Displaying 20 results from an estimated 700 matches similar to: "kerberos ticket on login problem"
2020 Jul 29
1
kerberos ticket on login problem
On 7/28/2020 4:11 PM, Jason Keltz wrote:
>
> On 7/28/2020 3:59 PM, Jason Keltz via samba wrote:
>> I'm experimenting with smb + winbind.
>>
>> My host is joined to AD and I can login to my host fine using my AD
>> credentials via SSH.?? The only issue is that I don't get a Kerberos
>> ticket generated.
>>
>> In
2014 Jul 23
1
sssd problems after dc1 is no longer online
Hi all,
I hope that this request for help will be the last one, for a while to
come. Today, sernet support helped my sort out our DC mess, and they did
a great job. However, sssd no longer works, and I hope someone here can
help out.
We used to have DC1, DC2 and DC3. DC1 was the classic-upgraded, first,
'original' DC, and had to be shutdown, unfortunately. So only DC2 and
DC3
2019 Sep 27
1
XRDP idle disconnect
Hello,
I have a machine with Centos7, Plasma desktop and XRDP. Many people
log in the machine, and then press 'X' of the rdp window, instead of
logging off. Is there a way to automatically log off their sessions,
similar to MS Windows setting?
Thanks,
2019 Jan 04
3
upg. CentOS 7.5 to 7.6: unable to mount smb shares - samba NT domain member using ldap
Dne 4.1.2019 v 1:32 Gordon Messmer napsal(a):
> On 1/3/19 6:09 AM, Miroslav Geisselreiter wrote:
>> Yes, I add this host with command:
>> net rpc join MEMBER -S NT4LIKEDOMAINSERVER -U root
>
>
> I don't have any NT4-style domains handy to test with, so I can't be
> very specific.? Your logs seem to indicate that Samba believes itself
> to be the best DC for
2018 Jul 24
2
Failed to establish your Kerberos Ticket cache due time differences with the domain controller
I did re-read the whole thread again.
Im running out of options..
When i look at :
https://wiki.samba.org/index.php/PAM_Offline_Authentication
You can do these last checks.
Run the : Testing offline authentication as show on the wiki.
Debian normaly does not have /etc/security/pam_winbind.conf, check if its there if so backup it remove it.
Check if these packages are installed.
2000 Jul 03
2
2.1.1p2 HP-UX 11 PAM General Commerical Security error
Trying 2.1.1p2 on HP-UX 11 (trusted system) I get:
Jul 3 14:24:53 robinson sshd[1236]: debug: Encryption type: 3des
Jul 3 14:24:53 robinson sshd[1236]: debug: Received session key; encryption turned on.
Jul 3 14:24:53 robinson sshd[1236]: debug: Installing crc compensation attack detector.
Jul 3 14:24:53 robinson sshd[1236]: debug: Starting up PAM with username "stevesk"
Jul 3
2009 Mar 13
1
PAM_WINBIND problem with sambaPwdMustChange
Hi People!
I use pam_winbind for authentication in my computer workstation using
Debian Lenny 5.0, Stable Version.
I configure my user with this option "sambaPwdMustChange: 0", and I
logon in GDM without asking to change password. Who knows what can be?
I use Samba PDC with Heimdal Kerberos, but, I configure PAM with only
pam_winbind for tests...
Client versions:
ii
2000 Sep 13
2
auth-pam.c support for pam_chauthtok()
When we installed OpenSSH 2.1.1p4 on our Solaris systems, our users
noticed that it did not honor password expiration consistently with
other Solaris login services.
The patch below is against OpenSSH 2.2.0p1 and adds support for PAM
password changes on expiration via pam_chauthtok(). A brief summary of
changes:
auth-pam.c:
* change declaration of pamh to "static pam_handle_t *pamh",
2001 Sep 05
1
reinit_creds (was Re: OpenSSHd barfs upon reauthentication: PAM, Solaris 8)
>> >Could we please have a clarification on the semantics of
>> >PAM_CRED_ESTABLISH vs. the semantics of PAM_REINITIALIZE_CREDS?
>>
>> My interpretation is:
>>
>> You call PAM_ESTABLISH_CRED to create them
>> You call PAM_REINITIALIZE_CRED to update creds that can expire over time,
>> for example a kerberos ticket.
Oops. I meant
2001 Sep 05
2
reinit_creds (was Re: OpenSSHd barfs upon reauthentication: PAM, Solaris 8)
>Neither the Sun PAM documentation nor the Linux-PAM documentation
>describe the semantics of PAM_REINITIALIZE_CREDS in any useful detail.
I would agree it is vague, but then that is also a problem with the XSSO
document (http://www.opengroup.org/onlinepubs/008329799/)
>Could we please have a clarification on the semantics of
>PAM_CRED_ESTABLISH vs. the semantics of
2011 Sep 15
1
Xrdp
The VNC server just listens to the appropriate TCP/IP port and then
runs Xvnc which does the actual VNC communication. Ideally I'd be
able to do the same thing for RDP then the daemon doesn't get any more
complicated, and a bug in the RDP layer can't crash the server.
I don't know enough about how NX works but I suspect we could do the
same thing as for VNC and RDP.
I'm
2016 Aug 10
1
XRDB not in our centos6.8 build
I am a bit baffled on this.
We recently rebuilt all our servers to CentOS release 6.8 (Final) from
a prior 6.x centos release. We ran into a couple of problems such as
Java not working (just had to yum install java). It was installed, but
unable to create a java machine, until I yum install java solved the
problem.
But now a user (the big boss) is receiving xrdp errors. And it appears
2010 Jul 20
5
Record Failed Passwords
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi OpenSSH'ers,
I am emailing you to ask is it possible to record failed passwords
attempts and log them to syslog? Are there patches available for this?
Has anyone managed to do this before? Are there alternitive methods?
Many Thanks,
A
- --
Alan Neville,
Postgraduate Education Officer,
DCU Students' Union 2009/2010,
BS.c Computer
2017 Mar 13
1
pam_winbind with trusted domain
Hi,
I am having problems using pam_winbind to log in as a user in a trusted domain. The arrangement is that Samba is joined to a local domain DOMLOCAL which has a trust setup with DOMREMOTE. getent passwd/group correctly enumerates users and groups from DOMLOCAL.
If I try getent passwd for the DOMREMOTE account no result is returned. pam_winbind has a requirement that the user is a member of
2017 Feb 26
3
Running graphical applications from CentOS headless vm
Hi all,
I have installed a CentOS7 vm in my home server with all graphical tools installed: Gnome, Chrome, Tor Borwser, etc. My idea is to run these graphical applications from two MacOSX desktops. What I am looking for is something similar like Microsoft RDP services that supports copy and paste between client and server, sound, clipboard, etc ...
I have seen a possible solution using xrdp:
2011 Feb 27
8
graphically accessing pv guest
Hi all,
I''m trying to expand the screen resolution of my guest when using vnc. It
appears I need to use the extra variable in my guest config file and xenfb.
I pass it in like this:
extra = ''xenfb.video=8,1024,768''
I can see this being passed to the kernel when it boots but it doesn''t
change the vnc screen resolution. I also see this when I type ps -ef |
2014 Jan 02
2
pam_winbind fails to authenticate domain users on my debian wheezy domain member servers
Dear list members,
I am running a small active directory domain for my home network.
Everything is working as expected, except for the authentication of active
directory users on my machines running debian wheezy.
Here is my setup:
1) Active Directory Domain Controller is running on a raspberrypi
(raspbian) with samba compiled from source (v4-1-stable from git repository)
2) WIndows 7 machines
1999 Nov 22
1
[s-x86] OpenSSH 1.2pre14 fails on pam_open_session() ...
On Mon, 22 Nov 1999, Philip Brown wrote:
> [ Marc G. Fournier writes ]
> > debug("PAM_retval(open_session) about to run");
> > pam_retval = pam_open_session((pam_handle_t *)pamh, 0);
>
> >
> > ===========================================
> >
> > so, its looking like I'm authenticated properly, but when trying to set up
> > the
2019 Feb 15
3
Automated XFCE install from kickstart and epel-release issue
Hello,
I am working on a kickstart automated Centos 7 GUI vm deployment.
Defining gnome desktop in kickstart works.
@gnome-desktop - A GNOME desktop
However Centos and anything from the epel-release such as xrdp does not
work.
I have tried it on different ways.
repo --name=epel-release
%packages
#epel-release # DOES NOT WORK
@ Core #@core
@ Base
2013 Nov 28
4
SSH - Winbind and Keybased Auth
Hi Team,
We have a weird issue that we are trying to understand. We have winbind set up and working successfully for user authentication with passwords via ssh. We have pam.d/system-auth-ac and password-auth-ac (symlinked) set to require membership of a group which works great via password authentication.
However, if the user has a ssh key set up, they seem to bypass the group membership