CentOS 5 Server :: Netlogon For Windows Authentication Isn't Working?
Jun 15, 2009I am using Samba on the lastest CentOS 5 64bit however the netlogon for windows authentication isn't working.
View 18 RepliesI am using Samba on the lastest CentOS 5 64bit however the netlogon for windows authentication isn't working.
View 18 RepliesI have Windows 2008R2 Server acting as Domain Controller for Windows7/XP clients. and CentOS 5.3 Installed configured as Samba Server, I want to make it as ADS member server so any user to login to any machine, and be able to access their Samba share.
View 3 Replies View RelatedI have to create a script that will run only for a specific group. It is a very simple script, so to map the folder, it happens that only that group will be mapped folder. Look what I've done:
[Code]...
Corded that way, but can not be this way, the folder must be mapped to only one group, i have to do scripts for other users, groups, and a script for everyone.
Pretty much as described in the thread title. I'm running RHEL6 on both the server and the client.I followed Red Hat's own instructions to set the kdc upI have a user called krb, that has been added to the KDC and I can get a ticket from the KDC, by using
Code:
kinit -p krb
If I then try to log in to the KDC, from the KDC, with
[code]...
I already have this setup working in a debian server but I would like to setup the same in CentOS 5.3. I just copied all the configuration files to the CentOS server but I'm getting the following errors in messages:
vsftpd: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)...
vsftpd: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)...
crond[24483]: nss_ldap: reconnecting to LDAP server (sleeping 4 seconds)...
crond[24483]: nss_ldap: reconnecting to LDAP server (sleeping 8 seconds)...
crond[24483]: nss_ldap: reconnecting to LDAP server (sleeping 16 seconds)...
crond[24483]: nss_ldap: reconnecting to LDAP server (sleeping 32 seconds)...
[Code]...
I'm running freeradius2-2.1.7-7.el5, on CentOS 5.5. I have gotten all of the authentication setup for active directory and I know that the machine is able to pass requests along to our AD server. However it doesn't appear that freeradius is doing the same. I have been looking at the attached radius -x output for about 2 days now and I have done a ton of searching and have come up relatively empty handed.
View 3 Replies View RelatedI am being asked to stand up a dedicated mail and web server in a network that runs Active Directory 2008 domain. All users are running Windows XP and or Windows 7. I have stood up two dedicated Linux servers (64-bit) for the requested tasks and everything is working perfect except for the fact that users now have three individual passwords:
1. Windows domain login credentials
2. Postfix / Dovecot (email) credentials are the Linux shell login (set to /bin/false)
3. Apache / Intranet access is used from a '.htpasswd' file
Does anyone recommend a way that I could somehow synchronize the users mail & web credentials with their Windows / Kerberos credentials.
I am re setting up a server of mine running red hat enterprise Linux server 6 and I had all of this working befor but for some reason I had troubles getting sasl to work and now when I login my smtp server I get an error stating that my username or password is incorrect though I am sure I am entering both correctly. Would anyone know what could be happening? I have been spending days on the web looking for the solution and only went from sasl not working when started as a service to this. For some reason I can't use Pam with saslauthd and had to use shadow instead of which from what I hear I get to use better methods of secure authentication with smtp
View 2 Replies View RelatedI am trying to set up Apache and Webmin so that I can access Webmin by going to [URL]. I am using the direction at [URL] under the "Webmin In A Sub-Directory Via A Proxy" section. I had this setup working before, but I think an update of either Webmin or Apache broke it. Now, I can go the the webpage and I see the login screen. However, when I try to log in, I get an error.
Quote:
Error - No cookies
Your browser does not support cookies, which are required for this web server to work in session authentication mode I have tried adding the ProxyPassReverseCookieDomain and ProxyPassReverseCookiePath directives to my virtual host config file, but it still doesn't work.
Quote:
# webmin
ProxyPass /webmin/ http://localhost:10000/
ProxyPassReverse /webmin/ http://localhost:10000/
[code].....
I'm try to start certificate authentication from my web site..
vhosts.conf for httpd:
<IfModule mod_ssl.c>
<VirtualHost 127.0.0.1:443>
ServerName ca.asu
[Code].....
How do I turn winbind authentication off or vsftpd. I keep getting these error messages in the /var/log/ secure:vsftpd: pam_winbind(vsftpd:auth): request failed: No such user, PAM error was User not known to the underlying authentication module (10), NT error was NT_STATUS_NO_SUCH_USER.I already tried remarking out different things in the config files. Is it safe to remark out the winbind stuff in /etc/pam.d/system-auth if we are using the smbclient to connect to a Windows share?Why would you want to to use AD to authenticate users for something simple like FTP is beyond me.I merely want it to authenticate against local system users.
View 3 Replies View RelatedI am trying to install openssh server with public key authentication on CentOS.
But i am getting following error message: Disconnected: No supported authentication method available Server refused keys
My sshd_conf file is as follows:
I am administrating a server with CentOS installed. It came with qmail and courier-imap preinstalled, and Plesk.I need to manually add email accounts outside of Plesk, because my 1-domain Plesk license only allows the creation of one email address (yes, it sucks).
When I say add email account I mean creating a new email address, have email for that address be stored in its maildir, and have a corresponding imap (and hipefully also pop3) account that will be able to read that mail. All this with virtual domains.I've already found out how to create the new email addresses for qmail, so that email for the new email address is being delivered correctly. Now I need to create the imap/pop3 accounts for courier.
For the qmail part, I create a folder in in /var/qmail/mailnames/virtualdomain.org/username and a maildir called Maildir inside it. This is how the first mail address was created by Plesk and i'd like to maintain the same structure. As I've said, the qmail part is already working, I need to get the courier-imap part to work. Ideally, it should accept login with both short (i.e. myuser) and long (i.e. myuser@virtualdomain.org) user names.
Currently the only authentication module that is enabled in courier-imap is authpsa, which is Plesk's authentication module.in order to add more authentication modules, do I just need to add them to the authentication module list in /etc/courierimap/imapd, or do I need to reinstall courier-imap with support for such authentication modules? I thought I would only need to add them to the list, but I've noticed that the /usr/lib/courier-imap/authlib/ folder only contains a binary called "authpsa". Does that mean that other authentication modules are not even installed? If so, can I install them without reinstalling courier?
The second question is, what would be the most recommended authentication module that would make it easiest to create new email addresses/accounts from the command line? I need to be able to write a shell scripts capable of creating a new email address with all that is needed, and I'd like to keep this script as simple as possible, so for example I'd avoid mysql-based authentication as it sounds rather complicated. And the last question is, if I do need to reinstall courier-imap, how can I install a package without recompiling it? Will my one existing mailbox keep working?
I've been searching around the web for help and have been really pulling my hair on this one. I have a Windows 2003 Server w/ AD on it. I have two linux machine, both running the same version of RHEL 5 (compute-1, compute-4)
When I log into compute-1, and do an "id dhuynh", I get this:
uid=1501(dhuynh) gid=1500(domain users) groups=1500(domain users),2013(dusers),1501(certsvc_dcom_access),1507 (BUILTIN+users)
When I log into compute-4, do do the same command, I get this:
uid=1500(dhuynh) gid=1504(domain users) groups=1504(domain users),1505(certsvc_dcom_access),1501(BUILTIN+user s)
Notice that the uid and gid are different. How do I get them to be the same? This is affective the file permissions in certain shared directories. I've check /etc/samba/smb.conf and they are identical. I also check /etc/nsswitch.conf and they are identical too.
i have a small issue, to make our network more secure, i now require outgoing email to require authentication. Now the problem..i have a automated mailer that does not have the option to authenticate. is there a way to allow a certain email address or the local network to send out without authentication? If i cannot do this for a single email user to allow them through with authentication, how would i remove the authentication paramaters in the postfix smtp..
View 2 Replies View Relatedsetup user authentication server and internet accounting server like ISA and Active Directory in Windows?
View 4 Replies View Relatedi want to authenticate user (client) via switch to the radius server(CentOS)Can anyone tell me the authentication/authorization configuration that should be made in the switch (huawei) and the radius server(centos).Esp. the main files under /etc/raddb/ in the Server& the configuration to be made under the radius server template "test"( as of my case)...
View 1 Replies View RelatedIts 2 weeks i'm trying to configure freeradius2 on centos5 64bit after installed it from yum.all seems working, but i cant authenticate unix users.after digging in many sites its simply cant find user name and password ( ++[unix] returns notfound )Also how can i paste here all the radiusd -X log lines? i can't find any
radius.log file.
I have a problem with ldap client authentication in ubuntu. I am using rhel5 as openldap server and I configured ubuntu as client, when I am trying to login the following message is coming."su: Authentication service cannot retrieve authentication info. Sorry"
But when I do search through "ldapsearch" command output is coming without any errors, Can anybody explain what would be problem.
is it possible to join Windows Server 2003 to CentOS 5 Cluster?
View 1 Replies View RelatedI have a network and am using squid proxy with authentication I want to create another subnet without authentication.
View 1 Replies View RelatedHow to control a windows system by using linux server i know linux is a cross flatfarm. But how to Authenticate windows system like in windows we use AD for user authentication.
View 3 Replies View RelatedI got a problem with my CentOS server. Somebody told me OpenVPN Requires different changes inside my firewall settings. That could be the problem why openvpn wont load..I receive this error on my CentOS panel when im trying to connect into the centos openvpn (with my winxp pc):
Thu Sep 17 20:31:36 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
Thu Sep 17 20:31:38 2009 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Sep 17 20:31:38 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
[code]....
first of all, ill provide you with the package name i got [URL]...i went to /usr/src/redhat/SOURCES/bwbar-1.2.2 did ./configure ; make
then i get this problem : [root@server bwbar-1.2.2]# ./bwbar ./bwbar: /usr/local/lib/libpng12.so.0: no version information available (required by ./bwbar) i have installed libpng & libpng-devel
[Code]...
after looking around a bit i thought it would be better to get the sources from kernel.org directly and try to compile that one, but then i found it to have the exact same error. would be very nice if someone could direct me to a solution for this. i have the bwbar already installed on another server which runs CENTOS 4 , i installed it there AGES ago , so i dont really remember what was my method back then.
the CENTOS 5 server dose not like me installing bwbar on it for some reason. maybe its bwbar's fault?, im no coder so i hope anyone that got a clue could check this out for me.
I installed the latest version of Centos 5.4.It came with Xen version 3.0.2 I think.I am running it on a Dell R510. It supports hardware virtualization.I was able to virtualize Windows XP and Windows 2003 server on it by selecting the install from DVD option.I was having problems trying to get a PCI DekTek card seen by the virtualized Windows domains so I tried to upgrade XEN to 3.4.2.I used the repos available from Gitmo and it went easy.
The only problem is now that when I try to create a "New virtual host" it only allows me to use HTTP, FTP option and not the iso or DVD option. They are greyed out. I was wondering if anyone has had this problem and might know a work around for the Xen 3.4.2 problem. Perhaps a better location for the kernel or something.
I'm experimenting with CentOS DS and have a question.Is it possible to attach windows xp machines to a CentOS DS? If so, how?!I think I've skimmed most of the documentation out there. Did I miss something? Is this not what the DS was designed to do?
View 4 Replies View RelatedHave installed Centos5 in SUN VirtualBox with Windows XP as host as a safeway to familiarize with Linux.The system works well,except I cannot get my printer to be recognized (Canon MP170),which is working on Windows.Is there any Command line instructions which will fix this,or any other solutions?
View 5 Replies View RelatedI have been setup a PDC with samba+ldap, is working, smbldap-tools working, I can create users, add machines, etc, really cool.Now I have seen MDS from Mandriva, cool tool to handle my network, I try to setup MDS, but looks like something is not good. I have follow the instructions from their site, I access the web page, but went I input my username + password my browser wait for ever and never receive any answer. It suppose that u have input the LDAP username and password from the admin. I had run the mmc-agent daemon as stand alone to see what is doing, but I see any issue:
/usr/local/sbin/mmc-agent -d
mmc-agent 2.3.2 starting...
Using Python 2.4.3 (#1, Jul 27 2009, 17:57:39)
[code]....
I've got Cent 5.6 using centos-ds.x86_64 8.1.0-1.el5.centos.2 installed via yum.
I turned on the memberof plugin, here's the section from dse.ldif:
I'm currently messing with the value on memberofgroupattr. The only thing that seems to do anything is with it set the way above, in the error log I get:
So if I'm understanding, it's trying to mod the user entry and the attribute isn't allowed.
Setting the memberofgroupattr to anything else gets me nothing noticeable. ldapsearch isn't showing memberof:
I've run the fixup-memberof.pl in /usr/lib64/dirsrv/slapd-hostname and I get:
I'm using ldapadmin from a Windows box to assign/delete people from groups. What I'm a little confused on is the difference between a group and a groupofuniquenames. I also see a difference when using the web gui (directory server gateway) in users. The gateway creates and entry while in ldapadmin I'm creating users. Not sure how that factors but the memberofgroupattr relies on what object class it is and I'm obviously trying the wrong things or something is busted elsewhere.
The error log isn't showing any other errors.
I can restart dirsrv just fine, nothing funny in the log when I do that:
I'm no expert on DHCP. My problem is that i have a CentOS 5.5 server on which i want to install a DHCP server. I have two NICs where eth0 has access to the internet and where eth1 should act as an DHCP server.
I have installed dhcpd and this is how my dhcpd.conf file looks like.
Code:
ifconfig looks like this
Code:
When i start dhcpd on eth1 i get no error messages but when i connect any devices to eth1 they don't get any IP. I cant find anything in any logs about devices trying to get an IP address. I dont have any firewall rules in iptables.