similar to: Samba 4.2.x and Fedora 22 (possibly 21 as well) doesn't open kerberos or ldap ports for listening

Hi Trever, things improved after resetting user/machine passwords, however only the session key is using aes256 now, the ticket itself is still arcfour: root at ubuntu1:~# kinit user09999 user09999 at S4DOM.TEST's Password: root at ubuntu1:~# klist -v Credentials cache: FILE:/tmp/krb5cc_0 Principal: user09999 at S4DOM.TEST Cache version: 4 Server: krbtgt/S4DOM.TEST at

Hi, I’ve been running a samba 4 DC for quite some time now, and while testing some kerberos related stuff, I noticed that all kerberos tickets I can get from the DC are of encryption type ?arcfour-hmac-md5“: # kinit testuser1 testuser1 at S4DOM.TEST's Password: # klist -v Credentials cache: FILE:/tmp/krb5cc_0 Ticket etype: arcfour-hmac-md5, kvno 1 I can create keytabs containing

https://bugzilla.netfilter.org/show_bug.cgi?id=1303 Bug ID: 1303 Summary: nft improperly merges intervals Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: critical Priority: P5 Component: nft Assignee: pablo at netfilter.org

I am not sure how to get the symbols necessary, however the following is the backtrace (this is Fedora 19 latest everything): Jul 8 03:23:02 MX dovecot: auth: Fatal: block_alloc(2147483648): Out of memory Jul 8 03:23:02 MX dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x5f437) [0x7f97a952f437] -> /usr/lib64/dovecot/libdovecot.so.0(+0x5f4fe) [0x7f97a952f4fe] ->

Hello, I have a DC that sits on a different subnet from the CUPS server that I would like to use. I would rather not install CUPS on the DC. Is it possible to change the server name away from localhost for the CUPS backend and have it connect to that other server to get the printers (load printers = yes) and print to that server? Must I have a CUPS installation on the DC? Thank you, Trever

I'm sorry to I forgot answer appropriate. I'm running CentOS 7 with all packages upgraded. I've followed instruction in https://wiki.samba.org/index.php/Package_Dependencies_Required_to_Build_Samba with some need modifications (yum line is bellow this text) and I've installed python 3.4. I've installed Bind9 from package manager where Bind9 version is 9.9.4. YUM command to

With a recent update, I started seeing this: doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf line 14: ssl_cert: Can't open file /etc/letsencrypt/live/SERVER/fullchain.pem: Permission denied 1 4 * * * vmail /usr/bin/doveadm expunge -A mailbox MAILBOXINQUESTION savedbefore 1w is one of the crontab entries I am seeing this for. Is there an option to keep doveadm

Hello I just finished setting up FreeIPA with Dovecot + Postfix + Saslauthd. I can easily access to mails using imap via dovecot with gssapi authentication and postfix also delivering mails very well. But I cannot send email from postfix using gssapi authentication (plain and login authentication working fine) because saslauthd is not specifying realm when requesting service from freeipa domain.

> >You say you have compiled Samba yourself, so I take it that Samba is > i>nstalled at /usr/local/samba, if so, is the new samba in your PATH > i>and > >are there any OS Samba packages installed ? > I compile myself. I removed all packets for samba before start the > instalation. > My options: ./configure --sysconfdir=/etc/samba/ > --mandir=/usr/share/man/

Hi, > > Why don't you create a Member server with cups installed?. I suppose > that you have a gateway between both subnets, right? > > https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server > https://wiki.samba.org/index.php/Samba_as_a_print_server > > With that, the cups server can authenticate the users using the DC > server and you just need to print

The dovecot instance set up with auth_realms and auth_default_realm variables and it is working well. In saslauthd configurations setting same variables giving configuration parsing error (I think it is not right way to configure kerberos realm in saslauthd). However testsaslauthd working without any problems even if I don't specify realm parameter from command line. On 03/10/17 06:17,

So, one of the problems I am seeing is that people are trying to fake users into revealing information by sending from an outside domain but with an internal reply to address and claiming to be administration, IT or what not. I can set up something that will reject if from is outside the domain by reply to is internal. The problem is in some setups, there are fetchmail setups. I do not want to

On Mon, 29 Aug 2016 09:53:33 -0300 Maiquel Consalter <maiquelconsalter at gmail.com> wrote: > >You say you have compiled Samba yourself, so I take it that Samba is > i>nstalled at /usr/local/samba, if so, is the new samba in your PATH > i>and > >are there any OS Samba packages installed ? > I compile myself. I removed all packets for samba before start the >

Hi , you need to install these packages(epel repo enabled): yum install attr bind-utils docbook-style-xsl gcc gdb krb5-workstation \ libsemanage-python libxslt perl perl-ExtUtils-MakeMaker lmdb-devel libarchive-devel \ perl-Parse-Yapp perl-Test-Base pkgconfig policycoreutils-python pygpgme \ python2-crypto gnutls-devel gpgme-devel jansson-devel libattr-devel keyutils-libs-devel \ libacl-devel

On Mon, 29 Aug 2016 08:09:46 -0300 Maiquel Consalter via samba <samba at lists.samba.org> wrote: > Hi Folks, > i tryed make some tests, but the problem it the same. Someone have > some idea how i solve my problem ? I try the new instalation, upgrade > all packates but before 1 minute the process still in 100% and the > process is rpc_server. > You say you have compiled

I am using 2.0.8. Anonymous binds are no longer supported in the environment I am using. I need to change my userdb ldap setup to bind. I believe the ldap server does Kerberos (or can) authentication. My users are authenticating using Kerberos or Kerberos/PAM. This needs to stay in place. Can anyone suggest how I might go about changing my setup to work? My current ldap setup is as follows (the

https://bugzilla.netfilter.org/show_bug.cgi?id=1302 Bug ID: 1302 Summary: iptables v1.8.0 (nf_tables) has a problem inverting in-interface and maybe out Product: iptables Version: CVS (please indicate timestamp) Hardware: x86_64 OS: All Status: NEW Severity: major Priority:

I'm running into trouble while setting up samba4 on centos 6.4 see #yum install -y libacl-devel libblkid-devel gnutls-devel readline-devel python-devel gdb pkgconfig krb5-workstation zlib-devel setroubleshoot-server setroubleshoot-plugins policycoreutils-python libsemanage-python setools-libs-python setools-libs popt-devel libpcap-devel sqlite-devel libidn-devel libxml2-devel libacl-devel

On 1/24/19 12:15 AM, Per Jessen wrote: > Trever L. Adams wrote: > >> I know that sieve doesn't do math. The file would be created >> externally. >> >> Based on examples in section 4.4 of >> https://tools.ietf.org/html/rfc5260#section-4 >> >> I figured something like this would work. >> >> if date :value "le" :originalzone

----- On Sep 14, 2018, at 4:56 AM, Rowland Penny via samba samba at lists.samba.org wrote: > What OS ? > If it is debian, do you have libpam_krb5 installed ? It is CentOS 7. I feel stupid because it was super simple. See Below. > Having rfc2307 attributes in AD shouldn't affect the way the 'rid' > backend works. > I was thinking this as well. > > Did you