Displaying 20 results from an estimated 800 matches similar to: "Fwd: Re: Samba winbind on redhat 7"
2019 Jun 21
0
Samba winbind on redhat 7
Yes, I have only one domain.
Even after added "winbind use default domain = yes" to smb.cnf, I cannot
ssh :
/Jun 21 12:43:59 [localhost] sshd[5938]: pam_sss(sshd:auth): Request to
sssd failed. Connection refused//
//Jun 21 12:43:59 [localhost] sshd[5938]: pam_krb5[5938]: TGT verified
using key for 'host/mysambserver at MYDOMAIN.LOCAL'//
//Jun 21 12:43:59 [localhost]
2019 Jun 21
2
Samba winbind on redhat 7
On 21/06/2019 15:39, Edouard Guign? via samba wrote:
> Hello,
>
> I am facing 2 issues now.
> The first one is the more critical for me...
>
> 1. When I switch from sssd to winbind with :
> # authconfig --enablekrb5 --enablewinbind --enablewinbindauth
> --enablemkhomedir --update
>
> My sftp access did not work. Does it change the way to pass the login ?
> I used
2019 Jun 21
0
Samba winbind on redhat 7
Hello,
I am facing 2 issues now.
The first one is the more critical for me...
1. When I switch from sssd to winbind with :
# authconfig --enablekrb5 --enablewinbind --enablewinbindauth
--enablemkhomedir --update
My sftp access did not work. Does it change the way to pass the login ?
I used to connect in sftp with userlogin / userpassword
//var/log/secure ://
/
/Jun 21 11:08:31 [localhost]
2018 Nov 09
0
Samba 4 AD Join to Itself
On Fri, 9 Nov 2018 09:41:47 +0000
"Walsh, Tony (UK)" <tony.walsh at baesystems.com> wrote:
> Hi Rowland
> Thanks for the quick response.
> I need to correct one error. I said samba 4.9 but it is samba 4.4.
>
> There is just one AD DC.
> Used samba-tool to set it up as AD DC. It has worked well for a few
> years serving 50+ Windows/Linux clients.
>
>
2019 Jun 20
2
Samba winbind on redhat 7
This way is so easier...
Thank you Rowland
Le 20/06/2019 ? 14:01, Rowland penny via samba a ?crit?:
> On 20/06/2019 17:54, Edouard Guign? via samba wrote:
>> My idea is to replace default "cifs_idmap_sss.so" plugin by
>> "idmapwb.so" winbind plugin, in order to SSSD becomes a client of
>> winbind.
>> To avoid to change nsswitch.conf :
>>
2019 Jun 20
0
Samba winbind on redhat 7
On 20/06/2019 17:54, Edouard Guign? via samba wrote:
> My idea is to replace default "cifs_idmap_sss.so" plugin by
> "idmapwb.so" winbind plugin, in order to SSSD becomes a client of
> winbind.
> To avoid to change nsswitch.conf :
> passwd:???? files sss
> shadow:???? files sss
> group:????? files sss
>
> into
>
> passwd:???? files winbind
2017 Oct 30
0
winbind rfc2307 not being obeyed
fedora's authconfig must edit a bunch of files
On Mon, Oct 30, 2017 at 10:53 AM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote:
> I found what I needed to do
> DOMAIN=MIND.UNM.EDU
> SHORT=MIND
> authconfig --enablekrb5 --krb5kdc=${DOMAIN}
> --krb5adminserver=${DOMAIN} --krb5realm=${DOMAIN} --enablewinbind
> --enablewinbindauth --smbsecurity=ads --smbrealm=${DOMAIN}
2017 Oct 30
2
winbind rfc2307 not being obeyed
I found what I needed to do
DOMAIN=MIND.UNM.EDU
SHORT=MIND
authconfig --enablekrb5 --krb5kdc=${DOMAIN}
--krb5adminserver=${DOMAIN} --krb5realm=${DOMAIN} --enablewinbind
--enablewinbindauth --smbsecurity=ads --smbrealm=${DOMAIN}
--smbservers=${DOMAIN} --smbworkgroup=${SHORT}
--winbindtemplatehomedir=/na/homes/%U --winbindtemplateshell=/bin/bash
--enablemkhomedir --enablewinbindusedefaultdomain
2017 Oct 30
0
winbind rfc2307 not being obeyed
nope that just brute forced homedir and shell. It'll work for what I
want this machine for but I'd like to get the homedir and shell from
AD
On Mon, Oct 30, 2017 at 10:54 AM, Jeff Sadowski <jeff.sadowski at gmail.com> wrote:
> My smb.conf file now looks like so
> [global]
> #--authconfig--start-line--
>
> # Generated by authconfig on 2017/10/30 10:47:34
> # DO NOT
2017 Oct 30
2
winbind rfc2307 not being obeyed
My smb.conf file now looks like so
[global]
#--authconfig--start-line--
# Generated by authconfig on 2017/10/30 10:47:34
# DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)
# Any modification may be deleted or altered by authconfig in future
workgroup = MIND
password server = MIND.UNM.EDU
realm = MIND.UNM.EDU
security = ads
idmap config * : range = 2000-7999
2016 Feb 04
0
What is the equivalent of net idmap secret in samba 4.2 ?
Hi all,
Isn’t it always the way that you find what you need after posting a question:
net idmap set secret ‘*’ password
Cheers,
Mark
From: Mark Cooke
Sent: 04 February 2016 11:43
To: 'samba at lists.samba.org'
Subject: What is the equivalent of net idmap secret in samba 4.2 ?
Hi Everyone,
The documented command in net(8) for setting the LDAP password appears to have gone away in
2016 Feb 04
1
What is the equivalent of net idmap secret in samba 4.2 ?
Hi Everyone,
The documented command in net(8) for setting the LDAP password appears to have gone away in the refactoring between samba 4.1 and 4.2:
# net idmap secret * password
Invalid command: net idmap secret
Does someone have a pointer to a method to set the ldap auth credentials with samba 4.2?
Setup:
Domain member server 1 - originally setup using SL7.0, samba 4.1, hosting the ldap
2020 Feb 28
0
Unable to get primary group information when using AD authentication with samba-4.10.4
On 28/02/2020 10:15, Goto, Ryoichi wrote:
> Hi, Rowland.
> Thank you for your answer.
>
>> I removed these:
>>
>> sssd sssd * realmd
> Did this:
> [root @ ms2 ~] # rpm -qa | grep realmd
> [root @ ms2 ~] # rpm -qa | grep sss
> libsss_certmap-2.2.0-19.el8.x86_64
> sssd-common-2.2.0-19.el8.x86_64
> libsss_sudo-2.2.0-19.el8.x86_64
>
2014 Aug 30
4
I want a Fedora 20 system to be a member server and offer a share in a Windows 2008R2 Active Directory domain
I'm close to making this work. The goal is to make this Fedora 20 system pretend to be a Windows member server in my Windows 2008R2 Active Directory domain and then I'll use it as a backup target. When I run ADUC from my domain controller, I see my F20 system named nfsa. But from Windows, when I do Start...\\nfsa, I get an Access Denied error and it prompts for credentials. When I do
2018 Nov 08
3
Samba 4 AD Join to Itself
Hi
Running Samba 4.9 AD DC on CentOS 7 and would like to join the server to the domain that it serves out.
This is to manage user access to roaming profiles.
Can anyone advise whether this is
1. Possible
2. Advisable
3. What pitfalls there are
Thanks
Tony Walsh
*************************************************************************************
The information contained
2020 Jun 19
0
SAMBA using existing users and passwords on Linux
I will pass all the commands I used for installation and inclusion of the
linux server server in AD.
Installation of KERBEROS 5 packages:
#yum install krb5-server krb5-libs krb5-workstation
I added the following lines to the /etc/krb5.conf file
[libdefaults]
default_realm = SAMDOM.EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = false
I installed realmd
# yum install realmd
I ran the
2011 Sep 20
0
kinit succeeded but ads_sasl_spnego_krb5_bind failed
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }Hi,
I've seen many people complain about this error message by Googling
around, but I've never found a satisfactory explanation as to the
cause and resolution. I'm hoping someone on the list will be able to
point me in the right direction?
I'm attempting to get a RHEL 5.5 client configured to use winbind
auth
2018 Sep 15
2
Fwd: Having problem with RID backend - must be missing something
On Sat, 15 Sep 2018 13:08:20 -0400 (EDT)
Rich Webb via samba <samba at lists.samba.org> wrote:
> ----- On Sep 15, 2018, at 4:32 AM, Rowland Penny via samba
> samba at lists.samba.org wrote:
>
> >
> > Including modifying /etc/nsswitch.conf ?
> >
>
> Yep.
>
> >>
> >> Yes, that is how I did it - I compiled from source.
> >
>
2019 Jun 20
2
Samba winbind on redhat 7
My idea is to replace default "cifs_idmap_sss.so" plugin by "idmapwb.so"
winbind plugin, in order to SSSD becomes a client of winbind.
To avoid to change nsswitch.conf :
passwd:???? files sss
shadow:???? files sss
group:????? files sss
into
passwd:???? files winbind
shadow:???? files winbind
group:????? files winbind
because I need an other access in sftp, this is using
2019 Jan 17
1
Authentication lost within session
When I open the mail client (thunderbird), I can access the mailboxes
and all of a sudden, I am loosing the authenticated session. Any idea's
where to look?
Jan 17 12:42:04 mail04 dovecot: imap-login: Login: user=<usertest>,
method=PLAIN, rip=192.168.10.219, lip=192.168.10.44, mpid=13403, TLS,
session=<NsYo4qV/CNfAqArb>
Jan 17 12:42:04 mail04 dovecot: imap(usertest): Debug: