Displaying 20 results from an estimated 500 matches similar to: "Smartcard logon issue with pam_winbind and Kerberos auth"
2015 Jan 07
0
Use Samba with ACL for read Active Directory and set Permissions via it.
Thank you.
I changed my "krb5.conf" as below :
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = JASONDOMAIN.JJ
dns_lookup_realm = false
dns_lookup_kdc = true
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = yes
default_keytab_name = /etc/krb5.keytab
default_tgs_enctypes =
2015 Jan 09
0
Use Samba with ACL for read Active Directory and set Permissions via it.
Thanks.
I'm confused. Can I paste "set" command on windows for you?
"jason" account is administrator and can join and dis-join any computer.
Cheers.
On Wednesday, January 7, 2015 2:59 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote:
On 07/01/15 10:51, Jason Long wrote:
> Thank you.
> I changed my "krb5.conf" as below :
>
>
>
2015 Jan 19
0
Did you get my previous email? Not Spam.
On 19/01/15 06:11, Jason Long wrote:
> Hi.
> Thank you.
>
> [root at printmah ~]# hostname
> printmah
>
> [root at printmah ~]# hostname -d
> jasondomain.jj
>
> [root at printmah ~]# hostname -f
> printmah.jasondomain.jj
>
> [root at printmah ~]# hostname -i
>
> 127.0.0.1
>
> [root at printmah ~]# net ads info -I 172.30.9.1 | grep [R]ealm
>
2015 Jan 12
0
Use Samba with ACL for read Active Directory and set Permissions via it.
Thank you.
I'm really sorry Bro.
You right, When I get properties from AD, "Domain name(Pre-Windows 2000)" is "JASONDOMAINI". I'm sorry :( but when I want to join a Windows client to my domain I use "JASONDOMAIN.JJ" !!!!
I guess that we must change SAMBA configuration.
Cheers.
On Friday, January 9, 2015 1:55 AM, Rowland Penny <rowlandpenny at
2015 Jan 10
0
Use Samba with ACL for read Active Directory and set Permissions via it.
Thank you.
I'm really sorry Bro.
You right, When I get properties from AD, "Domain name(Pre-Windows 2000)" is "JASONDOMAINI". I'm sorry :( but when I want to join a Windows client to my domain I use "JASONDOMAIN.JJ" !!!!
I guess that we must change SAMBA configuration.
Cheers.
On Friday, January 9, 2015 1:55 AM, Rowland Penny <rowlandpenny at
2023 Nov 02
2
Issues with AD trusts and UID/GID ranges
Hello All,
I'm having issues joining some Ubuntu servers to an Active Directory domain with trusts. All my machines are running samba and winbind. I have a two domains, we'll call them CORPORATE and CUSTOMER. CUSTOMER has a one way trust with CORPORATE, such that any resources CUSTOMER can access, CORPORATE can as well, but not vice-versa. On all of my CORPORATE machines, users are
2015 Jan 05
0
Use Samba with ACL for read Active Directory and set Permissions via it.
Thanks a lot.
I changed the below lines to correct domain name :
idmap config JASONDOMAIN : range = 10000-999999
idmap config JASONDOMAIN : schema_mode = rfc2307
and after join, the command "net rpc testjoin" show same error :
Unable to find a suitable server for domain JASONDOMAINI
Join to domain 'JASONDOMAINI' is not valid: NT_STATUS_UNSUCCESSFUL
I have an idea and I guess
2015 Jan 05
0
Use Samba with ACL for read Active Directory and set Permissions via it.
Thank you.
My Windows is Windows server 2008 R2.
About realm name, My domain name is "JASONDOMAIN.JJ".
My Windows not have any Workgroup Name. It is Domain.
Thanks
On Monday, January 5, 2015 1:05 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote:
On 05/01/15 07:02, Jason Long wrote:
> Thanks a lot.
> I changed the below lines to correct domain name :
>
>
2015 Jan 06
0
Use Samba with ACL for read Active Directory and set Permissions via it.
Thanks.
My domain name is "jasondomain.jj" and backend is "jasondomaini".
On Monday, January 5, 2015 3:48 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote:
On 05/01/15 11:09, Jason Long wrote:
>
>
> Thank you.
>
> My Windows is Windows server 2008 R2.
> About realm name, My domain name is "JASONDOMAIN.JJ".
> My Windows not have
2015 Jan 07
2
Use Samba with ACL for read Active Directory and set Permissions via it.
On 07/01/15 10:51, Jason Long wrote:
> Thank you.
> I changed my "krb5.conf" as below :
>
>
> [logging]
> default = FILE:/var/log/krb5libs.log
> kdc = FILE:/var/log/krb5kdc.log
> admin_server = FILE:/var/log/kadmind.log
>
> [libdefaults]
> default_realm = JASONDOMAIN.JJ
> dns_lookup_realm = false
> dns_lookup_kdc = true
> ticket_lifetime = 24h
2010 Dec 15
1
Smart cards, mostly solved
So, it *seems* to be working, pretty much. I needed to install
opensc, openct pcsc-lite, pcsc-lite-openct, and ctapi-common will be
installed as a dependency.
I *removed* coolkey and esc, which depended on it. 100% of the time, they
misidentifed the new/current US federal ID PIV-II cards as coolkey cards,
and popped up this "phone home" window, then a "manage smartcards"
2015 Jan 09
4
Use Samba with ACL for read Active Directory and set Permissions via it.
On 09/01/15 08:40, Jason Long wrote:
> Thanks.
> I'm confused. Can I paste "set" command on windows for you?
> "jason" account is administrator and can join and dis-join any computer.
>
> Cheers.
>
>
>
> On Wednesday, January 7, 2015 2:59 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote:
> On 07/01/15 10:51, Jason Long wrote:
2016 Apr 18
0
VPN suggestions centos 6, 7
On Mon, 18 Apr 2016, david wrote:
> FOLLOWUP & REPORT
>
> I had lots of suggestions, and the most persuasive was to try
> OpenVPN. I already had a CA working, so issuing certificates was
> easy. The HOW-TO guides were less helpful than I could hope, but
> comparing several of them, applying common sense, and trying things
> out, I arrived at a dead-end. Here's
2016 Apr 19
0
VPN suggestions centos 6, 7
On Tue, 19 Apr 2016, david wrote:
>
>
>
> At 09:09 AM 4/18/2016, you wrote:
>> On Mon, 18 Apr 2016, david wrote:
>>
>> > FOLLOWUP & REPORT
>> >
>> > I had lots of suggestions, and the most persuasive was to try OpenVPN. I
>> > already had a CA working, so issuing certificates was easy. The HOW-TO
>> > guides were less
2015 Jan 06
2
Use Samba with ACL for read Active Directory and set Permissions via it.
On 06/01/15 06:17, Jason Long wrote:
> Thanks.
> My domain name is "jasondomain.jj" and backend is "jasondomaini".
No, your realm name is "jasondomain.jj" and it would seem that your
domain name is "jasondomaini", the domain name can also be known as the
'workgroup' name.
Set smb.conf to match this:
[global]
workgroup =
2015 Jan 05
2
Use Samba with ACL for read Active Directory and set Permissions via it.
On 05/01/15 07:02, Jason Long wrote:
> Thanks a lot.
> I changed the below lines to correct domain name :
>
> idmap config JASONDOMAIN : range = 10000-999999
> idmap config JASONDOMAIN : schema_mode = rfc2307
>
> and after join, the command "net rpc testjoin" show same error :
>
> Unable to find a suitable server for domain JASONDOMAINI
> Join to domain
2011 Mar 17
4
A question about list
Hi dear all,
It may be a simple question, i have a list output with different number of
elements as following;
[[1]]
[1] 0.86801402 -0.82974691 0.39746666 -0.98566707 -4.96576856 -1.32056754
[7] -5.54093319 -0.07600462 -1.34457280 -1.04080125 1.62843297 -0.20473912
[13] 0.30659907 2.66908117 2.53791837 0.53788013 -0.57463077 0.27708874
[19] -2.94233200 1.54565643 -6.83694100
2016 Apr 19
2
VPN suggestions centos 6, 7
At 09:09 AM 4/18/2016, you wrote:
>On Mon, 18 Apr 2016, david wrote:
>
>>FOLLOWUP & REPORT
>>
>>I had lots of suggestions, and the most persuasive was to try
>>OpenVPN. I already had a CA working, so issuing certificates was
>>easy. The HOW-TO guides were less helpful than I could hope, but
>>comparing several of them, applying common sense, and
2015 Jan 05
2
Use Samba with ACL for read Active Directory and set Permissions via it.
On 05/01/15 11:09, Jason Long wrote:
>
>
> Thank you.
>
> My Windows is Windows server 2008 R2.
> About realm name, My domain name is "JASONDOMAIN.JJ".
> My Windows not have any Workgroup Name. It is Domain.
>
>
> Thanks
>
>
>
>
> On Monday, January 5, 2015 1:05 AM, Rowland Penny <rowlandpenny at googlemail.com> wrote:
> On 05/01/15
2014 Apr 16
2
A naive question respecting x.509 logins
I have been looking at replacing our current login systems with a single login
solution. In the process I managed to get sidetracked into investigating
pam_pkcs11. My question, which no doubt reveals the depth of my ignorance,
is: Can a simple USB flash memory stick be configured to work with this or
some similar module of which I as yet know nothing?
Everything I have managed to find about