similar to: SSSD on CentOS 7 failing to start when connecting to 4.8.3 AD via LDAP

Hi, I have a query about the use of sssd on a Samba4 DC. Background is as follows: I have two DCs and would like to synchronise files between the two machines. This is for sysvol replication - I am using lsyncd ( https://code.google.com/p/lsyncd/ ) to trigger an rsync whenever files change. However I have hit a predictable problem, which is that since there is no synchronised UID mapping

Hello Jonathan and Rowlaand, Am 09.05.2015 um 17:46 schrieb Rowland Penny: > On 09/05/15 18:20, Jonathan Hunter wrote: >> Hi, >> >> I have a query about the use of sssd on a Samba4 DC. Background is as >> follows: >> >> I have two DCs and would like to synchronise files between the two >> machines. This is for sysvol replication - I am using lsyncd (

Hi, I am trying to implement the *password must change at next logon* in CentOS 6.5 client using sssd 1.11.6 where Samba 4.1.10 is my backend server. Here are the list of things which I have done, 1. I have setup the CentOS to do the Domain login using sssd service. I can able to login into the CentOS client using Domain user's credentials from display and from SSH also, no problem at all.

Environment ========================================================================== ubuntu 16.04 samba 4.3.11+dfsg-0ubuntu0.16.04.6 sssd 1.13.4-1ubuntu1.2 Windows Server 2008 R2 At site1 the above works. My ubuntu server running samba+sssd can authenticate to the Windows Server 2008 R2 for services like ssh and samba. At site2 the same setup as site1 I can authenticate with services like ssh

Hi again, Thanks again, Denis, Steve and Rowland for your previous answers about RFC2307 and winbind. Maybe I'm an dreamer but here is that I wanted to achieve : Ubuntu server 12.04.3, samba4 as PDC, several NICS : 1 LAN and 2/3 WANS Use a windows VM (on this server) to control AD through WRAT AD offers me the 'wishdom' of software deployment and GPO, users are can't install

On 09/05/15 18:20, Jonathan Hunter wrote: > Hi, > > I have a query about the use of sssd on a Samba4 DC. Background is as follows: > > I have two DCs and would like to synchronise files between the two > machines. This is for sysvol replication - I am using lsyncd ( > https://code.google.com/p/lsyncd/ ) to trigger an rsync whenever files > change. > > However I have

OK, I've got a little further and I think I have tracked this down to a reverse DNS issue - which was non-obvious to me, so here is a write-up for the benefit of the archives. The part that was failing was this: [sasl_bind_send] (0x0100): Executing sasl bind mech: gssapi, user: dc1$ [sasl_bind_send] (0x0020): ldap_sasl_bind failed (-2)[Local error] [sasl_bind_send] (0x0080): Extended failure

Hi, I'm having hard time getting sssd_sudo to work: when sssd_sudo accesses Samba ldap with host principal 'dc1$@teemu.local' it can't read necessary attributes like objectclass: sudoRole. When accessing as Administrator all attributes are shown. How can I enable other users then Administrator to access sudoers' attributes? Below is an example. [root at dc1 var]# kinit

I am currently looking at migrating my existing CentOS6 servers over to CentOS7 and am currently testing out my sssd configuration on the new build with some issues. For some reason I am unable to see any secondary groups for my user like I would expect, and the /etc/sssd.conf, /etc/nsswitch and related /etc/pam.d configurations should be the same for both my CentOS6 and 7 servers (Configuration

Hi, I am trying to implement the *password must change at next logon* in CentOS 6.5 client using sssd 1.11.6 where Samba 4.1.10 is my backend server. Here are the list of things which I have done, 1. I have setup the CentOS to do the Domain login using sssd service. I can able to login into the CentOS client using Domain user's credentials from display and from SSH also, no problem at all.

Test 1: User User1 is a member of group Group1. Group1 has R-X rights to the shared folder SITES. When User1 connects to the server over SMB he sees SITES but when he tries to access it he gets access denied. Logs for the attempt show “chdir (/srv/SITES) failed, reason: Permission denied” Test 2: The same user can connect to the server over SSH and access the folder according to the group

Hi all! I'm attempting to configure sudo rights from Samba ldap. Alas, libsssd_samba receives 0 rules and config doesn't work. I think I have the problem identified here but I don't understand why. The way sssd_sudo searches for sudoers leave all important attributes out and of course filtering then fails. Can you help me to understand why following search results are so different (and

On 05/12/2015 06:25 AM, Ulrich Hiller wrote: > > i have set logging in sssd to 9: 7 might be good enough for what you want to find. I added this to domain/default section: access_provider = ldap ldap_access_order = host ldap_user_authorized_host = host debug_level = 7 /var/log/sssd/sssd_default.log logged the following for one user which had no "host" attribute, and was

Hi everyone my sssd log shows the nsupdate command failing, how do i test ddns separately from sssd to see if the problem is in sssd or samba. shadrock /etc/sssd/sssd.conf ------------------------------------------------- (Fri Aug 1 12:18:30 2014) [sssd[be[tissisat.co.uk]]] [be_nsupdate_timer_schedule] (0x0200): Timer already scheduled (Fri Aug 1 12:18:30 2014) [sssd[be[tissisat.co.uk]]]

Hi, I'm planing to setup a new samba fileserver as a member to an existing samba 3.x SMB. The old server is still nss-pam-ldapd configured (historic left overs). As I dont have any pressure to have the new server up and running within the next few hours, I liked to set up sssd with our existing openldap. After googling and reading some documentations from redhat/fedora I think I do have a

Dear list, It has been a true adventure setting up a samba4 ad with a bind9 backend. >From what I can see, everything is more or less working: --> samba itself: root at bubba3-one:/etc/sssd# smbclient //localhost/netlogon -UAdministrator -c 'ls' Enter Administrator's password: Domain=[EARTH] OS=[Unix] Server=[Samba 4.1.4-SerNet-Debian-7.wheezy] .

So I have this centos 5.10 box which authenticates network users against ldap(authorizing)+kerberos(authentication). And I now would like to have sudo be able to allow admins (netgroup chinbeards) to sudo about. I am not using sssd though (yet). Here is the output of me trying sudo (debug on): [raub at centos5-x64 ~]$ sudo pwd LDAP Config Summary =================== uri

Hello, I am attempting to debug an issue with my Samba configuration. It has been working fine, but we recently updated Samba from 4.6.x to 4.8.3 and are now seeing some issues authenticating. Most of our servers are still working fine after the upgrade, but one server is giving us issues. A little more environment info: The server is running Centos 7.1. Windows clients can connect OK. We are

On 05/11/2015 10:06 AM, Ulrich Hiller wrote: > Hmmm...., i have made now a complete new install but the problem > persists: ldap authentication works, but the host attribute is ignored. Hate to say that we're running out of options. I had a CentOS 7 system similar to yours, with LDAP authentication. I added three lines to sssd.conf (for access provider, etc), restarted sssd, and

Sun, 11 Oct 2020 16:07:31 +0100 Rowland penny via samba <samba at lists.samba.org>: > On 11/10/2020 11:06, RhineDevil wrote: > > Mon, 27 Jul 2020 09:09:04 +0100 Rowland penny via samba <samba at lists.samba.org>: > >> On 27/07/2020 01:12, RhineDevil wrote: > >>> Sun, 26 Jul 2020 19:03:04 +0100 Rowland penny via samba <samba at lists.samba.org>: >