similar to: Apache2 Kerberos-Authentication and LDAP-Authorization

Hi, for a static cifs mount (automount from fstab) I would like to use kerberos with a SPN. The share is accessed from a http service, so I use HTTP/www.samdom.example.com with the username http-www.samdom.example.com. Unfortunately I can not get it to work. The keytab is generated as described on [1]. # klist -kt /etc/http.keytab Keytab name: FILE:/etc/http.keytab KVNO Timestamp

Hi, In the XML documentation I found the element space_hard_limit for filesystems [1]. Is this feature implemented for any constellation? I try to use it with lxc 1.0.6-6 and libvirt 1.2.9-9 (all from debian jessie): <domain type='lxc' id='1234'> .... <devices> <emulator>/usr/lib/libvirt/libvirt_lxc</emulator> .... <filesystem

Hello, Using Nagios on Ubuntu 14.04.1 LTS. I'm attempting to authenticate users against Samba 4.2.1. When I edit 'apache2.conf' with <Directory /> Options FollowSymLinks AllowOverride None Require all granted Allow from all AuthName "AD authentication" AuthBasicProvider ldap AuthType Basic

Hi, I have problems setting up the printer drivers using samba. I use a fresh setup of Samba Version 4.11.4-SerNet-Debian-6.buster and followed * https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member * https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Print_Server * .../Setting_up_Automatic_Printer_Driver_Downloads_for_Windows_Clients Cups is the default debian setup with

Hi , i am facing a strange problem. I have centos , i wan to access svn trought apache using mod auth ldap. This is what i have configured AuthLDAPBindDN cn=svn,ou=Operators,o=Organization AuthLDAPBindPassword Pass1 AuthLDAPURL "ldap://ldap/ou=Users,o=Organization?uid" AuthLDAPGroupAttribute member AuthLDAPGroupAttributeIsDN on Require

Hi Rowland, > Well yes, you may have, but at least Samba will know who your users are ;-) > > This needs fixing before the printers can be. Fixed it, I have now the following and reset all file permissions: idmap config * : backend = tdb idmap config * : range = 3000-7999 idmap config SAMDOM : backend = rid idmap config SAMDOM : range = 10000-999999 Unfortunately I have

On 17/12/2019 14:20, L.P.H. van Belle via samba wrote: >>> smb.conf: >>> [global] >>> security = ADS >>> realm = SAMDOM.EXAMPLE.COM (redacted) >>> workgroup = SAMDOM (redacted) >>> >>> idmap config * : backend = tdb >>> idmap config * : range = 3000-7999 >> Whilst you have read

Does it work if you test like this. kinit testuser at EXAMPLE.COM mount -t cifs -o sec=krb5 //server.example.com/export /mnt/cifs Have a look here : https://runops.wordpress.com/2015/03/05/setup-linux-cifs-autofs-automount-using-kerberos-authentication/ I cant tell much about automount, i use it but through systemd for my nfsv4 mounts. Greetz, Louis > -----Oorspronkelijk

Hai Christian, Hm,, you tried that Universal driver and it did not work for you,. .. :-/ That worked fine for me, so its one to have a better look at. I saw you used acl_xattr:ignore system acl also. After you changed smb.conf, did you re-apply also the rights on the shares? Try it in this order, first setup the share and correct the rights. Then correct the rights on the file system,

Hello, had some problem to authenticate users with AD with my Apache 2.4 website following the wiki page: https://wiki.samba.org/index.php/Authenticating_Apache_against_Active_Directory#Basic_LDAP_authentication Here is my working configuration (thanks to http://httpd.apache.org/docs/2.4/en/mod/mod_authnz_ldap.html) First you need authnz_ldap module for Apache. <Location /> AuthName

Hi. I'm using Samba 4 on two Zentyal servers as Domain Controller and now I have to authenticate some services to it (Apache and PAM in particular). The LDAP integration asks me for a LDAP bind password, but I cannot find out where it is on Zentyal. Is there a way to check (or change it) directly on Samba 4? Or is it preferable to authenticate against Active Directory or Kerberos? Thank you

On 05/11/2015 08:24 AM, James wrote: > Hello, > > Using Nagios on Ubuntu 14.04.1 LTS. I'm attempting to authenticate > users against Samba 4.2.1. When I edit 'apache2.conf' with > > > <Directory /> > Options FollowSymLinks > AllowOverride None > Require all granted > Allow from all > AuthName

On Mon, May 11, 2015 at 11:24 AM, James <lingpanda101 at gmail.com> wrote: > Hello, > > Using Nagios on Ubuntu 14.04.1 LTS. I'm attempting to authenticate > users against Samba 4.2.1. When I edit 'apache2.conf' with > > > <Directory /> > Options FollowSymLinks > AllowOverride None > Require all granted >

On 12 April 2016 at 18:03, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote: > > On Tue, April 12, 2016 11:57 am, m.roth at 5-cent.us wrote: > > James Hogarth wrote: > >> On 12 Apr 2016 16:29, "Scott Robbins" <scottro11 at gmail.com> wrote: > >>> On Tue, Apr 12, 2016 at 09:45:17AM +0200, Marcin Trendota wrote: > >>> > W dniu

James Hogarth wrote: > On 12 Apr 2016 16:29, "Scott Robbins" <scottro11 at gmail.com> wrote: >> On Tue, Apr 12, 2016 at 09:45:17AM +0200, Marcin Trendota wrote: >> > W dniu 11.04.2016 o 20:07, Scott Robbins pisze: <SNIP> > After various testing I ended up going with the Apache LDAP cache module > and doing the auth at the Apache level, not system. >

You need for the apache keytab something like Alias /webmail /usr/share/webmail # <Directory /usr/share/ webmail > AuthType Kerberos AuthName "Kerberos Login" KrbMethodNegotiate On KrbMethodK5Passwd Off KrbServiceName HTTP KrbAuthRealms EXAMPLE.COM Krb5KeyTab /etc/httpd/conf/keytab require valid-user </Directory> chmod 400 /etc/httpd/conf/keytab chown

Updates the installer to handle the scenario in which the guest and admin networks are the same by using an alternative httpd conf. Verified to work (eg oVirt managed vms are bootable) on the oVirt appliance so far. --- conf/ovirt-server.conf | 88 -------------------- installer/bin/ovirt-installer | 11 +--

Dear R-devel, Apologies for sending what is probably a very simple question to R-devel: I am definitely missing something very simple and can't work out what it is. I've been trying to find the problem here for about a month and need some help! I am trying to work out how to run a C program from an R script. Rather than try the C program directly, I'm trying to get a much simpler

If not done, add the server to the AD. Add the host and nfs to the COMPUTERNAME($) account. And use winbind to refresh the keytab. Stop samba, remove the keytab, create the new with the new SPN's in it, start samba. And Use the second keytab for apache with only http as upn in it. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at

It's ok So, if I create a httpuser and an httpgroup in my AD and use these at owner and group for my apache2 daemon, this one could access to userdirs (while permissions granting it) ? But I need to cron 'kinit' to keep valid ticket... ? My local root user always can't access to the share, but my other problem seems to be resolved. Thanks Le 02/08/2016 à 16:37, Rowland