similar to: Offline logon and NSS...

Displaying 20 results from an estimated 4000 matches similar to: "Offline logon and NSS..."

2019 Oct 17
3
Offline logon and NSS...
Mandi! Rowland penny via samba In chel di` si favelave... > > Considering a 'full offline' DM client (supposing a portable), there's > > a 'winbind permanent nss cache' or a general nss cache (like > > nss-updatedb): > > https://wiki.debian.org/LDAP/NSS#Offline_caching_of_NSS_with_nscd > > have to be used? Thanks. > No, you cannot use
2019 Oct 17
0
Offline logon and NSS...
Hai Marco, But a quick peek at this tells me it should be possible and you need these packages for a "full offline setup" or, a combination of these. These packages need to be installed and all need to be configured: libnss-ldapd libpam-ldapd nscd libpam-ccreds libpam-mklocaluser libnss-winbind libpam-winbind I suggest first look at :
2017 Dec 06
4
DM and ''offline'' PAM (and NSS?)...
I'm using samba 4.5 on a debian jessie (Louis packages). Rarely it happen that a power outgage tear down all the stuff, here. I've noticed that if the DM start before the DC, clearly all account data are inaccessible. To prevent or minimize that, the ''offline mode'' of winbind can be safely used also on DM servers? Or is tailoread against roaming client (portables,
2019 Oct 17
0
Offline logon and NSS...
On 17/10/2019 10:32, Marco Gaiarin via samba wrote: > Mandi! Rowland penny via samba > In chel di` si favelave... > >>> Considering a 'full offline' DM client (supposing a portable), there's >>> a 'winbind permanent nss cache' or a general nss cache (like >>> nss-updatedb): >>>
2019 Jan 25
2
Winbind, cached logons and 'user persistency'...
On Fri, 25 Jan 2019 16:32:56 +0100 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > Mandi! L.P.H. van Belle via samba > In chel di` si favelave... > > I come back in this thread, sorry. > > > Maybe https://wiki.debian.org/LDAP/NSS is a better solution for > > the mailserver. > > Probably better use directly LDAP info with native MTA tools
2012 May 24
2
Samba as member of multi domain AD (nss/pam)
Hi list, I'm looking for someone out there, using samba as a member server in a multi-domain Active Directory forest (maybe even with nss_/pam_winbind for unix users/groups). It took quite a long time to get things working at all here, and we're still not really comfortable with our current solution (especially the unix nss/pam part). I'd be glad if someone out there was interested
2017 Dec 18
3
DM and ''offline'' PAM (and NSS?)...
On Mon, 18 Dec 2017 15:51:47 +0100 Marco Gaiarin via samba <samba at lists.samba.org> wrote: > > > I've seen: > > https://wiki.samba.org/index.php/PAM_Offline_Authentication > > I've tried to enable offline logon, and seems to work as expected. > > I've only found a little strange thing, i think related to the fact > that in my DM i've set
2015 Aug 31
4
Samba AD PDC , LDAP and Single-Sign-On (was: re: Samba Internal DNS vs. BIND_DLZ)
On Thu, 27 Aug 2015 23:03:39 -0400 Robert Moskowitz <rgm at htt-consult.com> wrote: > > On 08/27/2015 08:45 PM, Jim Seymour wrote: > > On Thu, 27 Aug 2015 17:00:28 -0400 > > Robert Moskowitz <rgm at htt-consult.com> wrote: > > > >> Ah, LDAP is included within Samba, I find. Don't install provided > >> one... [snip] > > >
2019 Feb 28
4
[OT?] Kerberos, PAM, NSS: if user does not exist, pam_krb5 try login?
A bit more then a curiosity. Mobing from Samba/NT to Samba/AD i'm now switching some 'one-purpose' (mostly containers) from libpam-ldaps to libpam-krb5. In these box normally i don't need user access, so i create 'manually' (eg, in /etc/passwd) only the admin users, and i add only the PAM layer to do external auth. Still i use ssh keys for direct root access, but as an
2018 Jun 13
3
NSS and group enumeration in CUPS...
I was used (in SambaNT/OpenLDAP) to put on CUPS configuration the statement (/etc/cups/cups-files.conf): SystemGroup printops and add to 'printops' group some users that can manage cups. Now i'm in AD mode. I'm in 'printops' group: root at vdmpp1:~# id gaio uid=10000(gaio) gid=10513(domain users) gruppi=10513(domain
2015 Jan 21
2
Is anyone using C7 in production yet? (sssd, nss-pam-ldapd, kerberos, etc)
> -----Original Message----- > From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On > Behalf Of Gordon Messmer > Sent: den 21 januari 2015 05:47 > To: CentOS mailing list > Subject: Re: [CentOS] Is anyone using C7 in production yet? (sssd, nss-pam- > ldapd, kerberos, etc) > > On 01/20/2015 05:26 PM, Dan Irwin wrote: > > Before I fire up a
2015 Jan 21
2
Is anyone using C7 in production yet? (sssd, nss-pam-ldapd, kerberos, etc)
Hi all, Is anyone using C7 in production with LDAP and kerberos? Currently all of my machines run C5 or C6 with nss-pam-ldapd or nss_ldap, with kerberos and pam_krb5 for authentication. Before I fire up a test VM (is it even worth it?) I wanted to check feedback from the community. Cheers! Dan
2015 Jan 21
4
Is anyone using C7 in production yet? (sssd, nss-pam-ldapd, kerberos, etc)
> -----Original Message----- > From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On > Behalf Of Fred Smith > Sent: den 21 januari 2015 15:35 > To: centos at centos.org > Subject: Re: [CentOS] Is anyone using C7 in production yet? (sssd, nss-pam- > ldapd, kerberos, etc) > > > > > Before I fire up a test VM (is it even worth it?) I wanted to
2009 Feb 12
1
OpenSUSE 11.1 with OpenLDAP => some surprises (ldap.conf, nss-ldap.conf, nsswitch.conf)
Hi, this has nothing directly to do with samba, but there might be some people who try to use samba with (Open)LDAP on OpenSUSE 11.1 like me. Between 10.2 and 11.1 the nss_ldap configuration has changed a bit. The file which configures the access to ldap is now /etc/nss-ldap.conf and seems to have the identical layout as the former /etc/ldap.conf. Also needed is the "nslcd"
2012 Feb 28
1
Anything like "nss_updatedb" for ldapsam account information backend?
Is there anything like "nss_updatedb" [1] for ldapsam account information backend? nss_updatedb caches unix account information, so it is available even when the LDAP directory isn't available But ldapsam stores additional account information. How can I cache this additional account information, so it is also available even when the LDAP directory isn't available? [1]
2016 Jan 26
2
Samba Hylafax PAM
O, try the following.   Test this first. ldd /usr/sbin/hfaxd  if you getting libpam.so..  something, then hylafax is compiled with pam support.   Next,   apt-get install libpam-ldap   ( just to be sure, i do believe you have installed it already )   create the file :  /etc/pam.d/hylafax Add :   auth         required       pam_ldap.so account   required       pam_ldap.so
2016 Jan 18
3
Samba Hylafax PAM
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, I posted this also on hylafax list - maybe here is someone with a hint. System: Debian Jessie, Hylafax-Server 6.0.6, pam 1.1.8, libpam-ldapd 0.9.4, nslcd 0.9.4 (all actual debian packets from stable), sernet-samba-*-4.2.7-8 After a switch from OpenLDAP to a Samba 4.2 based LDAP Server, I cannot auth users anymore in Hylafax, everything else
2012 May 23
2
multi home dir locations
Hi all, i've got samba 3.6 joined to a ad domain (s4 in this case) running winbind all looks ok, but i ran into a problem (for us that is) i've got 2 groups (students and employes) who have there home dirs in 2 different places. /home/students/<user> /home/employ/<user> so far so good, but i can't make the [homes] work for both of them (just 1 group) in winbind
2019 Oct 17
3
Offline logon and NSS...
Mandi! Rowland penny via samba In chel di` si favelave... > Yes, somebody moved the cache to a different directory and it now gets wiped > every time Samba is restarted, we have a bug report for it:? > https://bugzilla.samba.org/show_bug.cgi?id=14074 Ok, thanks. I suppose that cache get controlled by: idmap cache time = 604800 winbind cache time = 300 so, for a portable system,
2018 Jun 14
3
NSS and group enumeration in CUPS...
Hai, @Rowland. Yes, the link is what i have setup, but in less steps without sssd. For the kerberos part, you only need to add the HTTP/UPN. After a join with winbind you have the host/UPN. I must say that the CUPS setup is working great. Only 1 or 2 problems in almost 2 years. @Marco, > ...but you have added 'locally' (eg, in /etc/group > and /etc/shadow) the user