Displaying 20 results from an estimated 400 matches similar to: "Sudoers in Samba LDAP"
2023 Nov 24
1
Sudoers in Samba LDAP
On Fri, 24 Nov 2023 13:30:13 +0500
Anton Shevtsov via samba <samba at lists.samba.org> wrote:
> Hi,
>
> I have a DC on samba 4.17.12
>
> I want store sudoers in LDAP, and use sssd for get rules from LDAP.
>
> I was configured sssd.conf
>
> [sssd]
> config_file_version = 2
> services = nss, pam, sudo
> user = _sssd
> domains = TEST.ALT
>
>
2023 Nov 24
1
Sudoers in Samba LDAP
24.11.2023 14:57, Rowland Penny via samba ?????:
> On Fri, 24 Nov 2023 13:30:13 +0500
> Anton Shevtsov via samba<samba at lists.samba.org> wrote:
>
>> Hi,
>>
>> I have a DC on samba 4.17.12
>>
>> I want store sudoers in LDAP, and use sssd for get rules from LDAP.
>>
>> I was configured sssd.conf
>>
>> [sssd]
>>
2013 Jun 29
1
samba4 pdc: Import sudoers active directory schema to ldb
Hi guys and congrats for bringing a fantastic project to the open source world. I' ve setup a samba4 pdc succefully and i am able to do domain logins. I was also able to add the automount schema into the ldb. But when it comes to sudoers schema i cant import it in.
Further system details:
Debian wheezy 7,
samba 4.0.6 compiled from source,
sudo-ldap standard binary package from repos.
I have
2014 Jul 03
1
How to manipulate ldap access rights on Samba 4?
Hi,
I'm having hard time getting sssd_sudo to work: when sssd_sudo
accesses Samba ldap with host principal 'dc1$@teemu.local' it can't
read necessary attributes like objectclass: sudoRole. When accessing
as Administrator all attributes are shown. How can I enable other
users then Administrator to access sudoers' attributes? Below is an
example.
[root at dc1 var]# kinit
2016 Apr 21
1
[Solved] Samba 4 sudoers
On Thu, 21 Apr 2016, John Gardeniers wrote:
> Good news, I now have this working. Once I finish writing my notes I'll make
> them available to whoever might want them.
Good to hear. I tried to get his working by following some of the online
docs and the sudoers docs, and never did get it to work. It'd be great if
someone could put this up on the Samba wiki when it's
2010 Oct 07
1
ldif invalid per syntax
Hello CentOS
I am having a bit of trouble importing an ldif into openldap, tho the
syntax looks a-ok to me. I am attempting to import my sudoers list
into my ldap configuration and I used an application called sudoers2ldif
to generate the ldif.
I used the following command to import the file:
=============================================
[root at bluethundr-desktop:~/txt/ldif ] $:ldapadd -h
2014 Jul 02
1
sssd_sudo search results different from command line ldapsearch
Hi all! I'm attempting to configure sudo rights from Samba ldap. Alas,
libsssd_samba receives 0 rules and config doesn't work. I think I have
the problem identified here but I don't understand why. The way
sssd_sudo searches for sudoers leave all important attributes out and
of course filtering then fails. Can you help me to understand why
following search results are so different (and
2019 Apr 12
3
Sudo rules in samba with winbind
Hello All,
I am currently changing my samba linux clients (Debian) from sssd binding
to winbind.
With sssd I had all sudo rules within the samba active directory.
The configuration was based on:
https://lists.samba.org/archive/samba/2016-April/199402.html
Is there some guideline like the one mentioned available/has someone
already experience with this for winbind based clients?
Within the
2014 Aug 13
1
howto install sudo schema
Hi everyone
i wish to add the Microsoft Active Directory schema from the sudo
package to my samba4 ADC,
from what i have researched this is what i should do,
the Microsoft Active Directory schema and the instructions are from the
sudo package,
the sudo_user file is an example from the man page.
ldbadd -H /etc/samba/private/sam.ldb \
schema.ActiveDirectory \
--option="dsdb:schema
2018 Dec 06
5
RHEL7/Centos7 with Samba AD
Hi All,
I know RHEL has bad press here but I'd like to share a different opinion
(works for me) and maybe share some of my settings.
BTW, Those views are my own, not those of my employer.
I run a small AD at home. The setup is as follows:
- two AD DCs (RHEL7.6 KVM virtual machines + Samba 4.8.7 rpms based on
SPECs from TranquilIT/Fedora).
- several Win10 laptops joined to the domain.
-
2015 Jun 23
2
domain join failure - error during DRS repl ADD: No objectClass found
Hello,
I am trying to join a third domain controller to an existing Samba 4 domain (sernet samba 4.2.1-17.el6.x86_64) and we're hitting a problem that looks like some bad replication data on certain objects. We get part way through replicating the tree and then it dies on a Sudo Rule object:
[root at dc03 ~]# /usr/bin/samba-tool domain join EXAMPLE.COM DC -U Administrator
2019 Jun 11
2
Sharing directory via Samba using AD credentials
Hi List,
I?m attempting to configure an Active Directory joined CentOS 7 host to share directories with Windows clients using Samba. The machine has been joined to the domain via: ?adcli join --stdin-password --domain-ou=?OU=Servers,DC=domain,DC=com' --login-user={{ private_ad_username }} -S dc1 DOMAIN.COM". Logging in to the host via ssh with AD user credentials works fine. I have SSSD
2019 Aug 05
4
No dynamic dns updates if client ip changed
Hi,
?
I've a problem with the dynamic dns updates. It seems they won't work.
?
Most of my clients have a dynmaic IP so sometimes they change. If I do a ping to the name, it tries do ping the old ip insead of the changed new one.
?
I tried a "samba_dnsupdate --verbose" and got a looking/checking output and at least a "No DNS updates needed". But the client still has the
2018 Jul 20
2
SSSD on CentOS 7 failing to start when connecting to 4.8.3 AD via LDAP
I've been going around in circles with this for days and I'm stuck. I'm
trying to run up a new AD environment with only Samba 4.8.3 servers that
we'll authenticate user server access against via SSSD/LDAP using a simple
bind. All of our servers are either CentOS 6 or 7.
I've created a test environment with a single Samba AD 4.8.3 server as the
AD server, a Windows 7 client
2010 Nov 04
0
failure to import ldif into ldap
Thanks all.. I have read the man of ldif.... your advice has gotten me
quite far both in my current implementation and in my overall
understanding of LDAP which I am hoping grows with each passing day.
In my attempt to build my current directory, I have taken a dump of
my last successful implementation (which was created on FreeBSD 8.1)
and substituted values for the dc=company and dc=com values
2015 Jun 23
0
domain join failure - error during DRS repl ADD: No objectClass found
On 23/06/15 15:02, Luke Bigum wrote:
> Hello,
>
> I am trying to join a third domain controller to an existing Samba 4 domain (sernet samba 4.2.1-17.el6.x86_64) and we're hitting a problem that looks like some bad replication data on certain objects. We get part way through replicating the tree and then it dies on a Sudo Rule object:
>
> [root at dc03 ~]# /usr/bin/samba-tool
2023 Oct 15
1
reliability of mounting shares while login
Hi @all,
I have some problems when using pam_mount.conf.xml to mount shares via kerberos (and also for ntlm) regarding reliability of the mount. I have tested the issue with 2 different environments. My environments are: 2 Microsoft Domain Controllers + a separate fileserver and Ubuntu 18.04 or 22.04 as clients. My other tested environment is one Microsoft Server 2019 (as domain controller and
2013 Oct 17
1
Authenticating sudo with ipa.
Hello,
I have set up IPA on a private network and have hit some bumps
configuring sudo access for the clients.
kinit seems to work fine for both client and server, user and root.
When I run sudo on the server I see the following in /var/log/messages:
Oct 17 17:53:52 192-168-0-100 [sssd[krb5_child[29237]]]: Decrypt
integrity check failed
Oct 17 17:53:52 192-168-0-100 [sssd[krb5_child[29237]]]:
2015 May 11
2
sssd on a DC
On 10 May 2015 at 16:11, Jonathan Hunter <jmhunter1 at gmail.com> wrote:
> OK, I've got a little further and I think I have tracked this down to
> a reverse DNS issue - which was non-obvious to me, so here is a
> write-up for the benefit of the archives.
Just to close this off - I have now got sssd configured and working on
my Samba4 DCs (well, if I'm being picky, I have it
2019 Jun 11
0
Sharing directory via Samba using AD credentials
On 11/06/2019 14:01, Zach Doman via samba wrote:
> Hi List,
>
> I?m attempting to configure an Active Directory joined CentOS 7 host to share directories with Windows clients using Samba. The machine has been joined to the domain via: ?adcli join --stdin-password --domain-ou=?OU=Servers,DC=domain,DC=com' --login-user={{ private_ad_username }} -S dc1 DOMAIN.COM". Logging in to the