similar to: Smartcard logon issue with pam_winbind and Kerberos auth

Thank you. I changed my "krb5.conf" as below : [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = JASONDOMAIN.JJ dns_lookup_realm = false dns_lookup_kdc = true ticket_lifetime = 24h renew_lifetime = 7d forwardable = yes default_keytab_name = /etc/krb5.keytab default_tgs_enctypes =

Thanks. I'm confused. Can I paste "set" command on windows for you? "jason" account is administrator and can join and dis-join any computer. Cheers. On Wednesday, January 7, 2015 2:59 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote: On 07/01/15 10:51, Jason Long wrote: > Thank you. > I changed my "krb5.conf" as below : > > >

On 19/01/15 06:11, Jason Long wrote: > Hi. > Thank you. > > [root at printmah ~]# hostname > printmah > > [root at printmah ~]# hostname -d > jasondomain.jj > > [root at printmah ~]# hostname -f > printmah.jasondomain.jj > > [root at printmah ~]# hostname -i > > 127.0.0.1 > > [root at printmah ~]# net ads info -I 172.30.9.1 | grep [R]ealm >

Thank you. I'm really sorry Bro. You right, When I get properties from AD, "Domain name(Pre-Windows 2000)" is "JASONDOMAINI". I'm sorry :( but when I want to join a Windows client to my domain I use "JASONDOMAIN.JJ" !!!! I guess that we must change SAMBA configuration. Cheers. On Friday, January 9, 2015 1:55 AM, Rowland Penny <rowlandpenny at

Thank you. I'm really sorry Bro. You right, When I get properties from AD, "Domain name(Pre-Windows 2000)" is "JASONDOMAINI". I'm sorry :( but when I want to join a Windows client to my domain I use "JASONDOMAIN.JJ" !!!! I guess that we must change SAMBA configuration. Cheers. On Friday, January 9, 2015 1:55 AM, Rowland Penny <rowlandpenny at

Hello All, I'm having issues joining some Ubuntu servers to an Active Directory domain with trusts. All my machines are running samba and winbind. I have a two domains, we'll call them CORPORATE and CUSTOMER. CUSTOMER has a one way trust with CORPORATE, such that any resources CUSTOMER can access, CORPORATE can as well, but not vice-versa. On all of my CORPORATE machines, users are

Thanks a lot. I changed the below lines to correct domain name : idmap config JASONDOMAIN : range = 10000-999999 idmap config JASONDOMAIN : schema_mode = rfc2307 and after join, the command "net rpc testjoin" show same error : Unable to find a suitable server for domain JASONDOMAINI Join to domain 'JASONDOMAINI' is not valid: NT_STATUS_UNSUCCESSFUL I have an idea and I guess

Thank you. My Windows is Windows server 2008 R2. About realm name, My domain name is "JASONDOMAIN.JJ". My Windows not have any Workgroup Name. It is Domain. Thanks On Monday, January 5, 2015 1:05 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote: On 05/01/15 07:02, Jason Long wrote: > Thanks a lot. > I changed the below lines to correct domain name : > >

Thanks. My domain name is "jasondomain.jj" and backend is "jasondomaini". On Monday, January 5, 2015 3:48 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote: On 05/01/15 11:09, Jason Long wrote: > > > Thank you. > > My Windows is Windows server 2008 R2. > About realm name, My domain name is "JASONDOMAIN.JJ". > My Windows not have

On 07/01/15 10:51, Jason Long wrote: > Thank you. > I changed my "krb5.conf" as below : > > > [logging] > default = FILE:/var/log/krb5libs.log > kdc = FILE:/var/log/krb5kdc.log > admin_server = FILE:/var/log/kadmind.log > > [libdefaults] > default_realm = JASONDOMAIN.JJ > dns_lookup_realm = false > dns_lookup_kdc = true > ticket_lifetime = 24h

So, it *seems* to be working, pretty much. I needed to install opensc, openct pcsc-lite, pcsc-lite-openct, and ctapi-common will be installed as a dependency. I *removed* coolkey and esc, which depended on it. 100% of the time, they misidentifed the new/current US federal ID PIV-II cards as coolkey cards, and popped up this "phone home" window, then a "manage smartcards"

On 09/01/15 08:40, Jason Long wrote: > Thanks. > I'm confused. Can I paste "set" command on windows for you? > "jason" account is administrator and can join and dis-join any computer. > > Cheers. > > > > On Wednesday, January 7, 2015 2:59 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote: > On 07/01/15 10:51, Jason Long wrote:

On Mon, 18 Apr 2016, david wrote: > FOLLOWUP & REPORT > > I had lots of suggestions, and the most persuasive was to try > OpenVPN. I already had a CA working, so issuing certificates was > easy. The HOW-TO guides were less helpful than I could hope, but > comparing several of them, applying common sense, and trying things > out, I arrived at a dead-end. Here's

On Tue, 19 Apr 2016, david wrote: > > > > At 09:09 AM 4/18/2016, you wrote: >> On Mon, 18 Apr 2016, david wrote: >> >> > FOLLOWUP & REPORT >> > >> > I had lots of suggestions, and the most persuasive was to try OpenVPN. I >> > already had a CA working, so issuing certificates was easy. The HOW-TO >> > guides were less

On 06/01/15 06:17, Jason Long wrote: > Thanks. > My domain name is "jasondomain.jj" and backend is "jasondomaini". No, your realm name is "jasondomain.jj" and it would seem that your domain name is "jasondomaini", the domain name can also be known as the 'workgroup' name. Set smb.conf to match this: [global] workgroup =

On 05/01/15 07:02, Jason Long wrote: > Thanks a lot. > I changed the below lines to correct domain name : > > idmap config JASONDOMAIN : range = 10000-999999 > idmap config JASONDOMAIN : schema_mode = rfc2307 > > and after join, the command "net rpc testjoin" show same error : > > Unable to find a suitable server for domain JASONDOMAINI > Join to domain

Hi dear all, It may be a simple question, i have a list output with different number of elements as following; [[1]] [1] 0.86801402 -0.82974691 0.39746666 -0.98566707 -4.96576856 -1.32056754 [7] -5.54093319 -0.07600462 -1.34457280 -1.04080125 1.62843297 -0.20473912 [13] 0.30659907 2.66908117 2.53791837 0.53788013 -0.57463077 0.27708874 [19] -2.94233200 1.54565643 -6.83694100

At 09:09 AM 4/18/2016, you wrote: >On Mon, 18 Apr 2016, david wrote: > >>FOLLOWUP & REPORT >> >>I had lots of suggestions, and the most persuasive was to try >>OpenVPN. I already had a CA working, so issuing certificates was >>easy. The HOW-TO guides were less helpful than I could hope, but >>comparing several of them, applying common sense, and

On 05/01/15 11:09, Jason Long wrote: > > > Thank you. > > My Windows is Windows server 2008 R2. > About realm name, My domain name is "JASONDOMAIN.JJ". > My Windows not have any Workgroup Name. It is Domain. > > > Thanks > > > > > On Monday, January 5, 2015 1:05 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote: > On 05/01/15

I have been looking at replacing our current login systems with a single login solution. In the process I managed to get sidetracked into investigating pam_pkcs11. My question, which no doubt reveals the depth of my ignorance, is: Can a simple USB flash memory stick be configured to work with this or some similar module of which I as yet know nothing? Everything I have managed to find about