Displaying 20 results from an estimated 10000 matches similar to: "samba4 kerberized nfs4 with sssd ad client"
2020 Jul 24
0
samba4 kerberized nfs4 with sssd ad client
Depending on the OS.
Below is tested/in production since samba 4.9.x and debian stretch
Currently running buster with samba 4.12.5 with samba and AD-Backends.
All users have UID assigned, and "Domain Users".
This is really easy on any setup with systemd systems with samba and winbind.
I'll show how easy this is for any debian/ubuntu related system but using systemd, maybe you
2019 Apr 26
4
Configured AD backend but getting different uid and gid
Hi,
Thank you for replying. User home directory creation is working without the
need to edit /etc/pam.d/common-session
The logon script I mentioned here is a in-house script to handle directory
mounting for file server access, and create shortcut on the account desktop
for different logins.
On my Linux machines, currently all is done manually by local user account
creation and by adding the
2018 Oct 09
10
NFSv4, homes, Kerberos...
I was used to integrate some linux client in my samba network mounting
homes with 'unix extensions = yes', and works as expected, at least
with some old lubuntu derivatives. Client side i use 'pam_mount'.
Now i'm working on a ubuntu mate derivative, and i've not found a way
to start the session properly in CIFS.
If i create a plain local home (pam_mkhome), session start as
2020 Nov 10
4
nfs root kerberos
Hi Louis,
Thanks for your message.
However, I already have NFS working completely. I'm only trying to work out root NFS access on the client.? I tried your NFS translation fix via idmapd.conf? but that isn't working for me. I've discovered that's because CentOS 7 is using gssproxy so apparently your fix won't work. The fix from Red Hat (adding some lines to krb.conf seen in my
2020 Nov 11
2
nfs root kerberos
Hai Jason,
Hmm, yes, well, only one thing i can think of now is
And thats the last one..
Is the server allowed to delelagate kerberos services?
If you have set that also? It's the last thing i can remember.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Jason Keltz via samba
> Verzonden: dinsdag 10 november
2018 Feb 05
6
Using Samba AD for NFSV4 Kerberos servers and clients
Thanks Luc,
First, can I just use the small /etc/krb5.conf suggested in Samba AD
docs or do I need something more substantial on the server & client for
Kerberos NFS to work?
[libdefaults]
default_realm = SUBDOMAIN.DOMAIN.COM
dns_lookup_realm = false
dns_lookup_kdc = true
I understand a /etc/krb5.keytab file has to be created on both server &
client. Most
2018 Oct 10
1
NFSv4, homes, Kerberos...
Thank you for that, i did have a good look at that one.
And i use Debian 9, if you test what i posted below in the thread, you will see NFSv4 works fine.
Below is missing one more thing, the "allow to delegate (kerberos only) " on the computer object in the AD, should be enabled.
And yes, i've see bugchecks also but only on my debian .. Lenny.. Stt.. ;-) .. Its my last lenny
2013 Feb 07
4
NFSv4 + Kerberos permission denied
Hello,
I've got a little problem with NFSv4 + Kerberos. I can do a mount with
Kerberos with a valid ticket, but read-only.
After the mount -vvv -t nfs -o nfsv4,sec=krb5 nfsserver:/ /mount_test/
I can see:
#klist:
Feb 6 07:22:47 Feb 6 17:22:43 nfs/nfsserver at my.domain
#/var/heimdal/kdc.log:
2013-02-06T07:28:26 TGS-REQ clientnfs at my.domain from IPv4:192.168.0.23
for nfs/nfsserver at
2015 Sep 10
3
automounter with users home directories on centos 7.
----- Original Message -----
|
| [root at server2 home]# mount server1:/home/jason /home/jason
| [root at server2 home]#
| [root at server2 home]# ls /home/jason/
| Desktop Documents Downloads Music mylogfile.txt Pictures Public
| Templates Videos
| [root at server2 home]# df -h /home/jason/
| Filesystem Size Used Avail Use% Mounted on
| server1:/home/jason 297M 19M 278M 7%
2015 Sep 09
3
automounter with users home directories on centos 7.
----- Original Message -----
| Not tried automount with Centos 7 nor with selinux.
|
| With that said autofs relies on nfs mounting to work, so have you
| started there by attempting to manually mount /home?
|
| Another place to look is at the hostname. I've had problems where auto
| mount doesn't like the short name and insists on using a FQDN, to get
| around that you could try using
2013 Feb 14
1
NFS resources, how to check version
Hello,
I set up NFSv4 server. To make sure I set
vfs.nfsd.server_min_nfsvers=4. I can check its version, for example,
by tcpduming and then I can see in wireshark lines like:
Network File System
Program Version: 4
V4 Procedure: COMPOUND....
....
is there any easier way to check its version?
I see there is nfsstat -e option which shows delegs and locks. But all
other ones are combined with nfsv3
2015 Jan 08
6
Mounted NFS share as Samba share
Hi,
is it possible to create a Samba share with full Windows ACL support based on a mounted NFS share?
What is needed e.g. as NFS mount options?
Regards
Tim
2019 Aug 20
4
winbind on DC : how use gidNumber instead of primaryGroupID as user's primary group
On 20/08/2019 11:16, L.P.H. van Belle via samba wrote
>> The problem with that is, 'id' gets its info from the same place that
>> 'getent' does, so the OP will still get the wrong group ;-)
>>
>> Rowland
> Maybe i did not understand the question then.
> In: id username |awk -F"=" '{ print $2 }'|cut -d"(" -f1
> $2 = GID
2008 Oct 28
1
"Failed to set servicePrincipalNames" join ADS issue.
Hello all,
I am trying to make one of my solaris server member of our w2k3 ads
domain. ldap and kerberos packages are installed.
* when I try to get a ticket granting ticket, no problem ... kinit klist
are all running fine .. below my krb5 config file
# cat /etc/krb5/krb5.conf
[logging]
kdc = FILE:/var/log/krb5/krb5kdc.log
# admin_server = FILE:/var/log/krb5/kadmind.log
default =
2002 Feb 19
5
CIFS Session transfer
Hi All,
I would like to know if this is possible and if possible what is the
complexity.
Consider a CIFS client, SAMBA Server1 and Samba Server2.
Say a session is established between a CIFS client and SAMBA server1. Is it
possible for the SAMBA server1 to transfer/redirect/reestablish the
connection to SAMBA server2 without the CIFS client knowing about this? The
session between the CIFS
2020 Jul 24
3
samba4 kerberized nfs4 with sssd ad client
On 7/24/2020 7:25 AM, Peter Milesson via samba wrote:
>
> On 2020-07-24 12:57, Jason Keltz via samba wrote:
>> Hi Rowland,
>>
>> In effect, I'm still using Samba on the DC, which is why I still
>> thought this was relevant on the mailing list. :)
>>
>> The reason in particular that I was looking at sssd client as opposed
>> to winbind was that?
2020 Jul 24
6
samba4 kerberized nfs4 with sssd ad client
Hi Rowland,
In effect, I'm still using Samba on the DC, which is why I still thought this was relevant on the mailing list. :)
The reason in particular that I was looking at sssd client as opposed to winbind was that? we are running CentOS 7. I know if I want to use the latest Samba 4.12 on the clients, I'll have problems with gnutls because it's outdated in CentOS 7.? Yes, someone
2015 Sep 11
2
automounter with users home directories on centos 7.
On Fri, 11 Sep 2015, Jason Welsh wrote:
> ok, I have moved home out of the way and restarted automounter..
> and now I see the /home directory appear when autofs is started, but there is
> still nothing there..
>
> [root at server2 home]# cd /home
> [root at server2 home]# ls
> [root at server2 home]# cd jason
> -bash: cd: jason: No such file or directory
> [root at
2019 Aug 21
3
winbind on DC : how use gidNumber instead of primaryGroupID as user's primary group
Le mar. 20 ao?t 2019 ? 14:30, L.P.H. van Belle via samba
<samba at lists.samba.org> a ?crit :
>
> Hai,
>
> >
> > In short. My network design previously work with Debian Stretch
> > Servers and clients and some Windows clients (not many).
> >
> > Debian Stretch use Samba 4.5.16 so there is no unix_primary_group
> > option for the clients. So I have
2013 May 01
1
"nis homedir" issue on samba- 3.6.9-151.el6 (CentOS 6.4 64bit)
maybe there is a bug regarding the use of nis to mount the user's home
directory at the login or my misconfiguration.
After the CentOS 6.4 (64bit) installation I checked for the latest samba
version on the official repository using yum: the latest version (that was
already installed) is samba- 3.6.9-151.el6.
>From "man smb.conf" I have seen that "nis homedir" is not yet