Fedora Networking :: Creating Network User Accounts And Enforcing Their Use?
Nov 8, 2009
I have a small office network here which consists of three machines running Fedora 10 and a dev server running CentOS 5.2. I have no Windows machines, and have no intention of having any. I would like to use the CentOS server as the Linux equivalent to a domain controller in Windows. Use case is simple - I will still have a local root account on each machine, obviously, but I want the three staff users to be network accounts. I want them (like a Windows domain) to be able to login on any computer using their network user credentials and *not* have local credentials on any computer.
I've been Googling like mad on this, but I can't find a definitive answer or a sensible HOWTO for this use case in Linux. Others have suggested I do it all in Samba, but I cannot find an example Samba configuration that behaves as I describe above. Another article I found suggested OpenLDAP.I'm lost. What's the best way to do this with a CentOS controller machine and Fedora 10 workstations? Can anyone point me to some good resources on the matter?
View 4 Replies
ADVERTISEMENT
Feb 21, 2011
I am looking at creating two user accounts for "contract system admins"..These guys will be performing sys admin duties for a sever -- however, I am still concerned about security of data. For example, the server contains password information for our database, etc.Besides making them sign an NDA, etc. what other security mechanisms could I put in place to ensure that they don't just go buck wild. For example, when someone makes a sudo command, is this logged?
what are some recommendations for general security practices?
View 1 Replies
View Related
Aug 11, 2015
I'm configuring a fresh install of Debian 8 and I'm having a problem creating new user accounts, using XFCE.I'm using the console for setting new user accounts, without any problems yet when I log in the user accounts to check if everything is ready to use I get a persistent message from the system warning the session is in kiosk mode.I've went through several step by step guides I've found over the net, went to the XFCE wiki trying to find an answer for this, with no success. I've even tried deleting user accounts and recreating it but the problem persists.
View 4 Replies
View Related
Jun 29, 2011
Currently I am trying to get some fedora shares to simply connect to each other to access a read-only shared folder on a host machine (no security/encryption even required for these files!). I've tried to get a smb network share going but that didn't work (can't connect with nautilus), I've tried a quick fix with daap and rhythmbox so that they can at least access the music, but rhythmbox fails very miserably trying to connect/create that (and mt-daapd didn't help much) - Basically I get errors saying the host is unreachable.
I haven't even set up a firewall yet for this network and already I'm running into these fundamental problems. Currently I'm using Fedora 15. On a whim I tried the "public" folder and had sharing of the public folder over the network enabled - yep, didn't work (and I certainly didn't expect it to). I would be trying some more advanced CLI stuff, setting up an ssh server or something, but the computer-challenged people who have to access these files just want to be able to click something and have it work.For the operational requirements of this setup, a file synchronisation system would work (although highly inefficient since it would mean gigabytes sent over the network).
View 4 Replies
View Related
Jul 29, 2010
I setup samba file sharing to auto mount in fstab. Everything works great except when a computer has more than on user account.
The folders in mnt are owned by root and ownership changes to the first user account no matter what user logs in. So only the first user can edit files in the mounted share.
Anyone got a clue why this is happening? Seems the mount folders should be changing ownership to the user that is logged in.
View 2 Replies
View Related
Jun 8, 2010
I have network with Kubuntu server with 5 pcs all of them are using windows XP. The network is already designed for sharing files and folders. I have to create a new user and a share folder, also given permission to that user to access this folder. Now when I try to map it gives following error "The network folder specified is currently mapped using a different user name and password, first disconnect any existing mappings to this network share"
View 2 Replies
View Related
Sep 25, 2009
way to automate adding and removing users from 10 different Fedora 7 servers. We use them as print servers and our users have a user name and password to authenticate with when printing. We also use Samba to talk to a W2k3 server that tracks and charges the users for what they print. The set up was done by a vendor and after 6 months of being in production the scripts they created has flaws.
I need a way for a script to run as often as possible that will remove, change, or delete user accounts from the servers and from Samba. how to most effectively achieve this?
It would be ideal to have a file that gets written to when a change needs to be made then a script to make these changes?
View 1 Replies
View Related
Jan 1, 2011
My Linux is Fedora release 13. I found there are a few users created not by me. I am not sure if the system got hacked somehow. Then the hackers created these users, i.e. (1) oracle, (2) exim, (3) test, (4) cox. I tried to delete all of these four users by using "usrdel" command but the system said "I cannot delete these users as the users are logging in". If my system got hacked ?? or these users are created by the system itself?
View 8 Replies
View Related
Apr 9, 2010
I'm having a CentOS 4.4 X86_64 server. Without any warning all users account including root got disabled. As the server was still logged in as root, i was able to enable all the users account. But for root i couldn't.Without thinking i rebooted the server and except root, other users can log in to the server. I should've tried to enable root account from the /etc/passwd. But now i realize its too late for that.Now i want to change from root: x:0:0:root:/root:/bin/false to root: x:0:0:root:/root:/bin/bash. Can anyone guide me to accomplish this or is there any other way to fix this?
View 2 Replies
View Related
Mar 16, 2011
I am trying to create users accounts reading from a file. I can get it to show if the user already exists but I want it to instead of not creating the user account to create e.g. Scott1 etc.The code i have so far is :
#!/bin/bash
while read line
do
[code]...
View 4 Replies
View Related
Apr 30, 2011
I tried to log in to my xguest account and it asked for a password, which it shouldn't, so there's a problem with SELinux.When I type getenforce it says it is disabled, yet when I go to /etc/selinux and look at the config, it is in enforcing mode and not commented out, type is strict.When I go to the SELinux management GUI I can't change the current enforcing mode and it's set to disabled and default to enforcing.
View 2 Replies
View Related
May 31, 2010
I'm working with a Ubuntu 10.04 LTS system with two network interfaces (both Ethernet). I wish to setup this system such that it is simultaneously connected to my local and an OpenVPN network and able direct traffic between the connections depending on what program is sending the traffic. The problem: Under my current OpenVPN configuration all network traffic is directed to the VPN.
My OpenVPN config file (some details omitted)
--remote [gateway ip] # vpn12 load:
--remote [gateway ip] # vpn11 load:
--remote [gateway ip] # vpn15 load:
--remote [gateway ip] # vpn16 load:
[code]....
In practice, I would like OpenVPN to operate out of one of my two network interfaces and leave the other interface connected to the local network. Then by default all network traffic should be directed to my local network unless I specify (on a per program bases) that certain traffic should go though the VPN. These two network connections can (should) stay completely independent of each other and do not need to talk to each other.
View 2 Replies
View Related
May 21, 2010
I am having fedora 12 with php and mysql rpms installed on my computer.. but I am unable to log in...nether create an user?
View 3 Replies
View Related
Jan 16, 2010
I installed fedora 12 Constantine and the install gets to the point of rebooting once it's done with the reboot it goes right in to the login without creating a root account or a user account.How can I solve this issue, there has to be like 3 or 4 solutions to this problem I'm just new to linux.
View 3 Replies
View Related
Aug 7, 2009
I created a user and I want the particular user in multiple groups. How Should I and after creating the user,If I want to delete that user from a particular group.
View 1 Replies
View Related
Nov 18, 2010
Have been configuring fedora 14 to connect to a windows domain server and have been successful so far....am now on mapping network drives when the user logs in via the gnome gui.
If there is a better method of mapping network drives on login
After reading up on PAM_MOUNT and using that for mapping drives on login I have been able to successfully map them, but it doesn't do this automatically on gnome login.
Problem is as follows: It works when i connect / login using the terminal but requires me to enter the password once (even when i logged into the user account on gnome).
How I want it to work:I would like the mapping to occur when i login via gnome so that i dont have to open a terminal once logged in to gnome to map the network drives. I would like it to login without having to type the password again as the user is already logged in
Config Files:
#--- ~/.pam_mount.conf.xml ---#
<?xml version="1.0" encoding="utf-8" ?>
<pam_mount>
<volume fstype="cifs" server="GRA.GI" path="apps" mountpoint="/mnt/GRA.GI/apps"/>
</pam_mount>
[Code].....
View 2 Replies
View Related
Apr 25, 2010
i've installed directory server in a fedora 12 box, i got it running and i can access it using coldfusion to manage users and groups.i hit a snag when creating a user, this because coldfusion cannot generate a password, the directory server needs a certificate and a ssl connection.so i started googling for a way to generate and install a certificate on the server itself and in the directory.s is my administration server and directory(it's novabase directory) not the other one.
View 2 Replies
View Related
Nov 19, 2009
I have some novice to intermediate programming skills from a past life. What I want to do is create a program and run it on two separate computers to just get them communicating together over the network on a basic level. I would like to do this in a language that doesn't limit me to a specific OS, this way I can have a linux and windows computer talking. However, I would prefer a language that can be useful down the road as well. My second inspiration, next to networking, is web design and web programming, which I hope to dig into as well eventually.
I'm not aiming to do anything overtly-complicated. One example that comes to mind would be a program that forwards any typed characters on one computer over the network and displays them on the other, and vice-versa. I guess the program would run over TCP/IP. However, it would be nice to learn how to do this in a language that not only works on multiple OSes, but also has the ability to allow me to program my own communication protocol, aside from TCP/IP, down the road. My intention with all this is to learn some network programming for fun.
View 11 Replies
View Related
Feb 6, 2010
I'm installing a new laptop for a friend of mine and he wants 3 user accounts, similair to how he runs his windows setup.
1, an admin account, we have called this account peacemaker.
2. his account
3. an account for his girlfriend.
The problem we have is that if we want to do anything from the terminal that requires elevated priviledges, sudo does not accept his password or that of peacemakers. we have done sudo -i -u peacemaker but it still doesn't accept either password, stating his account is not in the sudoers list.
I'm not a massive expert here, but research brought me to this page:[URL]... But that then just means his account has admin rights, which is what we were trying to avoid. We wanted a setup similair to windows where if you want to run someting with elevated privledges if pops up asking for the admin password. This works in the gui, but not in the terminal.
So in short, my question is, is there anyway of having the terminal accept peacemakers user rights from the his normal user account? If I add the account to the sudoers list like it suggests, does this again just give his account the prilvedges rather than saying supply me with the password for peacemaker.
this is probably not really needed and he can just have his account as the main user, but coming from a windows background, he would prefer the 3 user accounts model (2 normal users, 1 admin)
View 4 Replies
View Related
Apr 8, 2009
I have a windows 2003 active directory and dansguardian transparent web filter. I want that dansguardian filters according by whom is logged on the workstation. Can this be possible?
View 2 Replies
View Related
Aug 19, 2009
We have a web server and are trying to meet a clients requirementes around accountability.Basically, everything in the system should be accomplished using user accounts that are individually identifiable. So basically, no root user, since that's anonymous.So how should we set up these user accounts?Being administrators, we want them to have easy access to files not owned by them, such as ones uploaded using FTP accounts or via apache.We want to be as secure as possible though.
My current thought is to add them to the root group so they have full read access throughout the system, and add them to sudo, but I worry that gives them too much control.
View 3 Replies
View Related
May 11, 2010
I am using an Ubuntu 64 bit desktop. I need to create a network (the way you create a workgroup in windoz). I have two other machines running Ubuntu also and all connected to a 3-Com switch through ethernet. I would prefer not to use DHCP, and just have a simple network where I can share resources like drives and printers.
View 3 Replies
View Related
Apr 26, 2011
I am trying to set up a network like this:
Internet <---> Router <---> Debian server <---> Windows PC
I want the server and PC to both have internet access, and I want to be able to forward ports from the router to the server. I know how to configure the server to give the PC internet access, but how would I assign an IP address to the server and give it internet access? I have used a very similar setup a few years ago, but I can't remember how to do this.
View 5 Replies
View Related
Feb 28, 2010
I'm using ubuntu and i need to know if it is possible to make a "prototype" account that sets the defaults for new users when a new account is made. How would i go about doing this. I would like to have the same start up programs, panel, themes, background, etc...
View 6 Replies
View Related
Dec 7, 2010
Is it possible to install Ubuntu Server and have user accounts and log into the server via a Windows XP machine? Sorry if its a stupid question! Many thanks
View 3 Replies
View Related
Aug 17, 2010
Can we use CRON to create new user accounts?
View 4 Replies
View Related
May 11, 2010
i'm configuring sendmail for a little office but i was requested for two domains e.g. [URL] and [URL] i've created this two domains but at the moment i create a user account how could i make the difference between wich domain the user belongs?
View 1 Replies
View Related
Dec 13, 2010
I am trying to make subversion to use the user account from bugzilla. I surf the net and found many threads related but most of them are out-of-dated. I have install the following software on ubuntu10.10
1. apache2 -- apt-get install apache
2. subversion -- apt-get install subversion
3. bugzilla3 -- apt-get install bugzilla3
4. libapache2-mod-auth-mysql -- apt-get install libapache2-mod-auth-mysql
After installing those softwares needed, I edited the conf file on /etc/apache2/mods-available/dav_svn.conf
Code:
<Location /svn>
DAV svn
SVNParentPath /svnroot
SVNListParentPath On
[code]....
View 1 Replies
View Related
Mar 19, 2010
I've just rebuilt a server that had SLES10 to Slackware64 13.0. I wanted to keep all users and their passwords, so I copied all user entries in the old SLES /etc/passwd and /etc/shadow files to the corresponding new Slackware files. It turns out that the passwords are not interpreted correctly. I presume that SLES uses a different hashing function than slackware. Is there an easy way to convert these hashes, or will I have to reset all passwords and force users to change at login?
View 3 Replies
View Related
May 12, 2011
i have rhel 5.2 and i want to create user using useradd command without creating user home directory and not throwing any warning/error about not creating any home directory.i have tried useradd -u "$NEW_UID" -g <gid> -d "/home/$1" -M "$1"where $1 is user name and $NEW_UID is i am calculating.it throws error as useradd: cannot create directory /home/$1which i dont want to come , how to prevent this?
View 1 Replies
View Related
