similar to: Your advices regarding authentication methods compatible with S4

Displaying 20 results from an estimated 3000 matches similar to: "Your advices regarding authentication methods compatible with S4"

2018 Mar 19
2
Your advices regarding authentication methods compatible with S4
On Mon, 2018-03-19 at 11:55 +1300, Garming Sam via samba wrote: > Hi, > > Maybe this page might be helpful. I don't know how up to date it is, but > the expectation seems to be that it should be able to work with > alternative forms of authentication (with Kerberos PKINIT). > > https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login Yeah, I think something that
2018 Mar 19
0
Your advices regarding authentication methods compatible with S4
Hi Andrew, Hi Sam, Many thanks for your quick replies, we already worked on this doc page but due to the lack of smart card reader/writer, we did not finished the setup. We'll buy some hadware and create a testing S4 lab to finish this config. What about biometry ? Is there a way to store any biometrical information into the ldap backend ? Is there by any chance any other third-party
2018 Mar 18
0
Your advices regarding authentication methods compatible with S4
Hi, Maybe this page might be helpful. I don't know how up to date it is, but the expectation seems to be that it should be able to work with alternative forms of authentication (with Kerberos PKINIT). https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login Cheers, Garming On 16/03/18 22:43, Olivier BILHAUT via samba wrote: > > > Hi to Samba list, dev, contributors and all
2015 Feb 12
2
Samba4 kinit issue with principal and keytab file
Hi All ! Using Samba Version 4.1.12, updated from source from 4.0beta1 I've created a user, let say kerbuser, for a web server to authenticate with kerberos and provide SSO to the end-users. In my example, my domain is MYDOMAIN.LOCAL, the apache server is webserver.mydomain.local and the AD user is kerbuser I've added a principal on the user and exported everything in a keytab so
2020 Nov 19
1
Smartcard logon
> > Hi friends, > I need your help. > > I implemented > https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login > > https://docs.microsoft.com/en-us/troubleshoot/windows-server/windows-security/enabling-smart-card-logon-third-party-certification-authorities > enabling smart card logon on a Windows Server 2016 as a domain member of > Samba DC. > > Currently I
2020 Sep 05
3
Schema version 87 and windows Hello
Hi all, I would like to set up windows Hello (in the sense user and management are pressuring me) but for both option the schema would need to be at least 87 (windows 2016). I looked on the roadmap, bugzilla but couldn't find anything regarding this topic. Would you know when this version would be available and what is needed in order to achieve so? As a separate question, do you know good
2024 May 16
1
Security descriptors options of Group Policies
On 16-05-2024 18:46, Rowland Penny via samba wrote: > On Thu, 16 May 2024 17:40:45 +0200 > Olivier BILHAUT <obilhaut at fondation-misericorde.fr> wrote: > >> Thanks Rowland for once again, an analysis that looks good. >> >> To you, >> is there a workaround at this stage ? > Not from myself,it has been years since I looked into this and only > really got
2015 Feb 09
2
Samba4 - Corrupted group caused stop of replication - "Object class violation"
Hi Andrew, Thanks for your reply. We tried successfully the --full-sync option from first to second DC. Unfortunately, afterwards the second DC was still in a corrupted state. The "Deleted Objects" still contained the ugly groups with the missing attribute... So we achieved to get a successfull replication after editing the "deleted objects" with ldbedit. We have deleted
2020 Sep 26
4
Schema version 87 and windows Hello
Hi Andrew, I'm very interested in using Windows Hello for Business in small business environments, with Samba as the AD DC. I'm sorry that I don't have great news. The schema upgrade is the easy > part - we could do that by obtaining new schema from Microsoft: > > https://www.microsoft.com/en-nz/download/confirmation.aspx?id=23782 > (and yes, the licence terms are
2018 Dec 18
2
RFE: OpenSSH Support for PKCS11 Funneling to PAM for Kerberos/PKINIT
Alon, I should have provided more background. You are assuming that I could perform the PKINIT prior to connecting to the SSH server. In this case (and others) there is an interest in not exposing the kerberos servers to the world and thus someone connecting remotely would not be able to obtain a TGT or do a PKINIT. The goal would be for SSH to handle all the auth and only after connecting to
2018 May 25
3
Suggestion: Deprecate SSH certificates and move to X.509 certificates
Please tell me in technical details how current revocation support works, or give links. Then I will be able to give an answer. On Fri, May 25, 2018 at 7:16 AM, Damien Miller <djm at mindrot.org> wrote: > > > On Fri, 25 May 2018, Yegor Ievlev wrote: > >> Can you implement revocation support? > > What do you want that the existing revocation support lacks?
2018 Dec 19
2
RFE: OpenSSH Support for PKCS11 Funneling to PAM for Kerberos/PKINIT
Alon, On 12/18/2018 06:52 PM, Alon Bar-Lev wrote: > OK... So you have an issue... > > First, you need to delegate your smartcard to remote machine, probably > using unix socket redirection managed by openssh. This can be done in > many levels... > 1. Delegate USB device, this will enable only exclusive usage of the > smartcard by remote machine. > 2. Delegate PC/SC, this
2023 Jul 28
0
[Announce] Samba 4.19.0rc1 Available for Download
Release Announcements ===================== This is the first release candidate of Samba 4.19.? This is *not* intended for production environments and is designed for testing purposes only.? Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Samba 4.19 will be the next version of the Samba suite. UPGRADING ========= NEW FEATURES/CHANGES
2023 Jul 28
0
[Announce] Samba 4.19.0rc1 Available for Download
Release Announcements ===================== This is the first release candidate of Samba 4.19.? This is *not* intended for production environments and is designed for testing purposes only.? Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Samba 4.19 will be the next version of the Samba suite. UPGRADING ========= NEW FEATURES/CHANGES
2018 May 25
2
Suggestion: Deprecate SSH certificates and move to X.509 certificates
Can you implement revocation support? On Fri, May 25, 2018 at 6:55 AM, Damien Miller <djm at mindrot.org> wrote: > No way, sorry. > > The OpenSSH certificate format was significantly motivated by X.509's > syntactic and semantic complexity, and the consequent attack surface in > the sensitive pre-authentication paths of our code. We're very happy to > be able to
2018 Dec 18
2
RFE: OpenSSH Support for PKCS11 Funneling to PAM for Kerberos/PKINIT
I know OpenSSH currently supports PKCS11 devices (such as smartcards) for publickey authentication, but I would love to see PKCS11 extended further. It is currently possible to perform PKCS11 certificate authentication, via pam_krb5.so (on Linux at least and likely something similar on other *NIX) which allows smartcard auth to a Kerberos (including AD) server, where a TGT can also be granted.
2023 Aug 08
1
[Announce] Samba 4.19.0rc2 Available for Download
Release Announcements ===================== This is the second release candidate of Samba 4.19.? This is *not* intended for production environments and is designed for testing purposes only.? Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Samba 4.19 will be the next version of the Samba suite. UPGRADING ========= NEW FEATURES/CHANGES
2023 Aug 08
1
[Announce] Samba 4.19.0rc2 Available for Download
Release Announcements ===================== This is the second release candidate of Samba 4.19.? This is *not* intended for production environments and is designed for testing purposes only.? Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Samba 4.19 will be the next version of the Samba suite. UPGRADING ========= NEW FEATURES/CHANGES
2023 May 19
1
Usage of '--domain-guid' parameter of 'samba-tool domain provision'
On 19/05/2023 09:50, Olivier MARTIN via samba wrote: > Thanks Andrew for your reply. > > Actually, I started to dive into the code just before your answer to try > to analyze and potentially fix the issue. But after stepping back I > actually realized I was looking at the wrong LDAP entry! > > My initial intention was to set the domain controller's GUID to a known
2023 Aug 18
0
[Announce] Samba 4.19.0rc3 Available for Download
Release Announcements ===================== This is the third release candidate of Samba 4.19.? This is *not* intended for production environments and is designed for testing purposes only.? Please report any defects via the Samba bug reporting system at https://bugzilla.samba.org/. Samba 4.19 will be the next version of the Samba suite. UPGRADING ========= NEW FEATURES/CHANGES