similar to: [OT?] Kerberos, PAM, NSS: if user does not exist, pam_krb5 try login?

Hmm, marco, logname=admin uid=0 euid=0 << no no.. Uid=0 ? Thats not good, root = uid 0 User setup example. Linux: Root uid 0 LinuxAdmin uid doest not matter as long within range of (see /etc/adduser.conf) FIRST_UID=1000 LAST_UID=59999 Administrator is mapped through /etc/samba/smb.conf ( usermapping) And that Admin of you, is probley migrated of ldap to AD, execpt now its not allowed

Hi all, I am just after some opinions about the pros and cons of winbind compared to the 'standard' kerberos and ldap methods. I've have already got single sign on working with pam_krb5 and nss_ldap (using SASL/GSSAPI) against SBS 2003 (with MSSFU 3.0) using Debian Sarge as clients/'member servers', and integration of Samba is the next bit I'm looking at. The impressions

Greetings ... Have a question, was is the advantages of use pam_winbind verses pam_krb5 for Samba user authentaction? I mean, if I point my Linux box Kerberos to a Win2003 AD server, I am able to authenticate my users out of AD, but at the moment still having problems with winbind and nsswitch. Is there an advantage to using pam_winbind instead of pam_krb5? Mailed Lee

Hai Rowland, Maybe i didnt understand your reply that well, but why would you change it. All (linux) users have minimum_uid=1000 and start at 1000. All (windows) users (samba) are above minimum_uid=1000 So in my optinion, you should not be needed to change this. Unless your users start below 1000. Also cat /etc/adduser.conf shows ( For Debian/Buster ) # FIRST_[GU]ID to LAST_[GU]ID

A few weeks ago, we upgraded our Red Hat 7.3 and 9 machines to OpenSSH 3.6.1p2 w/ the corresponding version of Simon's GSSAPI patch. All the expected functionality seems to be there: I can ssh/scp/sftp via Kerberos tickets or local password. However, I seem to be getting a new error message in my logs: For Red Hat 7.3: Message from syslogd at gallifrey at Thu Oct 2 17:24:12 2003 ...

Hi everyone, I have just installed Solaris and have added a 3x500GB raidz drive array. I am able to use this pool (''tank'') successfully locally, but when I try to share it remotely, I can only read, I cannot execute or write. I didn''t do anything other than the default ''zfs set sharenfs=on tank''... how can I get it so that any allowed user can access

Hi everyone, I have just installed Solaris and have added a 3x500GB raidz drive array. I am able to use this pool (''tank'') successfully locally, but when I try to share it remotely, I can only read, I cannot execute or write. I didn''t do anything other than the default ''zfs set sharenfs=on tank''... how can I get it so that any allowed user can access

Hi, Is it expected that if I have filesystem tank/foo and tank/foo/bar (mounted under /tank) then in order to be able to browse via /net down into tank/foo/bar I need to have group/other permissions on /tank/foo open? # zfs create tank/foo # zfs create tank/foo/bar # chown gavinm /tank/foo /tank/foo/bar # zfs set sharenfs=rw tank/foo # ls -laR /tank/foo /tank/foo: total 9 drwxr-xr-x 3 gavinm

Hello all, We're having problems with files that suddenly stop being seen on the fuse clients. I couldn't yet find a way to reproduce this. It happens every once in a while. Sometimes you try to ls some file and it can't be found. When you run ls on the parent directory, it is shown on the output, and, after that, you can access it. I'm mentioning ls, but the problem also

On 21/06/2019 15:39, Edouard Guign? via samba wrote: > Hello, > > I am facing 2 issues now. > The first one is the more critical for me... > > 1. When I switch from sssd to winbind with : > # authconfig --enablekrb5 --enablewinbind --enablewinbindauth > --enablemkhomedir --update > > My sftp access did not work. Does it change the way to pass the login ? > I used

Hello, I''m sure there is a simple solution, but I am unable to figure this one out. Assuming I have tank/fs, tank/fs/fs1, tank/fs/fs2, and I set sharenfs=on for tank/fs (child filesystems are inheriting it as well), and I chown user:group /tank/fs, /tank/fs/fs1 and /tank/fs/fs2, I see: ls -la /tank/fs user:group . user:group fs1 user:group fs2 user:group some_other_file If I mount

Hi all, I have a pool called tank/home/foo and I want to rename it to tank/home/bar. What''s the best way to do this (the zfs and zpool man pages don''t have a "rename" option)? One way I can think of is to create a clone of tank/home/foo called tank/home/bar, and then destroy the former. Is that the best (or even only) way? TIA, -- Rich Teer, SCSA, SCNA, SCSECA,

I saw in another post that a best practices doc will be coming, but I figured I would try to get this working. I''m trying to understand why zfs uses so many "zfs create" so I can use it better. What makes sense is that each zfs fs can have it''s own options (compression, nfs, atime, quota, etc). I really love this because it is so tuneable -- compression on these

http://defect.opensolaris.org/bz/show_bug.cgi?id=971 Summary: zfs key -l fails after unloading (keyscope=dataset) Classification: Development Product: zfs-crypto Version: unspecified Platform: Other OS/Version: Solaris Status: NEW Severity: major Priority: P2 Component: other AssignedTo:

I''m CCing zfs-discuss at opensolaris.org, as this doesn''t look like FreeBSD-specific problem. It looks there is a problem with block allocation(?) when we are near quota limit. tank/foo dataset has quota set to 10m: Without quota: FreeBSD: # dd if=/dev/zero of=/tank/test bs=512 count=20480 time: 0.7s Solaris: # dd if=/dev/zero of=/tank/test bs=512 count=20480 time: 4.5s

Hi, I tried again with some other options. After finding http://www.dovecot.org/list/dovecot/2013-November/093793.html I deleted every ACL from the directory Maildir and I also assigned the group "mail" to it, recursively: OmniOS-Xeon:/tank/home/olaf/Maildir/.Generiche $ ls -lV total 903 drwxrwxrwx 2 olaf mail 2 Sep 27 23:47 cur

Hi, I have a mirror pool tank having two devices underneath. Created in this way #zpool create tank mirror c3t500507630E020CEAd1 c3t500507630E020CEAd0 Created file system tank/home #zfs create tank/home Created another file system tank/home #zfs create tank/home/sridhar After that I have created files and directories under tank/home and tank/home/sridhar. Now I detached 2nd device i.e

Dear Helpful R Users, I am graphing some data using the beanplot, but I am having trouble getting the output I desire. I have five tanks (A-E) and 2 groups for each tank grp1 or grp2, except tank C where there is only grp1. (I only changed the grouprep to "C grp1" for the example) When I plot them, I would like A B C(only grp1 - half of the bean plot) then D and E (as full beans).

Hello, I am trying to configure ZFS with IBM sdd. IBM sdd is like powerpath, MPXIO or VxDMP. Here is the error message when I try to create my pool: bash-3.00# zpool create tank /dev/dsk/vpath1a warning: device in use checking failed: No such device internal error: unexpected error 22 at line 446 of ../common/libzfs_pool.c bash-3.00# zpool create tank /dev/dsk/vpath1c cannot open

Dear Dovecot users, hello. I will merge two issues I have into a single email because they may be related. I used dovecot on a OmniOS server since 2014 (currently OmniOS r151014) with the following configuration (it shows 2.2.18 because I recently updated dovecot, skipping only the PostgreSQL plugin): # 2.2.18: /etc/dovecot/dovecot.conf # OS: SunOS 5.11 i86pc zfs mail_location =