Displaying 20 results from an estimated 3000 matches similar to: "LMTP, PAM session and home directory autocreating"
2019 Apr 11
0
LMTP, PAM session and home directory autocreation
Hi,
mail is delivered by Dovecot's LMTP locally and I need user's home directory to be created if it doesn't exist yet.
There is a setting in Dovecot's configuration, "session=yes", in /etc/Dovecot/conf.d/auth-system.conf.ext, which should do that.
passdb {
driver = pam
args = session=yes dovecot
}
But I think it does not work in my setup because I do not see any
2015 May 09
0
ldap host attribute is ignored
On May 8, 2015, at 11:14 AM, Ulrich Hiller <hiller at mpia-hd.mpg.de> wrote:
>
> /etc/pam.d/system-auth:
> -----------------------
> #%PAM-1.0
> # This file is auto-generated.
> # User changes will be destroyed the next time authconfig is run.
> auth required pam_env.so
> auth sufficient pam_unix.so nullok try_first_pass
> auth
2015 May 08
4
ldap host attribute is ignored
>> But instead i get
>> centos: sshd[7929]: pam_unix(sshd:session): session opened for user
>> <username>
>
> "pam_unix" should be an indication that <username> appears in the local
> unix password files. Make sure that it doesn't.
Nope. None of the usernames i tried is in /etc/passwd or /etc/shadow
>
> What do /etc/pam.d/sshd and
2017 May 09
0
ssh not connecting to Active Directory in Fedora 25 workstation, wbinfo -u works; child_read_request: read_data failed: NT_STATUS_CONNECTION_RESET
On Tue, 9 May 2017 11:00:09 -0400
Robert Kudyba via samba <samba at lists.samba.org> wrote:
> Running Feora 25 workstation we're able to register the computer in
> AD but I can't get SSH to authenticate properly. wbinfo -u brings
> back all the users. Just getting "Permission denied, please try
> again." Below are key settings in related conf files.
>
>
2020 Jul 28
0
kerberos ticket on login problem
On 7/28/2020 3:59 PM, Jason Keltz via samba wrote:
> I'm experimenting with smb + winbind.
>
> My host is joined to AD and I can login to my host fine using my AD
> credentials via SSH.?? The only issue is that I don't get a Kerberos
> ticket generated.
>
> In /etc/security/pam_winbind.conf I have:
>
> krb5_auth = yes
>
> krb5_ccache_type = KEYRING
>
2017 May 09
2
ssh not connecting to Active Directory in Fedora 25 workstation, wbinfo -u works; child_read_request: read_data failed: NT_STATUS_CONNECTION_RESET
Running Feora 25 workstation we're able to register the computer in AD but I can't get SSH to authenticate properly. wbinfo -u brings back all the users. Just getting "Permission denied, please try again." Below are key settings in related conf files.
rpm -q samba
samba-4.5.8-1.fc25.x86_64
winbindd -V
Version 4.5.8
/etc/nsswitch.conf:
passwd: files winbind
shadow:
2017 May 09
2
ssh not connecting to Active Directory in Fedora 25 workstation, wbinfo -u works; child_read_request: read_data failed: NT_STATUS_CONNECTION_RESET
> On May 9, 2017, at 11:15 AM, Rowland Penny via samba <samba at lists.samba.org> wrote:
>
> On Tue, 9 May 2017 11:00:09 -0400
> Robert Kudyba via samba <samba at lists.samba.org> wrote:
>
>> Running Feora 25 workstation we're able to register the computer in
>> AD but I can't get SSH to authenticate properly. wbinfo -u brings
>> back all the
2015 May 05
6
ldap host attribute is ignored
Dear list members,
i have installed a CentOS 7 x86_64 system. I want to let users
authenticate over our ldap server. This seems to be working.
ldap-username and ldap-passwords are accepted for the users configured
in the ldap server. No problem.
Now i want to restrict the access to users who have my centos-machine in
their ldap host attribute.
My problem is, that this host attribute seems to be
2015 May 11
0
ldap host attribute is ignored
Hmmm...., i have made now a complete new install but the problem
persists: ldap authentication works, but the host attribute is ignored.
I have installed CentOS7 64bit with KDE.
I did not do any 'yum update' or install of extra packages so far.
these pam and ldap packages are installed:
openldap-devel-2.4.39-6.el7.x86_64
openssh-ldap-6.6.1p1-11.el7.x86_64
openldap-2.4.39-6.el7.x86_64
2015 May 11
0
ldap host attribute is ignored
I am still not understanding why your using MD5? Is it because everyone in InfoSec declared that everyone finally went from md5 to sha512 or what?
-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of Ulrich Hiller
Sent: Monday, May 11, 2015 1:40 PM
To: CentOS mailing list
Subject: Re: [CentOS] ldap host attribute is ignored
one more
2015 May 11
2
ldap host attribute is ignored
one more thing: firewalld service and selinux are deactivated.
On 05/11/2015 07:06 PM, Ulrich Hiller wrote:
> Hmmm...., i have made now a complete new install but the problem
> persists: ldap authentication works, but the host attribute is ignored.
>
> I have installed CentOS7 64bit with KDE.
> I did not do any 'yum update' or install of extra packages so far.
>
>
2017 Feb 13
0
pam_tally2 after unlock time
Hi All,
I prepared a Centos 6.8 Minimal server, as part of hardening i added PAM
rules under system-auth and password-auth to lock the user account for 30
minutes after 3 failed login attempts.
############system-auth###############
auth required pam_tally2.so deny=3 unlock_time=1800
auth required pam_env.so
auth sufficient pam_unix.so
auth requisite
2010 Feb 16
2
pam_mount
Hi all,
I am a bit confused about the usage of pam_mount.
Here is my /etc/pam.d/system-auth:
auth required pam_env.so
auth required pam_mount.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_krb5.so use_first_pass
auth required pam_deny.so
account
2013 Apr 05
0
Struggling with Samba + AD member config (winbind auth failing) :(
Hello Samba List,
I am struggling with connecting samba to our AD servers. Thought it will be
easy as before but I was wrong.
DCs:
Windows Server 2012 (2x) with AD Domain Forest/Level 2003 NATIVE.
+ SBS 2003 (will be removed, migrating from SBS AD to new 2012 servers)
-standard AD schema with exchange attributes
DID NOT INSTALL UNIX attributes. This is required for SSSD. Thought i would
go
2015 May 07
2
ldap host attribute is ignored
Thanks a lot for looking over the config.
I am at the topic "user data is available"
id <username>
and
getent passwd
and
ldapsearch -x -b "ou=XXX,o=YYY" uid=<username>
give the correct results
ldapsearch gives also the correct host attribute i have set in the ldap
server.
Regarding the manpage of sssd.conf the lines
access_provider = ldap
ldap_access_order =
2014 Oct 29
1
samba ssh change password Error was: Wrong password
passwd: Authentication token manipulation error
smbpasswd: machine 127.0.0.1 rejected the password change: Error was :
Wrong Password
best regards
[FACILITY/btombul at samba ~]$ passwd
Changing password for user FACILITY/btombul.
Changing password for FACILITY/btombul
(current) NT password:
New password:
Retype new password:
passwd: Authentication token manipulation error
[FACILITY/btombul at
2010 Sep 14
1
cron breaking when enabling ldap
Hi
When I enable a box to do authentication using LDAP it breaks cron for users like jboss.
I get the following in /var/log/secure
Sep 14 15:25:01 exoipatest01 crond[7214]: pam_access(crond:account): access denied for user `jboss' from `cron'
I have the following in /etc/ldap.conf
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,tomcat,radiusd,news,mailman,nscd,jboss
2020 Jul 29
1
kerberos ticket on login problem
On 7/28/2020 4:11 PM, Jason Keltz wrote:
>
> On 7/28/2020 3:59 PM, Jason Keltz via samba wrote:
>> I'm experimenting with smb + winbind.
>>
>> My host is joined to AD and I can login to my host fine using my AD
>> credentials via SSH.?? The only issue is that I don't get a Kerberos
>> ticket generated.
>>
>> In
2015 Oct 08
2
Changing User password from ssh member server
Hi Rowland,
This is a CentOS 6.7 server.
I was able to make some progress. I have edited /etc/pam.d/system-auth, and
now it looks like:
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth sufficient pam_ldap.so use_first_pass
auth required pam_deny.so
account
2012 Jan 17
0
Samba 3.5.10 pam authentication question
So I have Samba 3.5 set up to use pam to authenticate against kerberos. This seems to be working fine when I connect to the from a linux system using smbclient. However, when I try to connect from a windows system, it fails. I cranked up the debug level, but I'm unable to figure why this does not work. I feel I'm missing a component to this.
I use samba on a handful of our servers,