Displaying 20 results from an estimated 3000 matches similar to: "User database ldap lookups and sasl"
2016 Dec 08
2
Samba 4.51 Solaris 11 AD client
Solaris 11 include samba 3.6.25. I compiled samba 4.5.1 using GCC 4.8 and
gmake. Had set following env variables to make sure krb5.conf was found
# CPLUS_INCLUDE_PATH=/usr/include:/usr/include/kerberosv5/
# C_INCLUDE_PATH=/usr/include:/usr/include/kerberosv5/
After setting "client ldap sasl wrapping = plain" I was able to join to a
Windows 2008 domain with samba 4.
2012 Jul 12
2
nslcd service - "Client not found in Kerberos database"
Hi,
I am trying to configure the nslcd service on an Ubuntu client for kerberos
authentication against samba4. My /etc/nslcd.conf contains the following:
uid nslcd
gid nslcd
uri ldapi:///cofil01.mydomain.net
base dc=mydomain,dc=net
sasl_mech GSSAPI
krb5_ccname FILE:/tmp/host.tkt
I have added the host principal "host/ubuntu-test.mydomain.net @
MYDOMAIN.NET" to /etc/krb5.keytab on both
2012 May 23
2
multi home dir locations
Hi all,
i've got samba 3.6 joined to a ad domain (s4 in this case)
running winbind
all looks ok, but i ran into a problem (for us that is)
i've got 2 groups (students and employes)
who have there home dirs in 2 different places.
/home/students/<user>
/home/employ/<user>
so far so good, but i can't make the [homes] work for both of them (just
1 group)
in winbind
2016 Dec 21
1
compiling Samba4 on Solaris11
I am unable to compile Samba 4.4.7, 4.5.1 or 4.5.3 on Solaris 11. I had
been able in the past so maybe an update to GCC broke something.
GCC 4.8 is the default. I then installed GCC 4.9. /usr/bin/gcc is a
symlink to /usr/gcc/4.9/bin/gcc.
I compiled the latest openldap (client only) to the samba target directory.
Set environmental variables so the krb5.h and openldap would be found.
2015 Dec 16
2
samba4 schema for openldap
On 16/12/15 20:40, Таболин Юрий wrote:
> 16.12.2015 22:47, Rowland penny пишет:
>> On 16/12/15 19:35, Rowland penny wrote:
>>> On 16/12/15 19:02, Таболин Юрий wrote:
>>>> Hi all.
>>>>
>>>> I have samba 4.2.3 on freebsd 10.1 server. There are three DC and
>>>> about 350 PC on domain. I wrote earlier that samba4 ldap
2005 Jun 10
2
samba configure not working
Hello,
I'm having an issue compiling samba with-ads enabled. I've
successfully compiled kerberosV5 and Openldap. I can the following line
when compiling Samba ./configure --with-pam --with-ads
--with-ldap=/usr/local/openldap --with-winbind --with-krb5
The configure fails due to not having ldap support. Any ideas?
Rick Mattier
Systems Analyst II
Windriver Systems
120 Royall St
2005 May 05
2
Fwd: Follow Up - Problem with groups & joining domain.- LDAP
Follow up to original post.
If I created local groups and users in /etc/passwd &
/etc/groups I get farther along.
For instance, if I have a Samba PDC with LDAP basically like I listed
in my post. If I browse from a w2k pro box to the samba server
without the workstation having joined the domain, I can authenticate
to the samba server with a user who is not in /etc/passwd but is in
LDAP. So
2012 Jan 17
1
Samba 4 and GSSAPI kerberos ldap connect
Hi everyone
I'm trying to use kerberos to authenticate to Samba 4 ldap. At the
moment, I authenticate by specifying the binddn and password in
/etc/nslcd.conf and all works fine
If I add the line:
sasl_mech GSSAPI
to /etc/nslcd.conf
and restart nslcd, no one can connect to the database. Nothing works.
ldapsearch and getent passwd draw a blank.
ldapsearch -x -b '' -sbase
2004 Dec 06
3
ADS Authentication
I'm about ready to smash my head through a wall...I could use a few answers.
1. When using security = ads, and completing net ads join, it was my
understanding that samba authenticated username/pword against ads, and
local posix accounts were nolonger needed, is this true?
2. If yes, I have not been able to get it to work. If I have a posix
user account with the same name as one in
2005 Jan 16
0
/etc/krb5.keytab and Preauthentication required
Hello list,
In the release note of Samba 3.0.6 the following parameter is described:
o Maintaining the service principal entry in the system
keytab for integration with other kerberized services.
Please refer to the 'use kerberos keytab' entry in
smb.conf(5). When using the heimdal kerberos libraries,
you must also specify the following in /etc/krb5.conf:
2012 Jan 11
6
Samba 4 kerberos and kinit
Hi
After starting Samba 4, before anyone can do anything, Administrator has
to do a kinit to get a new ticket. This creates a cache /tmp/krb5cc_0
with an expiry time.
I've created a host principal and put it into the keytab:
samba-tool spn add host someuser
samba-tool domain exportkeytab /etc/krb5.keytab --principal=host/HH3.SITE
How can I keep Samba 4 up without having to get a new
2005 Sep 05
3
An alternate "dovecot-auth" daemon using cyrus-sasl
We use dovecot in a heterogeneous environment (Windows/Linux desktops
and Linux servers). For unified authentication we use a sheaf
"Samba/Openldap" (i.e., Samba NT domain with openldap backend and
pam/nss_ldap for Linux).
Windows users are authenticated well everywhere, but there is one old
issue. As "SPA" (NTLM) against NT domain is not supported by dovecot, it
is
2012 Jan 15
3
Samba 4 ldb_wrap open of idmap.ldb
Hi everyone
Version 4.0.0alpha18-GIT-bfc7481
I'm using nslcd to map Samba 4 users to uid:gid and home directory. At
startup I get this:
ldb_wrap open of secrets.ldb
WARNING: no socket to connect to
and /var/log/messages shows:
Jan 15 14:20:13 hh3 nslcd[2425]: [334873] failed to bind to LDAP server
ldap://h
h3.site/: Can't contact LDAP server: Transport endpoint is not connected
Jan
2016 Nov 22
2
Samba 4 "Classic PDC" trusts fail with Win 2012 domain but succeed Win 2008
I am not sure if this is relevant
root at sambaPDC:~# /usr/local/samba/bin/net rpc trustdom establish DomainB
Enter DOMAINA$'s password:
Could not connect to server DomainB_DC
Trust to domain DomainB established
root at sambaPDC:~#
root at sambaPDC:~# /usr/local/samba/bin/net rpc trustdom establish DomainC
Enter DOMAINA$'s password:
Could not connect to
2016 Nov 29
1
Samba 4 "Classic PDC" trusts fail with Win 2012 domain but succeed Win 2008
The trusts aren't really working with Windows 2008 either (where DOMAINC
is the Windows 2008 domain.)
# /usr/local/samba/bin/net rpc trustdom establish DOMAINC
Enter DOMAINA$'s password:
Could not connect to server DOMAINC_DC
Trust to domain DOMAINC established
#
Active Directory Domains and Trusts MMC on the Windows 2008 AD DC
(DOMAINC_DC) seems to think the
2005 Apr 21
0
Problem with groups & joining domain.- LDAP
Software list:
FreeBSD 5.3
Samba 3.0.14a
nss_ldap-1.204_5
openldap-client-2.2.19
openldap-server-2.2.23
p5-perl-ldap-0.32.02
pam_ldap-1.7.6
smbldap-tools-0.8.8
samba was configured with the following options. LDAP, Cups, Winbind,
utmp, popt, acl, quotas, msdfs, syslog, without_ADS
I have also tried winbind_nss which I believe is a FreeBSD wrapper
around the linux implentation of winbindd, but
2008 Aug 27
3
Solaris nss_ldap vs PADL nss_ldap
Hi All,
Any thoughts on why, while everything seems ok at the OS level
(getent , id -a ) Samba
doesn't pickup any supplementary groups when Solaris is configured with
'group: files ldap' in
nsswitch.conf and using it's own native nss_ldap.so.1 but does when
using PADL's nss_ldap?
Everything else is equal.
Do they use/accept different calls or could it be an
2008 Jun 24
2
udevd can't reach LDAP-server during boot
Hi!
I'm using CentOS 5.1 (x86_64) machines which authenticate using
LDAP. At the start of booting I get messages like this:
udevd[1158]: nss_ldap: failed to bind to LDAP server ldaps://ldap.server.example.com/: Can't contact LDAP server
udevd[1158]: nss_ldap: reconnecting to LDAP server...
udevd[1158]: nss_ldap: could not connect to any LDAP server as (null) - Can't contact LDAP
2005 Mar 07
4
Multiple samba servers with LDAP
I was wondering what the best practice is for setting up several SAMBA
servers in a SAMBA domain all on the same LAN. Here is what I am
looking at
PDC: LDAP, Samba, nss_ldap, pam_ldap
Member1: Samba, nss_ldap, pam_ldap
Member2: Samba, nss_ldap, pam_ldap
Member . . . .
Should I set the member servers up with:
Security = domain
and join the severs with net rpc join
or, whould it be better to set
2004 Nov 05
3
dovecot-auth leaves zombies
Hi all,
I have installed and configured dovecot on two different machines, so
I don't have much experience with this server. One installation is
giving me serious problems, that I have a hard time tracing. From the
beginning: the machine is a debian mix (stable/unstable) dovecot
0.9.11, real users authenticated via pam_ldap/nss_ldap. It serves ~70
users, all of them using Outlook, Outlook