Server :: Setting F13 With 389 Directory Service For Authentication
Jun 28, 2010
I am setting up Fedora-13 with "389 directory server" for authentication. I had performed the following steps.
1. Install FD-13.
2. Yum install 389-ds.
3. Run script to configure.
4. Start 389-condole and create few group and user for testing.
I can see these user with "ldapsearch" and with "phpldapadmin". It looks my server is responding. However, I am unable to see any user name with "getent passwd". also "ssh server_user@server" is not able to login. Whereas "getent passwd" shows local user and "ssh local_user@server" is able to login. Also note that I am not using ssl, so want to avoid ssl.
View 9 Replies
ADVERTISEMENT
Mar 12, 2010
I have a problem with ldap client authentication in ubuntu. I am using rhel5 as openldap server and I configured ubuntu as client, when I am trying to login the following message is coming."su: Authentication service cannot retrieve authentication info. Sorry"
But when I do search through "ldapsearch" command output is coming without any errors, Can anybody explain what would be problem.
View 1 Replies
View Related
Mar 2, 2011
Server: Fedora 14
Client: Fedora 14
LDAP server: 389-ds
I have set up the 389 server using the default configuration. Adding user and http/pam authentication works fine. The problem I have is the client authentication. On the client machine, using "authconfig-tui" to turn on LDAP authentication it turns on sssd and use 'sss' in etc/nsswitch.conf after 'files'. I couldn't get sss working. In the end, I disabled sssd and manually changed 'sss' to 'ldap' for all configuration files including:
modify /etc/nsswitch.conf
modify /etc/pam.d/password-auth, change all sss to ldap
modify /etc/pam.d/system-auth
change /etc/sysconfig/authconfig
FORCELEGACY=yes
After these, client authentication works. I can log in to the client machine using user/password set on the LDAP server. I thought this is done but everyday the LDAP service stop functioning once or twice. I can't log in to the client machine using LDAP username/password. After restart the dirsrv on ldap server, things back to normal. I can't find any reasons from /var/log/dirsrv/ldap-xxx error file and don't know how to debug the problem.
View 3 Replies
View Related
Mar 15, 2011
I am re setting up a server of mine running red hat enterprise Linux server 6 and I had all of this working befor but for some reason I had troubles getting sasl to work and now when I login my smtp server I get an error stating that my username or password is incorrect though I am sure I am entering both correctly. Would anyone know what could be happening? I have been spending days on the web looking for the solution and only went from sasl not working when started as a service to this. For some reason I can't use Pam with saslauthd and had to use shadow instead of which from what I hear I get to use better methods of secure authentication with smtp
View 2 Replies
View Related
Aug 6, 2010
As part of the project I'm working on, I need to set up a server with IPSec authentication only connections to a large number of low bandwidth clients. I'm making use of the PF_KEY interface to populate the keys on the server and while prototyping things I've found that the initial setup is taking longer than I had expected. At the start of my test, entries are being added to the database at a rate of around 30/second, but as time goes on this is dropping significantly. I ran a test up to around 100k entries and by then the rate had dropped to 10/second. It's key to me that if I reboot my server that the Security Associations can be repopulated in a very short period, so I do genuinely need this to be much faster.
Two questions:
1) Does anyone have any experience of running with a large number of SAs set up, and if so what sort of setup rate did you get?
2) Are there things I can do to speed up the provisioning of these SAs? I'd really like to see a rate in the thousands per second.
We've been doing the prototyping on the 2.6 kernel.
View 1 Replies
View Related
Dec 8, 2009
There is a particular java app called LanguageTool which we need to host on our centos server. Other applications are supposed to send an http request to this machine; this machine should pass this data (received over the http request) to the java application concerned, obtain the output from the app; and then send this response back to the requesting client...
We need to set this app as a service on startup. The centos machine might restarted from time to time; so we expect this service should startup automatically. What can I do to get this done?
View 1 Replies
View Related
Feb 1, 2011
I am trying to accomplish an objective, I need to get 389 Directory server installed in the process however is it possible to just have email addresses of users in the LDAP server? I have a primary domain, example 'abcefg.com' with about 3,000 users and several hosted domains like 'xyz.com' and 'mno.com'. The end goal is to speed up email processing, so instead of the Barracuda asking the email server(s) if a user exist it queries the LDAP.
Is there a way to configure 389 Directory Server to contain just the email addresses of the end users to allow the Barracuda to poll the LDAP server to verify the email address is valid. The rest of the authentication like password is handled by the email server. So in the end the LDAP server would just contain the email addresses (live) and the Barracuda would query the LDAP asking if joebob@abcefg.com exist if it does carry on. If user xxeedd@abcefg.com does not exist drop it and go on.
View 4 Replies
View Related
Nov 12, 2010
I have Centos ( and Postfix+ldap+dovecot ) TLS works with Postfix and LDAP. When I open evolution mail client I can browse ldap tree and search for users, send-receive mails ...all fine
View 3 Replies
View Related
Feb 9, 2010
For the first time in installed and configured centos-ds from this HowTos and from the manuals.It is running nicely but disabled my httpd.Is it not possible to run directory service and httpd in the same machine
View 3 Replies
View Related
Dec 30, 2010
I'm using squid 2.6, Win2008 AD server. Clients are using winxp, win7. how to config squid for the authentication with win2008 AD?
View 2 Replies
View Related
Nov 11, 2010
I have a squid server currently running with basic authentication. This is a must because we constantly have different people using different machines but the rules must be set per user, not per machine.
We also have a lot of users coming and going. So every time a new user comes to the office I have to manually create a user for him so he can authenticate.
Anyway.. We do not have any windows servers so no Active Directory. But I need some solution to pass the windows login to Squid.
First question: It seems I am using NTLM currently for samba as the person can map their home directories on their windows box withuot authenticating. Why can I not use it for squid?
Second question: Can I make my Centos server into an AD server?
View 1 Replies
View Related
May 11, 2010
I am trying to build a ftp server with vsftpd. In general, I am not able to log in. I can only log in to the ftp server, if that same user is logged in to the server. I found out that this has to with my network setup. I am using OpenLDAP for centralized authentication and home directories are stored on an NFS server. The problem is that regular users are not allowed to log in to servers, therefore their home directories are not mounted. However I want to be able to give my users access to the ftp server without their home directories mounted. Is this possible with vsftpd and if so how do get this up and running. By the way, anonymous users are not allowed.
View 3 Replies
View Related
Jun 15, 2010
I installed pure-ftpd over ubuntu 10.04.
I want to know how can I remove authentication from ftp server to access in ftp directory from browser.
View 3 Replies
View Related
Jan 28, 2010
I'm fairly new to Linux and very new to Squid and am having authentication issues! I am using Oracle Enterprise Linux (which is basically Red Hat without the branding) and wanting to use Squid Proxy Server for web access with authentication to Active Directory. I've found a number of articles about this online and all of them say to use auth program squid_ldap_conf which should be in /usr/lib/squid/. I don't have a squid directory in /usr/lib for starters and my squid binaries are in /etc/squid but there is no squid_ldap_conf in there either. I have installed the latest version of Squid (3.0) to see if that helped but I still cannot find the authorisation program.
View 3 Replies
View Related
Oct 5, 2010
I would like to be able to get squid or dansguardian to authenticate a user account against active directory so that a users browsing activities can be logged.
I can find lots a very useful info on how to set up ntlm_auth etc, but all of these methods produce a pop up window when the user launches the browser.
I'm posting this thread because I would like to be able to authenicate, but without a pop up window. Is there a way of automatically carrying out this authentication so that the user is unaware of it.
We've previously attempted authenticating against an NT4 PDC, but the users worked out that they could use any user account on the network, not just the user that was logged in which kinda defeated the whole idea of logging the users activity.
My current setup is:
Windows 2003 AD
Windows XP Clients, soon to be converted to windows 7.
Fedora 11 running squid and dansguardian.
View 2 Replies
View Related
Apr 13, 2011
Seismicmike here. My first post. I'll try to be as clear and concise as possible. For the sake of this post, I'm going to use 1.2.3.4 as a place holder for my public IP. On my web server, I would like to be able to access the /var/ftp directory through a web browser. I have successfully done so with Google Chrome, but I cannot access the directory in Firefox or IE. Both FF and IE ask me for authentication but then time out attempting to load the directory.
I suspect that there may be something up with switching to passive mode and/or that this issue may be more with my configuration of Firefox and not with the server (seeing as how Chrome works). Another possibility may be related to SSL. When I connect with FileZilla, I have to use the FTP over Explicit SSL/TLS option in order to connect. In any case I still would like to fix it. I would also like to avoid having to install FireFTP if at all possible.
Steps to reproduce (not that you can without my actual IP =J):
* Open Chrome
* Go to ftp://1.2.3.4
* Enter username
* Enter password
[code]....
View 10 Replies
View Related
Mar 8, 2011
setup user authentication server and internet accounting server like ISA and Active Directory in Windows?
View 4 Replies
View Related
May 29, 2011
I am somewhat new to linux, and fedora especially, I'm currently trying to get a linux based active directory server build in my home. I've tried using samba, dhcpd and the bind9 service but it wasn't wanting to work, so I did some searching and found 389ds on the fedora projects page. Now I'm having issues setting up the directory here's the log.
Code:
[11/05/29:10:37:47] - [Setup] Info This program will set up the 389 Directory and Administration Servers.
It is recommended that you have "root" privilege to set up the software.
Tips for using this program:
- Press "Enter" to choose the default and go to the next screen
- Type "Control-B" then "Enter" to go back to the previous screen
- Type "Control-C" to cancel the setup program
[11/05/29:10:37:47] - [Setup] Info Would you like to continue with set up?
[11/05/29:10:37:49] - [Setup] Info yes .....
[11/05/29:10:37:50] - [Setup] Info Your system has been scanned for potential problems, missing patches, etc. The following output is a report of the items found that need to be addressed before running this software in a production environment .....
View 2 Replies
View Related
Jun 21, 2010
I am using VSFTPD as my FTP daemon. I want it to be set up so that my user (cj) will have a default directory of / when I log on to the FTP server and I want the secondary account (guest) to have it's home directory as the default location without any access to the root of the drive.
I need my account to have the default as / because the FTP client that I use in Windows won't go up to the parent directory of the default. Therefore, I cannot access the rest of my drive.
When I set "local_root" to "/" , it brings both users to the / directory when they sign in, even though the guest account is set to open the home directory with the "chroot_list_enable". It seems like the local_root option overrides the chroot_list_enable option.
Is there any way to set the default directory for each local user separately?
Also, Let me know if this is impossible with this FTP daemon
View 2 Replies
View Related
Feb 8, 2010
I am trying to solve problem with software which needs to have access to network card I suppose. Installation run without any problems but when I am launch software I get such message as normal user:
Cannot register service:
RPC: Authentication error; why = Client credential too weak.
When I launch program as root I get this:
WARNING: localhost appears to have the loopback address 127.0.0.2 as IP address
This may imply that processes on arlin may not be able to connect to non-local processes but program starting with success at least. What I should do to run program as normal user?
View 5 Replies
View Related
Jul 18, 2010
How to control a windows system by using linux server i know linux is a cross flatfarm. But how to Authenticate windows system like in windows we use AD for user authentication.
View 3 Replies
View Related
Feb 8, 2010
I have a program to start called "pace_old".
In the command line I type it's name and get this:
What should I do ?
Distro is SuSe 11.1. Btw: I do not get this message on Suse 9.0. Pace_old runs properly there.
View 1 Replies
View Related
Aug 27, 2010
i already installed mailscanner and other component as well as. the problem is when i log to mailwatch gui, mailscanner and postfix status show no.--it's should be show yes ..
how to overcome that or enable that problem?
how to setting mailscanner using postfix should the mail will filter first before pass to mailserver.
anybody have configuration file that's work well on setting mailscanner using postfix?
View 1 Replies
View Related
Jun 27, 2011
i want to setup a proxy authentication on fedora 15 for minimum of 5 users using squid but i had successfully setup a proxy sever on my system and its working perfecly.# vi /etc/squid/squid.conf this was the output.
# Recommended minimum configuration:
#
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
[code]....
where will i entered the configuration and what are the configuration?
View 7 Replies
View Related
May 27, 2011
I have a network and am using squid proxy with authentication I want to create another subnet without authentication.
View 1 Replies
View Related
Dec 22, 2010
I need to send authenticated mails from a RHEL machine to a relay that only accepts authentication mails from domain users. I've never done this so I'm a bit lost. I read some sendmail docs and I uncommented these optins in sendmail.mc file
define(`confAUTH_OPTIONS', `A p')dnl
...
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
and then regenerated the /etc/mail/sendmail.cf file and restarted senmaild, and started saslauth service. Still I can't send an e-mail.
View 4 Replies
View Related
Jun 29, 2011
Im used to Win Server so Im not very familiar with ubuntu server, I want to setup a load balanced service I have three server , one as a load balancer and the other two as my web servers, now my questions is that what are the steps I need to do to setup my cluster, I dont mean the requirements, not the actual detailed configuration.
Im gonna have my Mail server on these servers, how am I gonna setup the mail server to work with the load balancer, I mean is it possible to load balance the mail server like web server on ubuntu?
View 5 Replies
View Related
Jun 8, 2011
I've been trying to set up my printer that I'm sharing through a desktop running Windows 7 and am having trouble getting the authentication details to stay saved, or even work, for that matter.
No matter whether or not I tell the New Printer program to remember my authentication details, it doesn't. If I tell it to prompt me if it needs details, I get no prompt. So, in order for me to print a document, I have to tell it to print, then go into the print queue and authenticate it from there.
1. IIs there a way, either manually or through GUI, to either save my authentication details or just have it prompt me upon printing to save me from going into the print queue?
2. This isn't exactly on-topic, but it came up while I tried to set up the printer. Has anyone else had their SMB URI come up incorrectly with the spaces incorrectly rendered as "20" instead of "%20:?
View 1 Replies
View Related
Sep 2, 2011
I am able to see my samba shares on a windows xp machine, but the username/password combination fails.I setup samba with YaST.firewall is disabled.
View 7 Replies
View Related
Oct 20, 2010
How do I configure my modem without setting a service provider? When I try to configure my modem I can't get past the page for setting my internet provider. I have DSL and only use a modem for faxing. I'm running SUSE 11.3 32bit with KDE 4.5.2 and the modem is a BCM4212.
View 4 Replies
View Related
