Security :: NIS Password Mapping - Allow User "techsupport1" To Access Web Server?
May 19, 2010
I have a NIS server and a web server as a client. I have a regular linux user (without root privileges) "techsupport1" on NIS server.
On the client web server, I have root user, and my clients. Now what I want to achieve is, allow my user "techsupport1" to access the web server, but instead of logging in using root user, I'd like the client to use username "techsupport1", but in the same time, give that user root privileges on the web server (client). The reason, is that I have more than one user who need to manage the web server (client), so I want to be able to clearly see in the bash_history, who has been running what commands. right now, when I login as a techsupport user to the web server (client) from my NIS server
[code]...
I don't have root privileges, also my gid is matching to gid of a customer who has the same 517 on the web server. How can I configure, so when a tech support agent 1, logs in to web server, NIS grants root privileges, but keeps the techsupport username?
View 2 Replies
ADVERTISEMENT
Dec 18, 2010
I have tried to not allow root access and have created a wheel user.
Now I can not logged in as root.
Its okay but when am logging as wheel user and trying to access root then it says:
Code:
View 14 Replies
View Related
May 5, 2010
My goal is this: Allow a user to connect to a server via SSH with any login name or password without checking to see if that account exists on that server. Their account would be captured by a universal account say, 'generic_user', and then they would be directed to one of my python scripts with the username and password they supplied for initial login. At this point my script would capture their SSHD process ID and allow/deny their existence based upon a MySQL/Subscription check.
The part I'm having trouble with is with PAM and allowing the user to login with any credentials and be successfully authenticated under the generic account. Beyond that, everything is great.
View 2 Replies
View Related
Mar 1, 2011
I have got a RHEL 5.6 server configured to authenticate via a Windows 2008 domain controller via LDAPS.Everything is working fine, except from the following: When I create a new user in Active directory and check the option "user must change password at next logon", the new user cannot logon and gets an "access denied" message. In /var/log/secure, I find the following:
Mar 1 14:43:21 cpssvn10 sshd[5363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.3.12 user=testuser2
Mar 1 14:43:21 cpssvn10 sshd[5363]: pam_ldap: error trying to bind as user "CN=CPSS Testuser 2,OU=IBM,DC=cpss,DC=smarterplatform,DC=com" (Invalid credentials)
Mar 1 14:43:23 cpssvn10 sshd[5363]: Failed password for testuser2 from 192.168.3.12 port 4583 ssh2
As soon as I uncheck the "user must change ..." option, the user can log on without problems. Also password change via the passwd command works.
View 2 Replies
View Related
Mar 26, 2010
I set up a servber on my local machine, & also PHp - Both working fine.I'm trying to load up MYSQL i have installed it, & *can* start/stop the server. however if I do anything else with it, I get this error :-
Quote:
root@gordon-desktop:~# sudo mysqladmin -u root -h localhost password MYPASSWORD
mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user 'root'@'localhost' (using password: NO)'
Query :-
1) How do I know MYSQL is actually active ? (apart from the message it says that its statrted (or stopped).
2) Is there a way to
a) Find out the usernames that are recorded on the MYSQL server ?
b) set / RESET the 'root' username (I know MYSQL root user is different to PC root user)
c) anything else I can do on the PHP / website code to see if MYSQL is working
(as yet, no tables / databases etc have been set up - as I can't get past this error message - I get the same error when setting up a database.)
Ps I did allow my usermname (when logged in to ubuntu) to edit / create files in the /usr/www/ directory (but it is still OWNED by 'root' - that directory)
View 4 Replies
View Related
Aug 26, 2010
So I have a few Ubuntu (Hardy till I can find a replacement for Xen) boxes that I am trying move from nfs3 to nfs4.I set it up according to this guide: URL...However I ran into trouble when the client see's all users/groups as nobody/nogroup.The current set up is that all the boxes have synced uids/gids and all users with root access can be trusted. I read some reports that said the only way this could be fixed was by using Kerberos. However I would really prefer not having to move to Kerberos as I have heard that it is very intensive to set up. So what I am looking for here is a solution other than sticking with nfs3 or putting everything on Kerberos. However if you think that Kerberos is easier to set up than I am giving it credit for then that could be useful to hear as well.
View 1 Replies
View Related
Feb 19, 2010
Posted in wrong section. Moved to Linux Servers Forum.
View 2 Replies
View Related
Jun 1, 2010
I want to do setting in RHEL5 such that user should able to change his password only once in a day.I have changed the fourth field (i.e. minimum number of days to change) in in "/etc/shadow" file for "root" to "1". But its not working. I am able to change the password of "root" using "passwd" command.Any one can help me out on this issue
View 5 Replies
View Related
Jun 18, 2011
My bose ask me to convert a CentOS system password like "LMPQSMTE0nHlQ" to postfix MySQL MD5 Hased password, I find CentOS seems has 2 kinds of password form, one is shorter and the other is very long like"$1$C2MSk16n$WT5JWnzYH7XpCCjsiE2bd1", however I find postfix is exactly the later long one, so does any one know how to convert the short form to the later one
View 1 Replies
View Related
Dec 27, 2010
i use ubuntu 10.04, is there a way to set two passwords for 1 user account
View 2 Replies
View Related
Jan 18, 2011
My daughter has forgotten her password on our desktop system. Note this is not the admin user (me) so I can sudo nautilus to recover her files. All info online seems to pertain to recovering administrators password is there any way of recovering a non admin password? Ubuntu 9.10 but about to be upgraded 10 10.
View 3 Replies
View Related
Feb 19, 2010
Stumped on this one. I'm trying to set up limited sudo authority on a desktop with some sensitive user data, and as an extra precaution I wanted to configure sudo to use a password other than the user's or the root's. I'm not sure how to do this. From the manual, we have a few options, such as "runaspw" or "targetpw", but none seem quite what I'm looking for.For instance, "runaspw" could be used if I created a user for nothing other than sudo(ing) purposes, but it requires you set "runas_default", which means that said user would have to have authority to execute said commands in the first place. This is workable, but seems like a lot of extra configuration for each specific command that I want to run, as well as creating some issues with simply commands such as "shutdown" or "reboot". Also, "targetpw" can be used in conjunction with a sudo(ing)-only user if I set an alias, but, again, this isn't quite what I am looking for.
Ultimately, what I am really concerned about in this situation are keystroke loggers, so I would prefer to avoid repeated entering the user or root password when performing administrative tasks. Also, I would prefer not having to create a sudo(ing)-only user as mentioned above to prevent a comprimised password resulting in an attacker being able to log into my system.
View 3 Replies
View Related
Mar 13, 2009
I am trying to give access to ONE single user to start and shutdown tomcat server. The problem being, when I enter syntax: username ALL= /etc/init.d/tomcat5, /usr/local/tomcat/webapps, PASSWD:ALL This gives the user access to start and stop tomcat but also gives user access to start and stop other services within /etc/init.d - such as httpd etc... What is the proper way to give user access to start and stop service, and limiting that power to only one service....
View 2 Replies
View Related
Jan 12, 2009
It seem like unix abit annoying every time you log in you need to password can I disable it
View 10 Replies
View Related
Apr 13, 2011
I have a problem with my fedora workstation.I am trying to change my ldap user password through passwd command.When I first create the user on ldap server, I use md5 and create the user password.This is the entry:
Code:
dn: uid=boo,ou=People,dc=linux,dc=gettolandia,dc=org
uid: boo
[code]....
View 3 Replies
View Related
Mar 17, 2010
I'm currently creating a simple sh file which will copy the contents of a certain directory to / directory. in my sh file:
Code:
cd "$DIR"
for i in *.*; do
sudo cp -iv "$i" "$DEST"
done
but this requires user password. can i add the user password in my sh file? how? I'm trying to do this because I have an application to run the sh file and the application has no way to enter the password..
View 9 Replies
View Related
Apr 4, 2011
Second off, I'm trying to capture a user password on login (through gdm) such that I can re-use it for a service like Kerberos or AFS. The idea is that the user has to log in only once, and then I renew the tickets and tokens until they log out again. If there's a better way to do this
View 4 Replies
View Related
May 23, 2010
I have a dual boot machine and recently did a fresh install of 10.4. It no longer asks for a password to access the Windows partition and I full access to it. This seems insecure to me and was wondering if someone else came across this. I thought I saw this topic discussed before but I can not seem to find it now. Is this a bug or a new unpleasant feature?I don't think it makes a difference but I do have a separate encrypted home partition on this fresh install. I have also done two fresh installs. (Well three...once testing out KDE but didn't try the Win partition. )
View 9 Replies
View Related
Nov 6, 2010
I was wondering if there is any way in Linux in general and Fedora 13 in particular to configure system so that any service that needs access to internet will have to ask for password/permission to do so. So that I can
View 3 Replies
View Related
Jul 20, 2011
So I'm attempting to get my system to not require the root password while still requiring some form of authentication. My current issue is getting yast2 and its components to ask for the user's password and not the root's.
Is there a way to have these tools ask for user's password instead of root's?
View 3 Replies
View Related
Feb 16, 2011
Cannot seem to use my mysql password, keep getting the error
"Access denied for user 'root'@'localhost' (using password: YES)"
So I tried checking my password using mysql -u root -p and I get the same error as above. I've tried accessing mysql with skip grant tables disabling the need for a password so I could reset my root password. After going through the necessary steps I still get the error above when typing my password in for mysql.
View 4 Replies
View Related
Mar 30, 2010
is it considered standard practice to change the user password on a regular basis and if so how often?
View 4 Replies
View Related
Aug 26, 2010
I have a problem with my ubuntu account. I am running 4 virtual machines, based on jeos-8.04 and I am using a public key authentication to login to my account (via ssh). This is not the problem, I have the key and the passphrase. But when I am logged in, I can't sudo, because I forgot the password for the accout.
View 6 Replies
View Related
Nov 12, 2010
I remember my password very well and have no need of password recovery. Everywhere I look it's how to recover and I don't want that. The kind where you boot into root recovery console to change the password.
View 4 Replies
View Related
Sep 3, 2010
I would like to use a wireless network, I type in the correct password but suddenly a new window pops up saying: 'an application wants to access to the keyring 'Vorgabe', but its is locked password:'
But I don't know what password it's talking about
I went to Password and Encryption keys, there are two folders
'password: vorgabe'
'Password: login'
View 9 Replies
View Related
Feb 17, 2011
I have been reading guides for a while now and so far have not found an exact solution to my problem.
I want a linux user (dave) to be able to switch to another account (patrol) without a password prompt, but dave must still be denied access to root. Patrol must also be denied root access.
In the sudoers file
Code:
User_Alias Patrol=dave,john
root ALL=(ALL) ALL
Patrol ALL=(patrol) NOPSSWD: ALL
[Code].....
View 6 Replies
View Related
Dec 11, 2010
After updating my system yesterday my laptop will no longer connect to my wifi connection, in fact the network manager doesn't appear on the screen. I cant access super user even with the correct password. Some programs fail to load e.g. hardware drivers.I'm online now using my ethernet cable. I cant update grub due to errors in etc/grub.d/README.I'm logged in as root now instead of my own user account.
View 1 Replies
View Related
Apr 7, 2011
Is it possible to have a password protected ftp directory along with anonomus user access
i mean 2 say
when people visit my ftp link ie
ftp//server name
then can see all the directories like
text
stickers
word files
personal
They can acess all the directories and can see contents but when they go to my personal directory they should be prompted for a password.
View 9 Replies
View Related
Apr 18, 2011
I have a new CentOS server install. I am trying to connect from a windows xp box using putty ssh. I can get as far as putting in the password for root user and then it tells me access denied.
View 2 Replies
View Related
Mar 7, 2011
May i ask if how or should i concern about my history records my rdesktop full cmd. I dont want to disable my history in the cmd and want to use it.
Im using rdesktop cmd since it more easy and direct to connect to a terminal RDP. I noticed the history records all my full command rdesktop which state the domain, user ,password. in txt mode..May i ask if this has any problem should i concern with..
View 1 Replies
View Related
