what I
want this machine for but I'd like to get the homedir and shell from
AD
On Mon, Oct 30, 2017 at 10:54 AM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote:
> My smb.conf file now looks like so
> [global]
> #--authconfig--start-line--
>
> # Generated by authconfig on 2017/10/30 10:47:34
> # DO NOT
2014 Aug 30
4
I want a Fedora 20 system to be a member server and offer a share in a Windows 2008R2 Active Directory domain
I'm close to making this work. The goal is to make this Fedora 20 system pretend to be a Windows member server in my Windows 2008R2 Active Directory domain and then I'll use it as a backup target. When I run ADUC from my domain controller, I see my F20 system named nfsa. But from Windows, when I do Start...\\nfsa, I get an Access Denied error and it prompts for credentials. When I do
2017 Oct 30
4
winbind rfc2307 not being obeyed
OS:fedora-26
SAMBA:4.6.8
[root at squints ~]# cat /etc/samba/smb.conf
[global]
security = ads
realm = MIND.UNM.EDU
workgroup = MIND
idmap config * : backend = tdb
idmap config * : range = 2000-7999
idmap config MIND:backend = ad
idmap config MIND:schema_mode = rfc2307
idmap config MIND:range = 8000-9999999
winbind nss info = rfc2307
winbind use default domain = yes
2006 Jun 02
1
Redhat Authconfig errors
Ok, I've got most everything setup, but I'm not able to confirm
pam_ldap and nss_ldap are working properly. (Actually given the
examples in SBE, they still appear to be returning information from
local files rather than the ldap info.)
I wanted to go back and check my authconfig and reset the parameters.
However now when I do a authconfig I get this:
----
authconfig --enablecache
2015 May 08
4
ldap host attribute is ignored
>> But instead i get
>> centos: sshd[7929]: pam_unix(sshd:session): session opened for user
>> <username>
>
> "pam_unix" should be an indication that <username> appears in the local
> unix password files. Make sure that it doesn't.
Nope. None of the usernames i tried is in /etc/passwd or /etc/shadow
>
> What do /etc/pam.d/sshd and
2012 Jan 27
1
need help to build livecd and create success iso file but it hang
Hi all
my environment:
1/ windows 7 OS system
2/ use virtual box install the host centos system
i try to make a centos livecd and i follow the step
1/ create file: vi /etc/yum.repos.d/centos-livecd.repo and the content of file:
# Name: CentOS LiveCD repository
[livecd]
name = CentOS $releasever - LiveCD
baseurl =
2016 Feb 04
0
What is the equivalent of net idmap secret in samba 4.2 ?
Hi all,
Isn’t it always the way that you find what you need after posting a question:
net idmap set secret ‘*’ password
Cheers,
Mark
From: Mark Cooke
Sent: 04 February 2016 11:43
To: 'samba at lists.samba.org'
Subject: What is the equivalent of net idmap secret in samba 4.2 ?
Hi Everyone,
The documented command in net(8) for setting the LDAP password appears to have gone away in
2016 Feb 04
1
What is the equivalent of net idmap secret in samba 4.2 ?
Hi Everyone,
The documented command in net(8) for setting the LDAP password appears to have gone away in the refactoring between samba 4.1 and 4.2:
# net idmap secret * password
Invalid command: net idmap secret
Does someone have a pointer to a method to set the ldap auth credentials with samba 4.2?
Setup:
Domain member server 1 - originally setup using SL7.0, samba 4.1, hosting the ldap
2019 Jun 21
2
Samba winbind on redhat 7
On 21/06/2019 15:39, Edouard Guign? via samba wrote:
> Hello,
>
> I am facing 2 issues now.
> The first one is the more critical for me...
>
> 1. When I switch from sssd to winbind with :
> # authconfig --enablekrb5 --enablewinbind --enablewinbindauth
> --enablemkhomedir --update
>
> My sftp access did not work. Does it change the way to pass the login ?
> I used
2014 Jan 19
1
sudo (+ldap+kerberos) not accepting password
So I have this centos 5.10 box which authenticates network users
against ldap(authorizing)+kerberos(authentication). And I now would
like to have sudo be able to allow admins (netgroup chinbeards) to
sudo about. I am not using sssd though (yet).
Here is the output of me trying sudo (debug on):
[raub at centos5-x64 ~]$ sudo pwd
LDAP Config Summary
===================
uri