Its 2 weeks i'm trying to configure freeradius2 on centos5 64bit after installed it from yum.all seems working, but i cant authenticate unix users.after digging in many sites its simply cant find user name and password ( ++[unix] returns notfound )Also how can i paste here all the radiusd -X log lines? i can't find any
radius.log file.
I'm running freeradius2-2.1.7-7.el5, on CentOS 5.5. I have gotten all of the authentication setup for active directory and I know that the machine is able to pass requests along to our AD server. However it doesn't appear that freeradius is doing the same. I have been looking at the attached radius -x output for about 2 days now and I have done a ton of searching and have come up relatively empty handed.
View 3 Replies View RelatedIn what cases would a user appear in /etc/shadow and not /etc/passwd
View 2 Replies View RelatedI deleted root from passwd and shadow file.Can I crate a new root user?
View 1 Replies View RelatedWhat is the easiest way to replace a hash in a shadow file for one particular user, not using passwd, and when the current password is unknown?
View 3 Replies View RelatedI want to create a simple website which can communicate with unix server.For example i want to run some command on a unix server through a website.
View 10 Replies View RelatedI have a centos 5 system with openldap configured. I need openldap for simple user authentication. ie.. to be able to use it for authenticating it from remote applications and systems like mail clients...etc.
I was able to succefully install and configure openldap and ran a slaptest to verify the slapd.conf file for errors and found none. so now all i want to do is to add username and passwords to the ldap database.
iam just not sure what all objectClasses i need to use for Attributes uid and userPassword and what exactly should be the ldif file syntax for the above entries. I tried various sources but i do either get errors while adding or after adding do get errors trying to access it.
above all, iam able to access the ldap server from my phpldapadmin only as a anonymous user and not as a root user that i added as a first entry.
I am bulding my own image based on 2.6.32 kernel, I wish to add a guest user:
In a script thats invoked by the makefile, I use 'useradd' command & this updates the shadow, passwd files under /etc on the host, is it possible to tell the command to create the shadow / password under some other folder on the host? may be /tmp?
I am trying to write a remote access module. Is there any function in linux where I can give string (password entered by user) and compare it with the actual user password stored in /etc/shadow. Since the password is stored encrypted in /etc/shadow I cannot parse and compare. So I want some method to compare if my user entered the correct password..Is there any function for that..
View 6 Replies View RelatedI'm using postfix with unix accounts for a while now and I just realized today that SASL authentication, instead of working only with the USERNAME, it also works if the username is followed by ANYDOMAIN.COM
So, let's say I have the following UNIX users: tim, mike, john. If I set the Outgoing Username:[URL]..(where whatever.com can be any name you can think of) IT WORKS, even though it shouldn't, it should only work with tim, mike and john without any domain name. Does anyone know what might cause this and what's the workaround to this problem?
I'm currently trying to set up FreeRADIUS with DaloRADIUS and I'm stuck at FreeRADIUS getting clients (as NAS-es) from the MySQL database.
FreeRADIUS will no longer start after uncommenting the following line in my /etc/freeradius/sql.conf (which is supposed to let it use the MySQL database):
Code: Select allreadclients = yes
I have ran "freeradius -X" to find out what's going on with this output:
Code: Select allrlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (sql): Attempting to connect to radius@localhost:/radius
rlm_sql (sql): starting 0
rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
rlm_sql_mysql: Starting connect to MySQL server for #0
[Code] ....
So it seems that the radius user is not authenticated. However I have verified that the login details I entered in my sql.conf are the correct ones (I even tried manually logging in with them and it worked).
how to install freeradius with dialup admin support on CentOS 5. .
View 1 Replies View RelatedI am trying in debian 8.2 but i am not found packet libapache2-mod-auth-radius whereas i have been include dvd1-3 debian and dvd1-2 update debian in my system. Where is that packet stand?
View 1 Replies View RelatedI have been working on Kerberos and Ldap Authentication on SUSE 11.3.
I was successful with Kerberos authentication and had no issue. then i moved to configure LDAP as i want to configure this authentication method for APACHE server.
Now after configuring ldap and pam, I am able to check the command 'getent shadow' with no issue and this command lists all the users of that OU too. but when i try getent passwd or getent group , it results nothing but local users.
I am implementing BigFix tool, for UNIX I need help to create script for installation of BigFix client on *nix systems. I am thinking to install BigFix using a script which will install correct version of BigFix client, is there any script available or what i need to do create a script for this taskOr Is there any Open source tool available to installation of this kind of thing on *nix?
View 1 Replies View RelatedHow to control a windows system by using linux server i know linux is a cross flatfarm. But how to Authenticate windows system like in windows we use AD for user authentication.
View 3 Replies View RelatedI have LDAP server but I'm not admin. When I type: ldapsearch -x -b "ou=2007,o=faculty" "cn=7username"
View 11 Replies View Relatedthe custom-yum.sh script (or, whatever you say ) below:
#!/bin/bash
## Mounting CD/DVD ##
echo "Mounting CD/DVD in /media"
mount /dev/hdc /media
[Code].....
I am trying to deploy a very simple file server in my company's network.The goal is just to have a file server with DAT backup, nothing more.I managed to configure Samba to show a share visible in the Windows network, with free read and write to everyone. For this I configured "Autentication Mode = user", and read/write access to all users in the specified share.
Of course, I would like to have the possibility to establish permissions based in AD-users. For that, I tried to add my CentOS machine to AD.I followed the guide in:
[URL]
I can get the kerberos "kinit" command to autenticate in Windows AD: I can access the Windows machines in the network as administrator and "klist" shows the valid ticket.But, when trying the "join", I always get the "No logon servers" error.I googled around for this, and it seems that this is a common error and there is no "magic approach" for it...
So, my questions are:
- Can this be achieved only by the Samba configuration tool (Gui)? I think not, as we need to change kerberos settins
- What would be the correct settings for krb5.conf?
- Are there any other services/files needed to adjust?
I have two web servers. One is active and one is in reserve. I keep the user data (web pages) in sync by running rsync every 10 minutes or so. This copies any changes from the active machine to the reserve machine. But, it's slow, only gets changes every 10 minutes, bogs down the disk, does strange things to files that are changing during the rsync process etc...
I want something that will automatically copy any changes from the active server to the reserve server as they are made. IE I hit 'save' on the active server, it copies the file to the reserve server. Simple!
I've been looking around and I see GFS which is really vastly more complicated than I need. I'm happy with read-only access on the reserve host, so I don't need distributed lock management.
I could theoretically implement this by setting inotify watchers on every file and running an SCP or rsync command when a file gets saved. So, it can't be that hard.
I do not need a true networked file system, as in something I mount over the network. I just want something to keep my disks in sync.
I trying to set up a LDAP server using openLDAP / db4. The server runs fine but I cannot get the client to work. Client and server are on the same machine, as for now. The problem seems to be in PAM. However I cannot start the system-config-authentication tool which should do the trick.
Environment
=========
CentOS release 5.4 (Final)
Software
======
authconfig-gtk-5.3.21-6.el5
system-config-securitylevel-tui-1.6.29.1-2.1.el5
system-config-network-tui-1.3.99.18-1.el5
[Code]....
following situation and configuring authentication for Windows users on my CentOS clients please:IHAC WIN2003 R2 Domaincontroller with ALL my users and groups maintained there. For Usermapping (SID to UID/GID) I want to use IMU which is included with WIN2003 R2 srv and extends my Active Directory schema for UID, GID, NIS Domain etc. I want now authenticate my Windows users on my CentOS clients via their "domainnameusername" and passwords on the CentOS clients.
I also have a NAS server which has usermapping integrated and resolves the Windows SID's to the UID/GID's configured within the IMU schema extensions. Now I have no idea to setup my CentOS clients to use winbind, PAM and LDAP (IMU supports LDAP queries for UID/GID resolving) WITHOUT needing any Samaba Server or functionality.
* Do I need to configure the smb.conf file because my usermapping is done on the NAS Server and I want to resolve my Windows Users/Groups UID/GID's from IMU via LDAP?
* Do I (just) need to Join the AD (2003 native) or even using Kerberos with generating ktpass.exe keytab files (what is needed/recommended and what is the difference?) Can I authenticate the users without using Kerberos?
For e.g. my username is "domainuser_a" and within the IMU the UID is set to "12345", I don't want Samba/winbind to do usermapping again based on the configured values in the smb.conf file. Some hints would be really nice for me to understand how exactly it works and what is needed...
Is it possible to set up slapd to authenticate users using a simple name instead of a dn?
View 1 Replies View RelatedI maintain a samba PDC for a small business, our current setup does not work very well; on a hardware upgrade I directled imported the old ldap database and attempting to add machines to the domain causes all sorts of trouble.
I'm 95% sure the original database (which predates my employment) was created using the idealx smb-ldap tools, unfortunately on our current platform (debian lenny) these tools seem to be broken; the only things hey seem to do reliably are set passwords and add posix users, asking them to do anything involving samba/windows causes errors. The idealx tools seem to be abandoned, and I don't know enough perl to try and fix them.
Since the idealx scripts seem to be abandoned, and most of the good samba+ldap how-tos references the idealx tools, I was wondering what people use nowadays to manage there ldap directories; surely they aren't importing .ldif files to add new users/machines like I've been doing. Are people just writing thier own management scripts/web-apps? Or are the smb=ldap tools just broke on debian?how to generate the NT/LM password hashes and proper SIDs, does anybody have anything they could point me to about this?
I have setup a Centos5.5 VMWare guest with Samba and Winbind for Active Directory integration, using GUI tools. Authentication works flawlessly, with automatic home directory creation. What I want to achieve now is using local UNIX groups to controll access to shared folders, to avoid bothering AD administrators with groups management. This is my smb.conf global section:
workgroup = COGITANS
password server = domainserver.hq.cogitans.it
realm = HQ.COGITANS.IT
security = ads
[code]....
'finance' is a local UNIX group where I added user 'COGITANSalberto' (I also tried with 'alberto') as a secondary group (primary group is 'domain users' and it cannot be changed). I am sure the user is added, because it is listed in 'getent group'. If I specify user COGITANSalberto in valid users it works, i.e. only that use can access the share, the others get a NT_STATUS_ACCESS_DENIED error. But if I use +finance, access is denied to everybody, and this is the log:
[2010/09/11 14:12:37, 10] smbd/share_access.c:user_ok_token(211)
User COGITANSalberto not in 'valid users'
[2010/09/11 14:12:37, 2] smbd/service.c:make_connection_snum(617)
user 'COGITANSalberto' (from session setup) not permitted to access this share (finance)
[code]....
It seems like winbind cannot recognize finance as a local group. For the same reason, I guess, 'force group = finance' does not work either (files are created with 'domain users' group ownership). My /etc/nsswitch.conf:
passwd: files winbind
shadow: files winbind
group: files winbind
Grants and ownership on the '/repositories/shared/finance' folder are
root:domain users with permissions 775
I am having a time at trying to get a simple FTP setup to my Var/www/html folder for my canned Joomla website. I can log in anon with no write permissions, but it will not log in using any users I have setup on the server. I've googled a bunch, but nothing to correct my 530 authentication failure when I try to log in as one of my user accounts for the server.
View 2 Replies View RelatedI already have this setup working in a debian server but I would like to setup the same in CentOS 5.3. I just copied all the configuration files to the CentOS server but I'm getting the following errors in messages:
vsftpd: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)...
vsftpd: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)...
crond[24483]: nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)...
crond[24483]: nss_ldap: reconnecting to LDAP server (sleeping 8 seconds)...
crond[24483]: nss_ldap: reconnecting to LDAP server (sleeping 16 seconds)...
crond[24483]: nss_ldap: reconnecting to LDAP server (sleeping 32 seconds)...
[Code]...
Im having a lot of trouble configuring freeradius for Ubuntu. I have freeradius installed but Im having trouble finding any information on how to edit the configuration files to create users and be able to WPA2 Enterprise. The wireless router that I am using is an Linksys WRT54gl.
View 2 Replies View RelatedI made a system in CentOS5.5. I used Tomcat6 and PostgreSQL. But I couldn't enter my system. There are some error. And I don't understand what kind of error this.
JDBCExceptionReporter.logExceptions(100) | SQL Error: 0, SQLState: null
JDBCExceptionReporter.logExceptions(101) | Cannot create PoolableConnectionFactory (FATAL: Ident authentication failed for user "postgres")
"postgres" is username.
Is anybody knows anything about this error message.
I'm try to start certificate authentication from my web site..
vhosts.conf for httpd:
<IfModule mod_ssl.c>
<VirtualHost 127.0.0.1:443>
ServerName ca.asu
[Code].....