t; failed (requesting cctype: FILE)
> Could not authenticate user [vivek%vivek] with Kerberos
> (ccache: FILE)
>
> # kinit vivek
> Password for vi...@squid.biz:
> #
>
> Anything need to be modify on th
d_ccache]
> expiration Sun, 14 Nov 2010 22:27:12 IST
> kinit succeeded but ads_sasl_spnego_krb5_bind failed: Invalid
> credentials
> ads_connect for domain SQUID failed: Invalid credentials
> final write to client failed: Broken pipe
>
>
> any problem with krb configuration ???
>
>
0
> winbind separator = +
> winbind enum users = Yes
> winbind enum groups = Yes
> winbind use default domain = Yes
> winbind nss info = rfc2307
> cups options = raw
> ]
>
>
> Any thing i missed ?
>
>
>
Does /etc/nsswitch.conf hold winbind?
Something like this:
passwd: compat winbind
group: compat winbind
n Debian
Lenny the version of samba is 3.2.5, and this works, which I have
verified on another system.
So the solution to my issue with winbind and Windows Server 2008 R2 is
to upgrade to samba <3.2.0.
On Thu, 2010-11-11 at 09:44 -0800, John Stile wrote:
> I forgot to mention that this AD
I forgot to mention that this AD is 2008 R2, if that makes a difference.
On Thu, 2010-11-11 at 08:12 -0800, Ray Van Dolson wrote:
> On Thu, Nov 11, 2010 at 08:09:50AM -0800, John Stile wrote:
> > I have been using 2003 AD servers for winbind for many years, and now
> > 2008 is ph
I have been using 2003 AD servers for winbind for many years, and now
2008 is phasing in, but I can't authenticate using the new servers, and
I'm not sure what to do. All advice very welcome.
This is a problem for me on both Gentoo (samba 3.0.33) and Debian Lenny
(samba 3.0.24).
For debugging, I
at is really going on here.
On Wed, 2010-11-10 at 08:43 -0800, John Stile wrote:
> The IT department is phasing in new Active Directory servers, during
> work ours, and I need to get all my systems using winbind for
> authentication to switch to the new servers, and hopefully without a
> reb
The IT department is phasing in new Active Directory servers, during
work ours, and I need to get all my systems using winbind for
authentication to switch to the new servers, and hopefully without a
reboot.
I tried to redirect a machine currently authenticating via the current
AD to the new AD, b
I am trying to find a way from the command line to search for a users
exchange email address based on the user name.
This exposed my lack of understanding for 'net ads search'
The man page for 'net' in the search section says "Perform a raw LDAP
search on a ADS server and dump the results. The ex
>
> -Original Message-
> From: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org]
> On Behalf Of Gabriel Petrescu
> Sent: Thursday, July 30, 2009 8:39 AM
> To: John Stile
> Cc: samba@lists.samba.org
On Wed, 2009-07-29 at 22:33 +1000, tsg-samba wrote:
> Hi Volker,
>
> Yes in smb.conf i have:
> winbind enum users = Yes
> winbind enum groups = Yes
getent Shows nsswitch is correct, to resolve ADS users and groups.
getent passwd
getent group
wbinfo Shows winbind is doing lo
I use winbind+AD for single sign-on to many Linux machines,
and the Linux hosts automount home directories on one Linux file server.
I am faced with a need to synchronize the *.tdb files on the file server
with all the Linux machines for consistent UID-to-loginID mapping.
Has this been tried by sh
d
> this problem once ages ago and /think/ that was the fix though my
> memory is fuzzy. :)
>
> (The name of the Directory Services app might have changed too - i'm
> on 10.4 now and can't remember if it was different under 10.3)
>
> ..S.
>
> On 17/03
On my network, when a mac client tries to access a windows share, they
are presented with a dialog box, prompting them for the share to connect
and then the authentication credentials.
However, when a mac client tires to connect to a samba share, it
immediately receive a dialog box with the error
It sure is hard to find info in the documentation/mailing list for a
specific error. If an error log message was created by smbd, nmbd, or
winbind, shouldn't the documentation contain a description, cause, and
possible solution?
Specific case in point:
[2005/08/05 11:31:22, 0]
nmbd/nmb
samba/printers
browseable = yes
read only = yes
guest ok = no
--
._.
| \0/John Stile |
| UniX Administration |
| / \ 510-305-3800 |
| [EMAIL PROTECTED] |
.-.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
TECTED]
(Cannot find KDC for requested realm)
[2004/12/05 15:45:17, 1]
nsswitch/winbindd_ads.c:ads_cached_connection(81)
ads_connect for domain MYFOREST failed: Cannot find KDC for requested
realm
--
._.
| \0/John Stile |
| UniX Administration |
| / \ 510-305-38
On Thu, 2004-12-02 at 13:26 -0800, John Stile wrote:
> Samba is trying to be a member server in an AD in native mode, using
> winbind, nss, and kerberose. There are 3 kdc's (2 are Win2003, 1 is
> Win2000), samba server is RH-AS3 + Samba version 3.0.9 (from samba.org)
> + krb5 1.3
> cannot authenticate to the directory. If I create a Unix/Samba user, that
> user can use the shared directories.
>
> ed
> -Original Message-
> From: John Stile [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, December 01, 2004 4:41 PM
> To: [EMAIL PROTECTED]
> Subje
should i try
another method?
What is the next best setup method?
I am left wondering what the best options are available at this point,
as things seem hopeless.
I have followed steps outline in Samba-3 By Example, by John H.
Terpstra, chapter 9.3.3
--
._____.
| \0/
On Wed, 2004-12-01 at 11:17 -0800, John Stile wrote:
> On Wed, 2004-12-01 at 11:06 -0800, John Stile wrote:
> > I had samba working, then I tried (unsuccessfully) to setup ssh pam auth.
> > Now users are prompted for a password when accessing shares, but no password
> > work
Christian Merrill wrote:
John Stile wrote:
On Wed, 2004-12-01 at 11:06 -0800, John Stile wrote:
I had samba working, then I tried (unsuccessfully) to setup ssh pam
auth.
Now users are prompted for a password when accessing shares, but no
password
works. I am using Redhat AS 3, samba-3.0.9-1
On Wed, 2004-12-01 at 11:06 -0800, John Stile wrote:
> I had samba working, then I tried (unsuccessfully) to setup ssh pam auth.
> Now users are prompted for a password when accessing shares, but no password
> works. I am using Redhat AS 3, samba-3.0.9-1, and krb5-1.3.
> I forgot t
I had samba working, then I tried (unsuccessfully) to setup ssh pam auth.
Now users are prompted for a password when accessing shares, but no password
works. I am using Redhat AS 3, samba-3.0.9-1, and krb5-1.3.
I forgot to backup pam file system-auth before modifying things, so I'm not
sure if
Samba setup as a Member Server in native AD domain with winbind
authenticating AD users for access to shares. My understanding is that
with pam and winbind, domain users can log into the samba server via
ssh, even if they do not have a local user account? Logs shows access
granted but user unkno
On Mon, 2004-11-29 at 17:36 -0800, John Stile wrote:
> On Mon, 2004-11-29 at 16:48 -0800, Jeremy Allison wrote:
> > On Mon, Nov 29, 2004 at 01:26:36PM -0800, John Stile wrote:
> > > I installed samba-3.0.9-1 on RedHat-AS3, configured it as a member
> > > server, and jo
On Mon, 2004-11-29 at 16:48 -0800, Jeremy Allison wrote:
> On Mon, Nov 29, 2004 at 01:26:36PM -0800, John Stile wrote:
> > I installed samba-3.0.9-1 on RedHat-AS3, configured it as a member
> > server, and joined the domain. wbinfo -u and -g work. When I brows to
> > the sam
-devel-1.2.7-28
--
._____.
| \0/John Stile |
| UniX Administration |
| / \ 510-305-3800 |
| [EMAIL PROTECTED] |
.-.
signature.asc
Description: This is a digitally signed message part
--
To unsubscribe from this list go to the following URL and read the
inst
Packets
iptables -A INPUT -p tcp -m tcp --dport 88 -j ACCEPT
# NTP communication, for Kerberose V5 tickets?
iptables -A INPUT -s $ANY -p udp --dport 123 -j ACCEPT
Note: Limiting the OUTPUT rules kills communications to KDC, so I left
it open.
--
._____.
| \0/John Stile |
ription displayName cn objectClass
Sep 21 16:49:06 amanda slapd[19418]: conn=5 op=6 SEARCH RESULT tag=101 err=0
nentries=0 text=
Sep 21 16:49:06 amanda slapd[19418]: conn=5 op=7 SRCH
base="ou=Groups,dc=STILEN,dc=COM" scope=2 deref=0
filter="(&(objectClass=sambaGroupMapping)(gidNumber=65534))&qu
On Mon, 2004-09-20 at 17:19, Igor Belyi wrote:
> John Stile wrote:
> > smbclient -L localhost -Uadministrator%not24get
> > begin smbclient -
> > session setup failed: NT_STATUS_LOGON_FAILURE
> > --
32 matches
Mail list logo
