Displaying 20 results from an estimated 3000 matches similar to: "Samba - faster failover to other AD servers?"
2023 Apr 13
4
Is LDAP + Kerberos without Active Directory no longer supported?
Ok after installing libpam-winbind etc I had someone try to connect from
a MacOS and they got:
[2023/04/13 15:50:50.002773,? 1]
../../source3/auth/auth_generic.c:211(auth3_generate_session_info_pac)
? auth3_generate_session_info_pac: Unexpected PAC for
[testuser at OURREALM.REALM] in standalone mode - NT_STATUS_BAD_TOKEN_TYPE
[2023/04/13 15:50:50.002891,? 3]
2006 Mar 17
1
getpwnam() fails for LDAP Users on AIX 5.3
Hello List,
below our smb.conf and loglevel 5 output of a failed authentication. We
want to get the Unix User details from MS-SFU using the new idmap_ad
Backend.
If the Windows User is mapped to local name it's all fine. But if we want
to use our SFU Users it fails. We believe getpwnam() on AIX is faulty.
"id username" and login works for all users local and AD!
Any ideas how to
2018 Dec 09
2
"wbinfo -u" considered harmful towards Winbindd...
Our setup:
Windows AD realm with ~115K users (and numerous groups etc)
FreeBSD servers with Samba 4.7.6 and Samba 4.9.3 (both show the same growth)
We just noticed that one of the ‘winbindd’ daemons on the servers seems to be growing and growing forever. A bit of detective work pointed us at the “wbinfo -u” command being that culprit. As part of a systems monitoring script we ran that once a
2016 Mar 31
5
NFSv4 / Krb / wildcard in keytab
Hi,
I'm trying to use wildcard in keytab because i don't want join every
computer, client for service NFS krb5.
I add a spn like this
# samba-tool spn add host/* nfs
(I create user nfs before)
# samba-tool spn list nfs
nfs
User CN=nfs,CN=Users,DC=if,DC=ujf-grenoble,DC=fr has the following
servicePrincipalName:
host/*
I export keytab :
#samba-tool domain exportkeytab
2014 Sep 23
2
NFS4 with samba4 AD for authentication
It's probably difting slightly off the topic, but I know that there are
some people listening here, who have a decent expertise. I'm trying to
setup a file server (nfs4 at ad.domain) and mount from a client
(hunin at ad.domain) using the user database and especially Kerberos
provided by my AD (samba at ad.domain).
It already works nicely, if I forget about krb5, i.e. idmapd is
2016 Dec 02
4
Samba and kerberized NFSv4
Hi Marcel
thx. for your fast response. I didn't manage to follow up sooner. I had already verbose logging turned on but I don't seem to find the real reason, why the domain controller searchs for a userPrincipalName instead of servicePrincipalName.
Because I wasn't sure whether it is the nfs client process or the server process that failed to get the kerberos ticket when I tried the
2016 Nov 28
2
Samba and kerberized NFSv4
Hi Folks
I'm trying to share user home directories hosted on a Samba-4 member
server via NFSv4. Everything's working well with the Windows shares but
when it comes to kerberized NFSv4 it fails. I can't even mount the home
root directory via nfs on the server itself ("mount.nfsv4: access denied
by server while mounting ...").
As far as I have tracked it down, it appears to
2018 Oct 24
5
Again NFSv4 and Kerberos at the 'samba way'...
Good morning Marco and others.
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Marco Gaiarin via samba
> Verzonden: dinsdag 23 oktober 2018 18:58
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] Again NFSv4 and Kerberos at the 'samba way'...
>
>
> Sorry, i come back to this topic in a different thread,
2010 Aug 11
0
Aastra 6739i Support
All,
I have multiple Asterisk servers in various locations running various
1.4 and 1.6 versions (lab and production) and am having trouble with a
new Aastra 6739i (3.0.1.2015) registering. Below is my request to
support and they have looked it over and don't see anything wrong:
Support, Can not get a 6739i to register with 3 different Asterisk
servers with varying configurations/versions
2018 Feb 02
1
How to trigger a resync of a newly replaced empty brick in replicate config ?
Hi,
I simplified the config in my first email, but I actually have 2x4 servers in replicate-distribute with each 4 bricks for 6 of them and 2 bricks for the remaining 2. Full healing will just take ages... for a just single brick to resync !
> gluster v status home
volume status home
Status of volume: home
Gluster process TCP Port RDMA Port Online Pid
2018 Oct 31
12
Again NFSv4 and Kerberos at the 'samba way'...
Hai Marco,
>
> Mandi! L.P.H. van Belle via samba
> In chel di` si favelave...
>
> > Sofar, until tomorrow,
>
> Done some tests, metoo.
>
> 1) seems that nfs-common is disabled 'by design'. Looking at debian
> changelog:
>
> nfs-utils (1:1.2.8-9.1) unstable; urgency=medium
>
> Partial sync from ubuntu, included changes:
>
>
2012 Apr 23
2
Windows 2008R2 AD, kerberos, NFSv4
Hi,
I'm trying to set up NFSv4 on two boxes (centos 5.5) and have it
authenticate against our Windows 2008R2 AD server acting as the KDC.
(samba/winbind is running ok with "idmap config MYCOMPANY: backend = rid"
so we have identical ids across the servers.)
I can mount my test directory fine via NFSv4 *without* the sec=krb5 option.
However, once I put the sec=krb5 option in,
2013 Jun 05
3
Samba4 and NVSv4
Short story: cannot get Kerberized NFSv4 to work. I've googled a great
deal and cannot find where I have goofed (and there sure is a lot of
misleading and just plain incorrect information out there), so would
appreciate another pair of eyes. NFSv4 without Kerberos does work fine, as
does ID mapping. We're using NFSv4 in production with sec=sys, but I'm not
happy with that. My
2013 Jun 05
3
Samba4 and NVSv4
Short story: cannot get Kerberized NFSv4 to work. I've googled a great
deal and cannot find where I have goofed (and there sure is a lot of
misleading and just plain incorrect information out there), so would
appreciate another pair of eyes. NFSv4 without Kerberos does work fine, as
does ID mapping. We're using NFSv4 in production with sec=sys, but I'm not
happy with that. My
2018 Nov 06
3
Again NFSv4 and Kerberos at the 'samba way'...
Hai Rowland,
Yes, that correct.
If you use this in override.conf then its. ( so not a copy of the service file to /etc/systemd )
systemctl edit rpc-gssd.service
[Service]
ExecStart=
ExecStart=/Your/Own/Script/script.sh
Note the empty line, without that won the override is NOT working.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: Rowland Penny [mailto:rpenny at
2011 May 10
3
ERROR: -91 after Kernel Upgrade
Hey guys,
I have a OCFS2 Cluster mounted at 4 xen-server (gentoo). Today I
upgraded the xen-kernel for tests at one server (server2) from
2.6.34-xen to 2.6.38-xen-r1. After reboot the server couldn''t mount the
ocsfs2 device anymore.
ocfs2-tools version: sys-fs/ocfs2-tools-1.4.3
Modules are loaded and /config type configfs and /dlm type ocfs2_dlmfs
are mounted.
server2 ~ # mount
2013 Feb 07
4
NFSv4 + Kerberos permission denied
Hello,
I've got a little problem with NFSv4 + Kerberos. I can do a mount with
Kerberos with a valid ticket, but read-only.
After the mount -vvv -t nfs -o nfsv4,sec=krb5 nfsserver:/ /mount_test/
I can see:
#klist:
Feb 6 07:22:47 Feb 6 17:22:43 nfs/nfsserver at my.domain
#/var/heimdal/kdc.log:
2013-02-06T07:28:26 TGS-REQ clientnfs at my.domain from IPv4:192.168.0.23
for nfs/nfsserver at
2018 Oct 23
2
Again NFSv4 and Kerberos at the 'samba way'...
Sorry, i come back to this topic in a different thread, because i'm
still totally puzzled with the previuous one. Louis, sorry me. ;(
I've tried to start with this, that seems very simple:
https://wiki.debian.org/NFS/Kerberos
And so i've done:
a) installed 'nfs-kernel-server' on server, 'nfs-common' on client.
Ok, this is easy.
b) AFAI've understood i need
2010 Oct 21
2
Mount/automount fails with krb5-enabled nfs4
I have a problem that is driving me crazy. Our nfs server is running
Solaris. Most clients mount directories from it with no problems, but
not all. All clients that have problems run CentOS (5.4 and 5.5). I've
found one or two of each version that fail, but also a couple of each
version that work.
The mounting is done for user home directories via autofs but that
doesn't seem to make any
2017 Dec 23
5
[Bug 2815] New: please set KRB5CCNAME to collection
https://bugzilla.mindrot.org/show_bug.cgi?id=2815
Bug ID: 2815
Summary: please set KRB5CCNAME to collection
Product: Portable OpenSSH
Version: 7.4p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Kerberos support
Assignee: unassigned-bugs