similar to: Offline logon and NSS...

Mandi! Rowland penny via samba In chel di` si favelave... > > Considering a 'full offline' DM client (supposing a portable), there's > > a 'winbind permanent nss cache' or a general nss cache (like > > nss-updatedb): > > https://wiki.debian.org/LDAP/NSS#Offline_caching_of_NSS_with_nscd > > have to be used? Thanks. > No, you cannot use

Hai Marco, But a quick peek at this tells me it should be possible and you need these packages for a "full offline setup" or, a combination of these. These packages need to be installed and all need to be configured: libnss-ldapd libpam-ldapd nscd libpam-ccreds libpam-mklocaluser libnss-winbind libpam-winbind I suggest first look at :

I'm using samba 4.5 on a debian jessie (Louis packages). Rarely it happen that a power outgage tear down all the stuff, here. I've noticed that if the DM start before the DC, clearly all account data are inaccessible. To prevent or minimize that, the ''offline mode'' of winbind can be safely used also on DM servers? Or is tailoread against roaming client (portables,

On 17/10/2019 10:32, Marco Gaiarin via samba wrote: > Mandi! Rowland penny via samba > In chel di` si favelave... > >>> Considering a 'full offline' DM client (supposing a portable), there's >>> a 'winbind permanent nss cache' or a general nss cache (like >>> nss-updatedb): >>>

On Fri, 25 Jan 2019 16:32:56 +0100 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > Mandi! L.P.H. van Belle via samba > In chel di` si favelave... > > I come back in this thread, sorry. > > > Maybe https://wiki.debian.org/LDAP/NSS is a better solution for > > the mailserver. > > Probably better use directly LDAP info with native MTA tools

Hi list, I'm looking for someone out there, using samba as a member server in a multi-domain Active Directory forest (maybe even with nss_/pam_winbind for unix users/groups). It took quite a long time to get things working at all here, and we're still not really comfortable with our current solution (especially the unix nss/pam part). I'd be glad if someone out there was interested

On Mon, 18 Dec 2017 15:51:47 +0100 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > > > I've seen: > > https://wiki.samba.org/index.php/PAM_Offline_Authentication > > I've tried to enable offline logon, and seems to work as expected. > > I've only found a little strange thing, i think related to the fact > that in my DM i've set

On Thu, 27 Aug 2015 23:03:39 -0400 Robert Moskowitz <rgm at htt-consult.com> wrote: > > On 08/27/2015 08:45 PM, Jim Seymour wrote: > > On Thu, 27 Aug 2015 17:00:28 -0400 > > Robert Moskowitz <rgm at htt-consult.com> wrote: > > > >> Ah, LDAP is included within Samba, I find. Don't install provided > >> one... [snip] > > >

A bit more then a curiosity. Mobing from Samba/NT to Samba/AD i'm now switching some 'one-purpose' (mostly containers) from libpam-ldaps to libpam-krb5. In these box normally i don't need user access, so i create 'manually' (eg, in /etc/passwd) only the admin users, and i add only the PAM layer to do external auth. Still i use ssh keys for direct root access, but as an

I was used (in SambaNT/OpenLDAP) to put on CUPS configuration the statement (/etc/cups/cups-files.conf): SystemGroup printops and add to 'printops' group some users that can manage cups. Now i'm in AD mode. I'm in 'printops' group: root at vdmpp1:~# id gaio uid=10000(gaio) gid=10513(domain users) gruppi=10513(domain

> -----Original Message----- > From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On > Behalf Of Gordon Messmer > Sent: den 21 januari 2015 05:47 > To: CentOS mailing list > Subject: Re: [CentOS] Is anyone using C7 in production yet? (sssd, nss-pam- > ldapd, kerberos, etc) > > On 01/20/2015 05:26 PM, Dan Irwin wrote: > > Before I fire up a

Hi all, Is anyone using C7 in production with LDAP and kerberos? Currently all of my machines run C5 or C6 with nss-pam-ldapd or nss_ldap, with kerberos and pam_krb5 for authentication. Before I fire up a test VM (is it even worth it?) I wanted to check feedback from the community. Cheers! Dan

> -----Original Message----- > From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On > Behalf Of Fred Smith > Sent: den 21 januari 2015 15:35 > To: centos at centos.org > Subject: Re: [CentOS] Is anyone using C7 in production yet? (sssd, nss-pam- > ldapd, kerberos, etc) > > > > > Before I fire up a test VM (is it even worth it?) I wanted to

Hi, this has nothing directly to do with samba, but there might be some people who try to use samba with (Open)LDAP on OpenSUSE 11.1 like me. Between 10.2 and 11.1 the nss_ldap configuration has changed a bit. The file which configures the access to ldap is now /etc/nss-ldap.conf and seems to have the identical layout as the former /etc/ldap.conf. Also needed is the "nslcd"

O, try the following.   Test this first. ldd /usr/sbin/hfaxd  if you getting libpam.so..  something, then hylafax is compiled with pam support.   Next,   apt-get install libpam-ldap   ( just to be sure, i do believe you have installed it already )   create the file :  /etc/pam.d/hylafax Add :   auth         required       pam_ldap.so account   required       pam_ldap.so

Is there anything like "nss_updatedb" [1] for ldapsam account information backend? nss_updatedb caches unix account information, so it is available even when the LDAP directory isn't available But ldapsam stores additional account information. How can I cache this additional account information, so it is also available even when the LDAP directory isn't available? [1]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, I posted this also on hylafax list - maybe here is someone with a hint. System: Debian Jessie, Hylafax-Server 6.0.6, pam 1.1.8, libpam-ldapd 0.9.4, nslcd 0.9.4 (all actual debian packets from stable), sernet-samba-*-4.2.7-8 After a switch from OpenLDAP to a Samba 4.2 based LDAP Server, I cannot auth users anymore in Hylafax, everything else

Hi all, i've got samba 3.6 joined to a ad domain (s4 in this case) running winbind all looks ok, but i ran into a problem (for us that is) i've got 2 groups (students and employes) who have there home dirs in 2 different places. /home/students/<user> /home/employ/<user> so far so good, but i can't make the [homes] work for both of them (just 1 group) in winbind

Mandi! Rowland penny via samba In chel di` si favelave... > Yes, somebody moved the cache to a different directory and it now gets wiped > every time Samba is restarted, we have a bug report for it:? > https://bugzilla.samba.org/show_bug.cgi?id=14074 Ok, thanks. I suppose that cache get controlled by: idmap cache time = 604800 winbind cache time = 300 so, for a portable system,

Hai, @Rowland. Yes, the link is what i have setup, but in less steps without sssd. For the kerberos part, you only need to add the HTTP/UPN. After a join with winbind you have the host/UPN. I must say that the CUPS setup is working great. Only 1 or 2 problems in almost 2 years. @Marco, > ...but you have added 'locally' (eg, in /etc/group > and /etc/shadow) the user