similar to: pwdLastSet, password required to change (samba vs MSAD)

On Fri, 27 Jan 2017 10:30:22 +0100 mj via samba <samba at lists.samba.org> wrote: > Hi, > > We are using keycloak with our samba-4.4.4 AD environment. (an ldaps > client application) > > Keycloak is able to ask users to change their passwords, when the > checkbox "require password change upon next logon" is set in ADUC. > > However, in our

On Fri, 2017-01-27 at 10:30 +0100, mj via samba wrote: > Hi, > > We are using keycloak with our samba-4.4.4 AD environment. (an ldaps  > client application) And a very interesting one at that. I'm glad to see someone has taken on some of the ADFS capability I hear folks ask for regularly. > Keycloak is able to ask users to change their passwords, when the  > checkbox

Hi Andrew and Rowland, Two replies, so quickly! I'm impressed :-) On 01/27/2017 10:47 AM, Andrew Bartlett via samba wrote: > And a very interesting one at that. I'm glad to see someone has taken > on some of the ADFS capability I hear folks ask for regularly. Yes I agree, keycloak is very cool. I have found the following samba bug report:

Hi, Can someone point out what I am doing wrong here? Background: I'm trying to make keycloak (saml) authenticate using kerberos, and I'm getting "client not found in kerberos database". Below are the steps I have taken. I'm using a domain member servers machine account (server$) to add the SPN, since keycloak is running on that member server. (for the record: the

Hello, I'm trying to configure roundcube / dovecot to work with keycloak. I activated xoauth2 oauthbearer in dovecot. But a problem occurs when dovecot tries to contact the keycloak server (logs are below). My problem looks like this one: https://dovecot.org/pipermail/dovecot/2019-December/117768.html The response to this problem was about a bug in oauth driver

> On 05/07/2020 19:43 Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > > > On 04/07/2020 21:12 la.jolie at paquerette <la.jolie at paquerette.org> wrote: > > > > > > Hello, > > > > I'm trying to configure roundcube / dovecot to work with keycloak. > > I activated xoauth2 oauthbearer in dovecot. > > But a problem

On 06/12/2019 20:54, Aki Tuomi via dovecot wrote: > Hi! > > It seems there is a bug in the oauth2 driver, it loads the cert files wrong way. I'll make an internal bug report of this. Tracking as DOP-1590. Regards, Stephan. >> On 06/12/2019 16:42 mizuki <mizuki0621 at gmail.com> wrote: >> >> >> Hi, >> >> For troubleshooting purposes, I

I changed some of the tls options following the document, now config is following: tokeninfo_url = https://keycloak.com/auth/realms/mail/protocol/openid-connect/token introspection_url = https://dovecot:7598e21b-ec34-481f-80d0-059bddae0923 at keycloak.com/auth/realms/demo/protocol/openid-connect/token/introspect introspection_mode = post debug = yes rawlog_dir = /tmp/oauth2 #force_introspection

Hello, Still trying to make roundcube / Dovecot works with Keycloak. Dovecot can't seem to validate the access_token that Roundcube gave. ----- Jul 08 20:48:05 auth: Debug: http-client[1]: request [Req1: GET

thanks, I believe I will need to do an Adfs for this kind of authentication. I found nothing in documented about federation service, is it possible to do samba? Thiago Em sex, 11 de out de 2019 00:16, Andrew Bartlett <abartlet at samba.org> escreveu: > On Thu, 2019-10-10 at 21:24 -0300, Thiago Anderson Santos via samba > wrote: > > Hello everyone, > > I received a

Hello everyone, I received a somewhat strange and complicated demand today. The idea of the manager is to use samba as a domain server but the directory tree (authentication and authorization of users) is on an external SAML server using keycloak. The samba will pass only GPO. Is this possible? As far as I've seen samba works the version of Windows Active Directory as well, and I've

Hello, I was running Samba4 for a while on my Raspberry Pi (Raspbian distro, running 3.6.11+ #371 PREEMPT armv6l kernel).? The version of Samba I was running was 4.1.0pre1-GIT-fd8b258. Last night I decided to try to upgrade to see if I could upgrade it without breaking it. Note that the AD this Pi is the DC for doesn't have any physical clients as members; I was using a Virtual PC running

Hi all, We'd like to enable OAuth with Keycloak in Dovecot, after enabling 'OAUTHBEARER XOAUTH2' in Dovecot based on online document, I can confirm Dovecot is ready for OAuth using openssl command, however when the auth request comes in, it failed in establishing a SSL connection with Keycloak server on port 443, shown as following in debug logs. I can confirming using commands

Hai Mourik-Jan, I think you missing your ptr record in the reverse zone. Or you missing the Krb5KeyTab variable in the apache setup. Test : dig keycloak.company.com ( results in A ip. ) dig -x ip_adres https://wiki.samba.org/index.php/Authenticating_Apache_against_Active_Directory Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at

Hi there, I'm working on a new print server to replace one that's pretty long in the tooth. I'm using standard packages from Ubuntu Hardy Heron which appears to be Samba 3.0.28a. We use LDAP for the authentication backend. I seem to have that configured properly as I get a ldap_connect_system: succesful connection to the LDAP server in the log but every login fails with: FAILED

On 11/20/2015 10:17 AM, mathias dufresne wrote: > > > 2015-11-20 15:11 GMT+01:00 James <lingpanda101 at gmail.com > <mailto:lingpanda101 at gmail.com>>: > > On 11/20/2015 7:40 AM, Ole Traupe wrote: > > > > Am 20.11.2015 um 11:54 schrieb mathias dufresne: > > Hi Ole, > > I'm still not answering your issue

On 5/07/20 18:46, Aki Tuomi wrote: >> On 05/07/2020 19:43 Aki Tuomi <aki.tuomi at open-xchange.com> wrote: >> >> >>> On 04/07/2020 21:12 la.jolie at paquerette <la.jolie at paquerette.org> wrote: >>> >>> >>> Hello, >>> >>> I'm trying to configure roundcube / dovecot to work with keycloak. >>> I

> On 04/07/2020 21:12 la.jolie at paquerette <la.jolie at paquerette.org> wrote: > > > Hello, > > I'm trying to configure roundcube / dovecot to work with keycloak. > I activated xoauth2 oauthbearer in dovecot. > But a problem occurs when dovecot tries to contact the keycloak server > (logs are below). > > My problem looks like this one: >

Hi! It seems there is a bug in the oauth2 driver, it loads the cert files wrong way. I'll make an internal bug report of this. Aki > On 06/12/2019 16:42 mizuki <mizuki0621 at gmail.com> wrote: > > > Hi, > > For troubleshooting purposes, I change the read/write permissions on the certs and confirmed 'dovecot' can read them w/o problem, but still seeing the

Thank you Stephan, I'm wondering if I can read the track of the status of bug reports? Could you please advice? Thanks. Mizuki On Sun, Dec 8, 2019 at 6:40 AM Stephan Bosch <stephan at rename-it.nl> wrote: > > > On 06/12/2019 20:54, Aki Tuomi via dovecot wrote: > > Hi! > > > > It seems there is a bug in the oauth2 driver, it loads the cert files > wrong