Displaying 20 results from an estimated 7000 matches similar to: "Authentication with trusted credentials"
2020 Jul 13
2
Authentication with trusted credentials
Some more details. Below is what I have during joining Linux (Ubuntu 20.04)
to the SVITLA3 domain. SVITLA3 (Samba) is trusting, APEX (AD) is trusted.
SVITLA3 has *administrator *and *test01 *users, APEX has *administrator *and
*jake *users.
test01 - 20000:20000 (uidNumber:gidNumber)
jake - 10000:10000
You can see some delay in some places - I marked them bold. It looks like
DNS timeouts.
The
2020 Jul 14
3
Authentication with trusted credentials
Hai,
?
Sorry for the late(r) reply but we all need to sleep also sometimes.? ;-)
note, i saw its fixed, but i'll do comment a bit through your replies.
?
?
mainly because of this part
?
this part.? (Sended: monday 13 juli 2020 18:51)
> net ads join -U administrator at SVITLA3.ROOM
> Enter administrator at SVITLA3.ROOM's password:
> Using short domain name -- SVITLA3
>
2020 Jul 20
3
Authentication with trusted credentials
Point #1: is not correct.
Why is Jake getting an ID from * Range and not APEX range. ?
That need to be found first
Run: net cache flush
Restart samba. : systemctl restart smbd winbind nmbd (and/or sssd is you use that)
wbinfo --all-domains -ug
id jake
getent passwd jake
Any improvement?
> if you have set: APEX:backend = ad
Yes, and did you assign an UID/GID after you changed RID to
2020 Jul 13
0
Authentication with trusted credentials
Louis, could you take a look on my case again?
I am not sure that the problem is in incorrect groups.
Only trusted credentials don't work. Have you any idea what the reason is?
On Mon, 13 Jul 2020 at 19:50, Yakov Revyakin <yrevyakin at gmail.com> wrote:
> Some more details. Below is what I have during joining Linux (Ubuntu
> 20.04) to the SVITLA3 domain. SVITLA3 (Samba) is
2020 Jul 16
0
Authentication with trusted credentials
Hai,
I dont use trusts myself, this is what i see.
Lets take small steps here.
First of all, why does the DOMAIN contains/shows a dot in it.
( i think its a wrong setting in sssd, but i dont know sssd )
I know this is one of your REALMs and not the domain.
I refer to :
https://support.microsoft.com/en-us/help/909264/naming-conventions-in-active-directory-for-computers-domains-sites-and
2020 Jul 21
2
Authentication with trusted credentials
Hi Rowland,
Thank you for effort
My output as you requested:
## Samba DC
d at us-smdc3:~$ wbinfo --online-status
BUILTIN : active connection
SVITLA3 : active connection
APEX : active connection
## Linux Client
d at uc-sm18:~$ wbinfo --online-status
BUILTIN : online
UC-SM18 : online
SVITLA3 : online
APEX : online
# UC-SM18 is a Linux member of SVITLA3.
You decided to demonstrate too difficult
2020 Jul 16
3
Authentication with trusted credentials
On 16/07/2020 22:13, Yakov Revyakin wrote:
> Thank you! I have food for tomorrow. Now I only want to voice some of
> my considerations.
>
> Imagine that a domain had no trusts. At this time a PC became a member
> of this domain.
> After some time DC made trust with another domain. In this case
> existing members don't consider?any extra configuration like adding
>
2020 Jul 13
0
Authentication with trusted credentials
What you need is to add the windows group in ssh to allowedgroups
And give that windows group a GID.
You "cant" add a linux user into the windows group, but you can add a windows user (if it has UID/GID) Into the linux group.
I separeted that, to there is always ssh access available.
I use the following :
AllowGroups lin-allow-ssh win-allow-ssh
Windows users in win-allow-ssh
Linux
2020 Jul 16
2
Authentication with trusted credentials
On 16/07/2020 16:11, L.P.H. van Belle via samba wrote:
> First of all, why does the DOMAIN contains/shows a dot in it.
> ( i think its a wrong setting in sssd, but i dont know sssd )
> I know this is one of your REALMs and not the domain.
>
>
> Now your lines :
> Works Yes: Jul 16 11:23:48 uc-sssdlbox20 sshd[2048]: pam_sss(sshd:auth): authentication success; logname= uid=0
2020 Jul 21
0
Authentication with trusted credentials
On 21/07/2020 15:38, Yakov Revyakin wrote:
> Hi Rowland,
> Thank you for effort
>
> My output as you requested:
> ## Samba DC
> d at us-smdc3:~$ wbinfo --online-status
> BUILTIN : active connection
> SVITLA3 : active connection
> APEX : active connection
>
> ## Linux Client
> d at uc-sm18:~$ wbinfo --online-status
> BUILTIN : online
> UC-SM18 : online
>
2020 Jul 23
1
krb5_kt_start_seq_get failed (Permission denied)
Try this :
#source: https://bugs.launchpad.net/ubuntu/+source/heimdal/+bug/1484262
Add in /etc/krb5.conf in [libdefaults]
ignore_k5login = true
Did it help?
If (as in my case) root is not allowed in the user homdirs it can validateon $HOME/.k5login
Above fixed it for me.
I only cant tell based on the config if this applies to you.
Its a simple thing to try.
Greetz,
Louis
2020 Jul 23
1
Authentication with trusted credentials
Currently I have the following empirical knowledge about outgoing trust:
- In case of creating this type of trust using direction=both we get
outgoing trust working partially - it is possible to login to Windows
member of trusting domain with trusted credentials as well as access shares
on trusted side further. It is impossible to make the same login on Linux
members.
- In case of making the same
2020 Nov 19
1
Smartcard logon
>
> Hi friends,
> I need your help.
>
> I implemented
> https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login
>
> https://docs.microsoft.com/en-us/troubleshoot/windows-server/windows-security/enabling-smart-card-logon-third-party-certification-authorities
> enabling smart card logon on a Windows Server 2016 as a domain member of
> Samba DC.
>
> Currently I
2020 Jul 23
3
krb5_kt_start_seq_get failed (Permission denied)
On a DOMAIN Linux member in log.wb_DOMAIN I can see the error message
"krb5_kt_start_seq_get failed (Permission denied)" during any attempt of
user authentication.
In result a user is authenticated successfully. But what does this message
mean?
My krb5.keytab has permissions 600 by default.
If I change its permissions to 644 the error message goes.
2011 Mar 16
8
Samba PDC adding new user, profile dir is not created
Hi,
i have a Samba PDC (no LDAP) and added add user script to my config.
I can create the user with no problems, login is possible but the
/home/samba/profile/user dir is not created.
Any hints on that?
script commands i added:
add user script = /usr/sbin/useradd -m '%u' -g ntusers -G ntusers -s
/bin/false
delete user script = /usr/sbin/userdel -r '%u'
add group script =
2011 Feb 08
12
multiple puppetmasters (w/ Passenger) behind load balancer
Hello Gang,
I''m working on scaling my puppet solution, and I''m deploying multiple
masters w/ passenger that are going sit behind a load balancer. If anyone
is using these type of setup, would you share how you deal with the SSL
certs? I''ve been following Bode''s Blog (http://bodepd.com/wordpress/?p=7),
and it''s not working to good for me.
2010 Aug 13
2
Learning ANOVA
Hi folks,
File to be used is on;
data(InsectSprays)
I can't figure out where to insert it on following command;
test01 <- read.csv(fil.choose(), header=TRUE)
Please help. TIA
B.R.
2008 Aug 11
1
AD on 2003R2 NT_STATUS_NO_SUCH_USER
Dear Help,
We are in the process of setting up a new domain using Active Directory on
Windows Server 2003R2. One of our goals was to use Active Directory for
authentication on our AIX box (running version 6.1). I was able to successfully
set up Kerberos, and the LDAP client to connect to our AD server so that you can
now log in to the AIX box with users found in Active Directory. However, no
2009 May 28
2
issues after rebooting
Hi.
I have some issues after rebooting the system. First, I would like to
show you how I have installed XEN.
S.O: Debian Lenny
Installation: By default without additional packets
So, I installed XEN
# aptitude install xen-hypervisor-i386 libc6-xen xen-utils xen-tools
bridge-utils
# aptitude install xen-linux-system-2.6.26-2-xen-686
# nano /etc/modules
loop max_loop=128
# nano
2016 Mar 06
2
Segmentation Fault when trying to set root samba password, IPA as a backend
On 06/03/16 17:28, Harry Jede wrote:
> On 18:11:20 wrote Rowland penny:
>> On 06/03/16 16:22, Harry Jede wrote:
>>> On 17:13:33 wrote Martin Juhl:
>>>> Hi guys
>>>>
>>>>
>>>> When trying to set root's password, I get a segmentation fault:
>>>>
>>>> [root at bart ~]# smbpasswd -a root
>>>> No