similar to: kerberos default_ccache_name with sssd

Displaying 20 results from an estimated 700 matches similar to: "kerberos default_ccache_name with sssd"

2024 Jun 12
1
kerberos default_ccache_name with sssd
Just to show what i mean when i ssh into my vms, 2 vms save the cache in /tmp and the other 2 in /home. See what happens when i run the loop below: > for i in rocky8client rocky9client rocky9server rocky8server; do /usr/bin/sshpass -p password /usr/bin/ssh -l jdoe $i "hostname; klist"; done rocky8client.domain.net Ticket cache: FILE:/tmp/krb5cc_2000_WP04h8h0sa Default
2024 Jun 13
1
kerberos default_ccache_name with sssd
I have not looked at Kerberos is years. But it looks like KRB5CCNAME comes from: https://github.com/openssh/openssh-portable/blob/master/gss-serv-krb5.c#L134-L197 But it depends on which version of Kerberos you have, and if you are also use PAM. Google for: heimdal kerberos cache name It looks like there is now a SSSD Kerberos Cache Manager rather then storing in individual file. On 6/11/2024
2024 Jun 11
1
kerberos default_ccache_name with sssd
Thank you both for the replies and explanation! @douglas Can i set?KRB5CCNAME somewhere so that it uses /home? Where? But even if i could set the env variable i have this odd behavior: I now have 4 vms running. 2 are rocky8 and 2 are rocky9, with same settings and versions I stated on my first post. From the 4 vms, when I ssh into them, 2 of them set a cache file in the users home and the
2024 Jun 11
1
kerberos default_ccache_name with sssd
On 6/6/2024 8:26 AM, Dave Macias wrote: > *I wanted to see if I could make the cache file user-specific, instead of > the default location (/tmp/krb5cc-blabla).* SSH is creating a separate ticket cache file for each login session and owned by the user. This has been the preferred way to do this for decades. https://kerberos.mit.narkive.com/YJB4Hshz/krb5ccname-and-sshd Your: "Ticket
2020 Aug 26
8
[Bug 3203] New: Could default_ccache_name from krb5.conf be used for GSSAPI connections?
https://bugzilla.mindrot.org/show_bug.cgi?id=3203 Bug ID: 3203 Summary: Could default_ccache_name from krb5.conf be used for GSSAPI connections? Product: Portable OpenSSH Version: 8.3p1 Hardware: ix86 OS: Linux Status: NEW Severity: enhancement Priority: P5
2013 Aug 28
1
volume on btrfs brick and copy-on-write
Hello Is it possible to take advantage of copy-on-write implemented in btrfs if all bricks are stored on it? If not is there any other mechanism (in glusterfs) which supports CoW? regards -- Maciej Ga?kiewicz Shelly Cloud Sp. z o. o., Sysadmin http://shellycloud.com/, macias at shellycloud.com KRS: 0000440358 REGON: 101504426 -------------- next part -------------- An HTML attachment was
2013 Feb 25
1
doveadm search not showing expected results
i'm running doveadm search: >doveadm search -A mailbox sent savedbefore 365d > and it's returning no results. a similar command does return some results: >doveadm search -A mailbox sent savedbefore 120d | grep -iF 'jdoe' jdoe 7b9a8b0b7d37504fe72c000055e4fe9a 65 jdoe 7b9a8b0b7d37504fe72c000055e4fe9a 66 jdoe 7b9a8b0b7d37504fe72c000055e4fe9a 67 jdoe
2020 May 02
0
default backend = rid not showing full group information for users
On 2020-05-02 16:42, Rowland penny via samba wrote: > On 02/05/2020 15:07, Jelle de Jong via samba wrote: >> Am I wrong to expect that id user and getent group should list me the >> groups the user is part of. >> >> For example wbinfo --group-info=office shows me that user jdoe and >> lgaga are part of the group, but then when doing id jdoe or id lgaga >>
2017 Mar 07
0
iOS Mail app and rapid authenticate / disconnect on Dovecot proxy
Hi folks, I have a handful of iOS 10.2.1 Mail app IMAP clients that intermittently break into this unexplained authenticate-then-immediately-disconnect behavior when connecting to a RHEL7 Dovecot (dovecot-2.2.10-7.el7) proxy, providing proxied connections to a backend Panda/UW-IMAP server. From talking to the users, the activity would appear to be spontaneous (ie: not caused by user
2020 May 02
0
default backend = rid not showing full group information for users
On 2020-05-02 20:20, Rowland penny via samba wrote: > On 02/05/2020 18:59, Jelle de Jong via samba wrote: >> On 2020-05-02 16:42, Rowland penny via samba wrote: >>> On 02/05/2020 15:07, Jelle de Jong via samba wrote: >>>> Am I wrong to expect that id user and getent group should list me >>>> the groups the user is part of. >>>>
2020 May 02
2
default backend = rid not showing full group information for users
On 02/05/2020 18:59, Jelle de Jong via samba wrote: > On 2020-05-02 16:42, Rowland penny via samba wrote: >> On 02/05/2020 15:07, Jelle de Jong via samba wrote: >>> Am I wrong to expect that id user and getent group should list me >>> the groups the user is part of. >>> >>> For example wbinfo --group-info=office shows me that user jdoe and
2020 May 02
0
default backend = rid not showing full group information for users
Am I wrong to expect that id user and getent group should list me the groups the user is part of. For example wbinfo --group-info=office shows me that user jdoe and lgaga are part of the group, but then when doing id jdoe or id lgaga the office group is not shown, neither in getent group. What should I change in my config to have full group information working? root at samba01:~# wbinfo
2013 May 05
5
dovecot 2.2.0 corrupts mailboxes?
Hi On april 17th, I upgraded from dovecot 2.1.13 to 2.2.0. Since that time, I had two different users that reported received three incident of messages that disapeared from their mailboxes. The mailbox format is mbox on local FFS filesystem (no NFS), and I use filesystem quotas (but both users are far from filling their quotas). When the message disapeared, it was always a whole rand of dates.
2013 Apr 29
1
quota-related crash for doveadm dsync operation
Hi I understand the crash below is caused by filesystem quota. I just report it because perhaps it could have a more graceful failure. Apr 29 09:39:17 danceny dovecot: dsync-local(jdoe): Error: Mailbox Sent: Saving failed: Not enough disk space Apr 29 09:39:17 danceny syslogd[165]: last message repeated 4 times Apr 29 09:39:17 danceny dovecot: doveadm: Error: dsync-remote(jdoe): Error: Cached
2020 May 02
4
default backend = rid not showing full group information for users
On 02/05/2020 15:07, Jelle de Jong via samba wrote: > Am I wrong to expect that id user and getent group should list me the > groups the user is part of. > > For example wbinfo --group-info=office shows me that user jdoe and > lgaga are part of the group, but then when doing id jdoe or id lgaga > the office group is not shown, neither in getent group. > > What should I
2012 Oct 11
1
imap proxy setup - "killed with signal 11"
hi- i'm setting up an imap proxy in front of a novell groupwise server. it seems to so far be partially working, but dovecot is having trouble in certain cases. i expect that it's ultimately due to what i believe is a very poor implementation of imap provided by groupwise [at least based on other experiences in the past] - but that's a big part of why i'd like to have
2020 May 02
0
default backend = rid not showing full group information for users
On 2020-05-02 20:42, Rowland penny via samba wrote: > On 02/05/2020 19:28, Jelle de Jong via samba wrote: >> root at s4ad01:~# samba-tool user show jdoe > > There is no apparent reason why the groups do not work with chgrp, the > only reason I can think of is that the group was created and when you > tried to 'chgrp' the file, winbind read from its cache and it
2013 Oct 08
1
sssd - ldap uid/gid does not match with uid/gids in the openLDAP DS
CentOS 6.4 (amd64) client desktop with SSSD installed+configured to do LDAP AUTH from an openLDAP DS. Groups in LDAP DS -- dsusers (for all users), project1, project2, .... The objective is to give group permissions to directory trees with users belonging to various groups; users thereby inheriting the ACL given to respective groups. Test case -- uid: jdoe, gid: dsusers (primary) On LDAP
2009 Nov 24
2
SLES 10 client keeps removing and re-adding accounts to groups
SLES 10 clients keeps removing and re-adding accounts to groups. Can''t use this product in production as a result, I''d like to use it though. Using clients 25.1 with master 25.1 This keeps re-occuring with every single puppet client run: Nov 24 09:57:09 puppetd[26915]: (//unixuser/User[jdoe]/groups) groups changed ''wheel'' to ''unixadm,wheel''
2016 Apr 19
1
Cannot browse mode 0700 directories from Windows with security=ads
On Mon, Apr 18, 2016 at 06:56:48PM +0100, Rowland penny wrote: > >nslcd is running, in fact. However, the AD server does not have uidNumber > >and gidNumber attributes for the users in question. Maybe this is part > >of the problem? > nslcd relies on uidNumber & gidNumber attributes, so if they don't exist, as > far as Unix is concerned the user or group