Displaying 20 results from an estimated 8000 matches similar to: "Samba 4.2.x and Fedora 22 (possibly 21 as well) doesn't open kerberos or ldap ports for listening"
2015 Aug 19
2
Samba 4 DC - no AES kerberos tickets - only arcfour
Hi Trever,
things improved after resetting user/machine passwords, however only the session key is using aes256 now, the ticket itself is still arcfour:
root at ubuntu1:~# kinit user09999
user09999 at S4DOM.TEST's Password:
root at ubuntu1:~# klist -v
Credentials cache: FILE:/tmp/krb5cc_0
Principal: user09999 at S4DOM.TEST
Cache version: 4
Server: krbtgt/S4DOM.TEST at
2015 Aug 18
2
Samba 4 DC - no AES kerberos tickets - only arcfour
Hi,
I’ve been running a samba 4 DC for quite some time now, and while testing some kerberos related stuff, I noticed that all kerberos tickets I can get from the DC are of encryption type ?arcfour-hmac-md5“:
# kinit testuser1
testuser1 at S4DOM.TEST's Password:
# klist -v
Credentials cache: FILE:/tmp/krb5cc_0
Ticket etype: arcfour-hmac-md5, kvno 1
I can create keytabs containing
2018 Nov 24
5
[Bug 1303] New: nft improperly merges intervals
https://bugzilla.netfilter.org/show_bug.cgi?id=1303
Bug ID: 1303
Summary: nft improperly merges intervals
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: critical
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2013 Jul 08
2
Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes)
I am not sure how to get the symbols necessary, however the following is
the backtrace (this is Fedora 19 latest everything):
Jul 8 03:23:02 MX dovecot: auth: Fatal: block_alloc(2147483648): Out of
memory
Jul 8 03:23:02 MX dovecot: auth: Error: Raw backtrace:
/usr/lib64/dovecot/libdovecot.so.0(+0x5f437) [0x7f97a952f437] ->
/usr/lib64/dovecot/libdovecot.so.0(+0x5f4fe) [0x7f97a952f4fe] ->
2015 Jul 03
2
CUPS backend question - Samba 4
Hello,
I have a DC that sits on a different subnet from the CUPS server that I
would like to use. I would rather not install CUPS on the DC.
Is it possible to change the server name away from localhost for the
CUPS backend and have it connect to that other server to get the
printers (load printers = yes) and print to that server? Must I have a
CUPS installation on the DC?
Thank you,
Trever
2019 Apr 17
2
Is possible use BIND9 as DNS Back End on a new Samba DC?
I'm sorry to I forgot answer appropriate.
I'm running CentOS 7 with all packages upgraded. I've followed instruction
in
https://wiki.samba.org/index.php/Package_Dependencies_Required_to_Build_Samba
with
some need modifications (yum line is bellow this text) and I've installed
python 3.4. I've installed Bind9 from package manager where Bind9 version
is 9.9.4.
YUM command to
2020 Oct 25
2
doveadm SSL problem with recent update
With a recent update, I started seeing this:
doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf line 14: ssl_cert: Can't open file /etc/letsencrypt/live/SERVER/fullchain.pem: Permission denied
1 4 * * * vmail /usr/bin/doveadm expunge -A mailbox MAILBOXINQUESTION savedbefore 1w
is one of the crontab entries I am seeing this for.
Is there an option to keep doveadm
2017 Oct 03
2
Postfix + saslauthd SASL With Kerberos (FreeIPA) unable to send mail
Hello I just finished setting up FreeIPA with Dovecot + Postfix + Saslauthd. I can easily access to mails using imap via dovecot with gssapi authentication and postfix also delivering mails very well. But I cannot send email from postfix using gssapi authentication (plain and login authentication working fine) because saslauthd is not specifying realm when requesting service from freeipa domain.
2016 Aug 29
0
Samba4 Centos 7 - CPU 100%
> >You say you have compiled Samba yourself, so I take it that Samba is
> i>nstalled at /usr/local/samba, if so, is the new samba in your PATH
> i>and
> >are there any OS Samba packages installed ?
> I compile myself. I removed all packets for samba before start the
> instalation.
> My options: ./configure --sysconfdir=/etc/samba/
> --mandir=/usr/share/man/
2015 Jul 04
1
CUPS backend question - Samba 4
Hi,
>
> Why don't you create a Member server with cups installed?. I suppose
> that you have a gateway between both subnets, right?
>
> https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
> https://wiki.samba.org/index.php/Samba_as_a_print_server
>
> With that, the cups server can authenticate the users using the DC
> server and you just need to print
2017 Oct 03
1
Postfix + saslauthd SASL With Kerberos (FreeIPA) unable to send mail
The dovecot instance set up with auth_realms and auth_default_realm
variables and it is working well. In saslauthd configurations setting
same variables giving configuration parsing error (I think it is not
right way to configure kerberos realm in saslauthd). However
testsaslauthd working without any problems even if I don't specify realm
parameter from command line.
On 03/10/17 06:17,
2019 Jul 16
3
pigeonhole question: filtering on delivered-to in case of fetchmail
So, one of the problems I am seeing is that people are trying to fake
users into revealing information by sending from an outside domain but
with an internal reply to address and claiming to be administration, IT
or what not.
I can set up something that will reject if from is outside the domain by
reply to is internal. The problem is in some setups, there are fetchmail
setups. I do not want to
2016 Aug 29
4
Samba4 Centos 7 - CPU 100%
On Mon, 29 Aug 2016 09:53:33 -0300
Maiquel Consalter <maiquelconsalter at gmail.com> wrote:
> >You say you have compiled Samba yourself, so I take it that Samba is
> i>nstalled at /usr/local/samba, if so, is the new samba in your PATH
> i>and
> >are there any OS Samba packages installed ?
> I compile myself. I removed all packets for samba before start the
>
2019 Apr 05
1
error in samba 4.10.0 while using samba-tool domain provision
Hi ,
you need to install these packages(epel repo enabled):
yum install attr bind-utils docbook-style-xsl gcc gdb krb5-workstation \
libsemanage-python libxslt perl perl-ExtUtils-MakeMaker lmdb-devel libarchive-devel \
perl-Parse-Yapp perl-Test-Base pkgconfig policycoreutils-python pygpgme \
python2-crypto gnutls-devel gpgme-devel jansson-devel libattr-devel keyutils-libs-devel \
libacl-devel
2016 Aug 29
2
Samba4 Centos 7 - CPU 100%
On Mon, 29 Aug 2016 08:09:46 -0300
Maiquel Consalter via samba <samba at lists.samba.org> wrote:
> Hi Folks,
> i tryed make some tests, but the problem it the same. Someone have
> some idea how i solve my problem ? I try the new instalation, upgrade
> all packates but before 1 minute the process still in 100% and the
> process is rpc_server.
>
You say you have compiled
2010 Dec 28
1
LDAP binds
I am using 2.0.8. Anonymous binds are no longer supported in the
environment I am using. I need to change my userdb ldap setup to bind. I
believe the ldap server does Kerberos (or can) authentication. My users
are authenticating using Kerberos or Kerberos/PAM. This needs to stay in
place.
Can anyone suggest how I might go about changing my setup to work?
My current ldap setup is as follows (the
2018 Nov 20
1
[Bug 1302] New: iptables v1.8.0 (nf_tables) has a problem inverting in-interface and maybe out
https://bugzilla.netfilter.org/show_bug.cgi?id=1302
Bug ID: 1302
Summary: iptables v1.8.0 (nf_tables) has a problem inverting
in-interface and maybe out
Product: iptables
Version: CVS (please indicate timestamp)
Hardware: x86_64
OS: All
Status: NEW
Severity: major
Priority:
2013 Dec 30
3
CentOS 6.4 Sernet Samba 4.1.3 ad -> no ACL Filesystem ?
I'm running into trouble while setting up samba4 on centos 6.4
see
#yum install -y libacl-devel libblkid-devel gnutls-devel readline-devel
python-devel gdb pkgconfig krb5-workstation zlib-devel
setroubleshoot-server setroubleshoot-plugins policycoreutils-python
libsemanage-python setools-libs-python setools-libs popt-devel
libpcap-devel sqlite-devel libidn-devel libxml2-devel libacl-devel
2019 Jan 24
4
Discard mail with from date older than xxxx
On 1/24/19 12:15 AM, Per Jessen wrote:
> Trever L. Adams wrote:
>
>> I know that sieve doesn't do math. The file would be created
>> externally.
>>
>> Based on examples in section 4.4 of
>> https://tools.ietf.org/html/rfc5260#section-4
>>
>> I figured something like this would work.
>>
>> if date :value "le" :originalzone
2018 Sep 14
3
Having problem with RID backend - must be missing something
----- On Sep 14, 2018, at 4:56 AM, Rowland Penny via samba samba at lists.samba.org wrote:
> What OS ?
> If it is debian, do you have libpam_krb5 installed ?
It is CentOS 7. I feel stupid because it was super simple. See Below.
> Having rfc2307 attributes in AD shouldn't affect the way the 'rid'
> backend works.
>
I was thinking this as well.
>
> Did you