similar to: Best way to integrate CentOS in Windows AD environment

The company where I work is mostly a Windows shop, but I run a few CentOS servers and desktops. I have configured my systems as follows with Kickstart: authconfig --enablemd5 --passalgo=sha512 --enablenis --nisdomain=XXX \ --nisserver=nis1.XXX.com,nis2.XXX.com --useshadow --enablekrb5 \ --krb5realm=XXX.COM --krb5kdc=ldap.XXX.com --krb5adminserver=ldap.XXX.com The /etc/nsswitch.conf file

I've updated my kickstart configuration files to work with CentOS 6 and am most of the way there integrating a CentOS 6 system into our LDAP/NIS environment. My authconfig line in the kickstart file is as follows: authconfig --enablemd5 --passalgo=sha512 --enablenis --nisdomain=XXX --nisserver=nis.XXX.com --useshadow --enablekrb5 --krb5realm=XXX.COM --krb5kdc=ldap.XXX.com

I found what I needed to do DOMAIN=MIND.UNM.EDU SHORT=MIND authconfig --enablekrb5 --krb5kdc=${DOMAIN} --krb5adminserver=${DOMAIN} --krb5realm=${DOMAIN} --enablewinbind --enablewinbindauth --smbsecurity=ads --smbrealm=${DOMAIN} --smbservers=${DOMAIN} --smbworkgroup=${SHORT} --winbindtemplatehomedir=/na/homes/%U --winbindtemplateshell=/bin/bash --enablemkhomedir --enablewinbindusedefaultdomain

Hi I read and used the article http://blog.wazollc.com/Lists/Posts/Post.aspx?ID=2 to authenticate my ad accounts when logging on to cent 5...however, once I edit the nsswitch.conf file, I can't even log on as root or any local users anymore. Kinit seems to initialize fine doing a kinit username at MYDOMAIN.COM , however doing a getent passwd adusername ....it just sits there in the shell and

My smb.conf file now looks like so [global] #--authconfig--start-line-- # Generated by authconfig on 2017/10/30 10:47:34 # DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--) # Any modification may be deleted or altered by authconfig in future workgroup = MIND password server = MIND.UNM.EDU realm = MIND.UNM.EDU security = ads idmap config * : range = 2000-7999

Hello! I have recently gone through the hassle of trying to get a CentOS 5 server (no gui) with Samba to use ADS for security. After several days of googling and trying different howtos I finally got it working, I now want to write a howto for CentOS 5, Samba 3.0 and Windows Server 2003 SP2. Basically it's a combination of http://www.howtoforge.com/samba_ads_security_mode and

I seem to have this very odd issue with CentOS 6 WRT NIS. I have taken the package selection that I used with CentOS 5 and basically plopped it into my C6 kickstart file (see below). On C5 this works just fine and I'm able to log in with NIS credentials just fine. However, it looks like on C6 if you use a package selection like this, you also need to specify the yp-tools package as part of

Hi, I'm facing a problem with setting up LDAP+TLS client authentication in a kickstart script on CentOS7 for several days. Setting up manualy the config with system-config-authentication works but I need to automate this in kickstart for deploying cluster nodes. This show that the server side is running fine. At this time the message is #systemctl status sssd |....

Is it at all possible to do a graphical netinstall ? I am using centos 5.2, and i have been doing net installs (pxe) for a while in console mode... -- Test <test at remedial-teacher.nl>

fedora's authconfig must edit a bunch of files On Mon, Oct 30, 2017 at 10:53 AM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > I found what I needed to do > DOMAIN=MIND.UNM.EDU > SHORT=MIND > authconfig --enablekrb5 --krb5kdc=${DOMAIN} > --krb5adminserver=${DOMAIN} --krb5realm=${DOMAIN} --enablewinbind > --enablewinbindauth --smbsecurity=ads --smbrealm=${DOMAIN}

nope that just brute forced homedir and shell. It'll work for what I want this machine for but I'd like to get the homedir and shell from AD On Mon, Oct 30, 2017 at 10:54 AM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote: > My smb.conf file now looks like so > [global] > #--authconfig--start-line-- > > # Generated by authconfig on 2017/10/30 10:47:34 > # DO NOT

I'm close to making this work. The goal is to make this Fedora 20 system pretend to be a Windows member server in my Windows 2008R2 Active Directory domain and then I'll use it as a backup target. When I run ADUC from my domain controller, I see my F20 system named nfsa. But from Windows, when I do Start...\\nfsa, I get an Access Denied error and it prompts for credentials. When I do

OS:fedora-26 SAMBA:4.6.8 [root at squints ~]# cat /etc/samba/smb.conf [global] security = ads realm = MIND.UNM.EDU workgroup = MIND idmap config * : backend = tdb idmap config * : range = 2000-7999 idmap config MIND:backend = ad idmap config MIND:schema_mode = rfc2307 idmap config MIND:range = 8000-9999999 winbind nss info = rfc2307 winbind use default domain = yes

Ok, I've got most everything setup, but I'm not able to confirm pam_ldap and nss_ldap are working properly. (Actually given the examples in SBE, they still appear to be returning information from local files rather than the ldap info.) I wanted to go back and check my authconfig and reset the parameters. However now when I do a authconfig I get this: ---- authconfig --enablecache

>> But instead i get >> centos: sshd[7929]: pam_unix(sshd:session): session opened for user >> <username> > > "pam_unix" should be an indication that <username> appears in the local > unix password files. Make sure that it doesn't. Nope. None of the usernames i tried is in /etc/passwd or /etc/shadow > > What do /etc/pam.d/sshd and

Hi all my environment: 1/ windows 7 OS system 2/ use virtual box install the host centos system i try to make a centos livecd and i follow the step 1/ create file: vi /etc/yum.repos.d/centos-livecd.repo and the content of file: # Name: CentOS LiveCD repository [livecd] name = CentOS $releasever - LiveCD baseurl =

Hi all, Isn’t it always the way that you find what you need after posting a question: net idmap set secret ‘*’ password Cheers, Mark From: Mark Cooke Sent: 04 February 2016 11:43 To: 'samba at lists.samba.org' Subject: What is the equivalent of net idmap secret in samba 4.2 ? Hi Everyone, The documented command in net(8) for setting the LDAP password appears to have gone away in

Hi Everyone, The documented command in net(8) for setting the LDAP password appears to have gone away in the refactoring between samba 4.1 and 4.2: # net idmap secret * password Invalid command: net idmap secret Does someone have a pointer to a method to set the ldap auth credentials with samba 4.2? Setup: Domain member server 1 - originally setup using SL7.0, samba 4.1, hosting the ldap

On 21/06/2019 15:39, Edouard Guign? via samba wrote: > Hello, > > I am facing 2 issues now. > The first one is the more critical for me... > > 1. When I switch from sssd to winbind with : > # authconfig --enablekrb5 --enablewinbind --enablewinbindauth > --enablemkhomedir --update > > My sftp access did not work. Does it change the way to pass the login ? > I used

So I have this centos 5.10 box which authenticates network users against ldap(authorizing)+kerberos(authentication). And I now would like to have sudo be able to allow admins (netgroup chinbeards) to sudo about. I am not using sssd though (yet). Here is the output of me trying sudo (debug on): [raub at centos5-x64 ~]$ sudo pwd LDAP Config Summary =================== uri