Ubuntu :: Corporate Network With Remote Authentication
May 20, 2010
Migrating whole Corporate Windows stations to Ubuntu which is a huge thing so I'd like to do it right and as painless as possible to users.
Here's how it's done now: Main server are already running Linux for years with DHCP, DNS, IMAP, Postgres and SAMBA.
Windows machines are part of Samba PDC and when user logs in, Windows connects to the user profile on Samba server. When user logs out and logs to another computer, he/she has the same files and settings. Basically, nothing is held on local stations.
All printers on the network are printers with network cards, so they are not attached to any computer. The right printer is set with cmd script when user logs in, which makes it possible to make other printer as default if one is faulty.
View 2 Replies
ADVERTISEMENT
Sep 26, 2010
In my company, they provide linux machines which has a 4 yr old Gentoo linux. Also the OS is loaded through Yukon PXE/netboot environment, and the users directory is mounted from an network location. Also they dont provide root access in these machines.
I would love to use the latest Ubuntu in this machine. Please let me know if it is possible to configure a ubuntu/xubuntu in this machine. I need to be able to login with my corporate user_id/passwd, because many of the tools use this for authentication. so just doing a ubuntu installation in this machine and mounting the n/w location would not help.
View 6 Replies
View Related
Aug 17, 2010
My server is connected to the Internet for ssh on port 22 with root logon disabled, a single non-dictionary word user name allowed, and pki authentication only (about as secure as I can make it). I've previously run fc5 and 9 servers using the same sshd config since 2006 and had no security troubles, so I'm happy, but.. After the fc13 install and configuration, logins from a host on a remote network are taking about 1m 30s to complete! A (partial) console output for ssh -vv appears below. The lines marked with "**" were the lines after which significant pauses happen. This is fully repeatable.
Code:
debug1: Next authentication method: publickey
debug1: Offering public key:
debug2: we sent a publickey packet, wait for reply
[code]....
View 3 Replies
View Related
Nov 3, 2010
In my job we have 48 machines with Suse10 SP2 and they want all the machines to be able to authenticate to a unique server (something like a Radius Server or TACACS server), not doing the authentication locally. Do you have any idea on what to use and what needs to be change in the Suse Linux password auth for a remote server to be the auth server?
View 1 Replies
View Related
Mar 10, 2011
I try to get authentication working from remote LDAP server (Novell eDirectory)So far I can get correct info from id user or using ldapsearch (so the connectivity is there)But what do I need to configure to get authentication working for SSH login & vsftp login?
View 4 Replies
View Related
May 22, 2011
Ive been trying to fix my openvpn remote authentication script. I managed to write a script for remote authentication using wordpress db as my base access details storage. However I cannot seem to get past AUTH-FAILED issue. Possible source of conflict might be my database query inside the script which returns nothing. Hope someone with enough knowledge of scripting and database querying can help me here.
here is my vpn_auth.sh:
Code: Code: #!/bin/bash
### Database Informations
DBUSER='dbuser'
DBPASS='dbpass'
[Code]...
View 1 Replies
View Related
Sep 27, 2010
I am currently reviewing what it means to switch over to Ubuntu and I have the following scenario. If I was to switch all the windows servers over to an Ubuntu solution. I already understand that file servers/ mail servers and resources can be provided Ubuntu 10.04. The issue comes with the user accounts access and control. In a windows environment, I have a domain with sub domain sites. I am able to control passwords in each site separately thought Active directory. I need the instructions on how to setup an LDAP server so that I can control access rights to different services located on different servers.
Example 1.
I have 5 mail servers and on the HR side, I have 2 email administrators. I wish to provide them access to only the relevant resources centrally. With out having to add users to different users repeatedly. For example, if I wanted to grant the two administrators access to all five servers. As I understand it, I would have to create the same user on every server and add a public key on every server, as well as set the administration rights for that user on each server individually.
I want to be capable of doing this like I am in a windows environment from some sort of domain controller equivalent. Things that I must be able to do, manage users public keys on each server centrally. Add and remove user's access to each server centrally. Finite control on what each user can do on each server. (i.e., add them to the sudo group or any other group for specific servers/server class I specify). To a lesser extent of requirement, I also need to be able to inform users they have to change there password every 3 months from when they change it. As well as enforce password rules, such as characters complication.
View 3 Replies
View Related
Jul 25, 2011
what kind of linux is the best to use for corporate system? is it redhut? mint? solaris? ubuntu?
View 14 Replies
View Related
Mar 11, 2010
The project is to setup a corporate server that will bond 5 pci lan cards into one! The scope is to connect 5 ADSL routers and compine the speeds of all of them.
So i would have 5 routers each 2mbit ADSL would result on a 10mbit connection.
The problem is not only that.
Because this is a corporate network the server MUST also act as a router. This is necessary because people are remotely connecting from e.g. their homes to the network.
if this can be done with a Linux server or it is not feasilbe at all?
View 5 Replies
View Related
Jan 7, 2011
We are organizing an event for Open Source technology in college for 100 students and want to provide them access our corporate PC. Our aim is to provide them remote access to few 10-20 machines in our corporate to try out our product which runs on specific hardware.Anyone who can suggest me any secure colloborative tool which will let those students access concurrently.
View 2 Replies
View Related
Oct 15, 2009
I can not open the corporate intranet portal, runnnig on windows server 2008 with domain users. In Centos I could login just fine - firefox/konqueror just prompted me for my NTLM windows domain username and password - I typed those in and browers sucessfully loggem me in and I could surf the corporate portal. Note that NTLM authentication is configured as a fallback from kerberos authentication (so told me our portal admin)
However, in Fedora11 when I try to open the corporate (intra(not inter)net) portal, browsers just give me "Bad Request (Invalid Hostname)" error instead of prompting me for my domain username/password. I'm logged in on my F11 box as a local (not domain) user - as I did also previously on Centos Box.
I disabled SELinux, I disabled the firewall but still no luck. Not being able to open the corporate portal is a major showstopper for me, as I can not access many applications hosted there.
View 4 Replies
View Related
Aug 29, 2010
I just installed open Suse 11.3, and I cannot SSH my school. Upon further investigation I could not even ping any machines outside my local area network. Ironically I could nmap machines outside my local area network.
View 4 Replies
View Related
Jun 8, 2011
I am trying to ssh a remote box from putty but I am getting following error. "No supported authentication methods available" I don't have access to the server so I must have make my ssh client compatible to ssh server. This is the trace from another client
[SSH] Protocol Version 2 (OpenSSH_5.3p1 Debian-3ubuntu6)
[SSH] Cipher: aes128-ctr
[SSH] FAIL: Unable to authenticate
[SSH] INFO: DISCONNECT
View 2 Replies
View Related
Oct 9, 2010
I am looking for solution that would allow multiple users distributed over several offices in several countries to access one corporate file depository. The features I am looking for, are as follows:
- There should be the way to establish user groups and then define for each folder access level (read/write) for every user/group. Every users is given his login and password.
- This file depository should be accessed from both Linux and Windows clients
- There should be a way how to sync certain folders/files on one's PC so that it is possible to work off-line and then sync back to the common depository.
Then I plan to launch some regular backup routine on that folder where all the files of depository are kept. I can imagine that the solution could be involving several tools, ie access for Windows users might involve setting up samba server, but I don't know how to establish all the limited access stuff for Win clients via samba.
View 1 Replies
View Related
Jan 10, 2011
What is the The easiest way to authentication Active Directory with ubuntu.
View 2 Replies
View Related
Feb 7, 2010
if there is support for Network Level Authentication.
View 1 Replies
View Related
Apr 18, 2010
If the wifi network gets disconnected why is the wireless authentication key needed again and again...cant ubuntu store and retrieve it...
View 9 Replies
View Related
Apr 11, 2011
I have already managed to connect to my corporate wireless network which uses WPA Enterprise/PEAP along with an identity and a password using my *Android* phone.
Unfortunately, I am unable to do so via Ubuntu 10.10 on my laptop. The issue that I observe is that the 'Wireless Security' tab of network manager has 3 options MSCHAPv2, MD5 and GTC for Inner Authentication. But there is no option for 'None' - which is what my Android phone specifies.
I tested whether this difference was responsible by explicitly specifying these 3 authentication options on my android phone and with any of the 3 selected, the wireless connection was unsuccessful. So I confirmed that this phase2 or inner authentication needs to be set to None in order to be successful. But network manager doesn't seem to allow a none or empty option. Should I open a bug on this ?
Do I need to manually setup wpa_supplicant.conf and /etc/network/interfaces ? The latter is a long winded procedure and I am uncertain about the 'side-effects' it can have with the network manager applet.
View 1 Replies
View Related
Jan 24, 2011
I have created a CA on my server then created a server certificate under that then exported it as a common server certificate.I have then gone to my LDAP server and enabled TLS and told it to use the common server certificate.Now on my client I have enabled LDAP TLS/SSL and it's asking me to download a certificate ... from where ? Do I export the certificate to a file and put it on a web server.If so what format as the export offers loads.
View 1 Replies
View Related
Feb 15, 2010
I run some IT systems for my schools Engineering student organization.
We are upgrading our systems and I just purchased a new server system which I am configuring.
I am using Ubuntu 10.04 Lucid Lynx and the new likewise-open packages.
The points I bring up following this sentence are to fulfill this final goal : Get SFTP, SSH, and Network Share's over our private network all using the schools Active Directory for auth and it's groups to derive privs.
So... Here's what i've done and what i've tried to do.
1 ) I set up likewise-open and got it to join the domain. When I do this I can ssh to localhost as 'schoolnetworkADname'. So that part works (hurray). To get a network share to use these same auth methods I have tried installing likewise-open-server. Everything launches find and the daemons run, but when I go into computer management on a windows server to set up the actual shares, I get permission denied. The account it is giving permission denied to is the same AD account that join likewise-open to the network, so... what is going on.
2 ) Samba, fail. I can't seem to get samba to run on this machine at all, which is strange because even my Samba expert was puzzled. It just won't let Samba join the domain properly, and due to this, I want to keep on the newer likewise package... unless I have to switch to this.
How I can get the lame likewise-open-server to work?
View 1 Replies
View Related
Sep 1, 2010
My work has got a new Sharp MX-1800N network printer. The setup requires user authentification, one password for printing b&w, another for printing color. However when they try to set up my netbook running ubuntu desktop 10.04 they don't get it to prompt for a password, which makes the printer reject the printout. How do you fix this?
View 5 Replies
View Related
Nov 27, 2010
I have to setup a WiFi network for a hotel. There are several possibilities, but for me the best one is to setup a open Wifi network with web authentication for single user. What is the best solution in terms of compatibility, security, reliability, etc? I don't know many solution for web authentication, only the RADIUS project.
View 1 Replies
View Related
Dec 6, 2010
Morning, just installed lubuntu but having problems connecting to the wireless network. I find the network alright, however, the network authentication windows pops-up only to disappear 0.1 seconds later not giving me time to enter the network-code.
View 1 Replies
View Related
May 27, 2011
I have been trying to wirelessly connect to my network for weeks now. My netgear dongle is fully working. I have installed the driver using ndiswrapper. I can see my network and signal is excellent; everything is working perfectly. When I try to connect it thinks about it but never connects. The password is fine; it works great with other computers. decided to have a go with wicd, so got rid of the Gnome network manager and installed wicd. Adaptor and wicd appear to be working brilliantly EXCEPT I cannot connect. wicd tells me its a bad password. Password fine because it works brilliantly with every other device I connect to my network. If I remove security from network, it tells me it cannot get address, even though it sailed passed that with no problem when there was security. I have searched the internet for a solution to this problem time and time again. Lots of people seem to be having this problem, but no one knows the solution. Is there a solution? It happens with both Ubuntu 10.04 LTS v1 v2 and Ubuntu 11.04. What the heck is going on. This happens with WPA WEP and anything else I try to use
View 1 Replies
View Related
Jul 12, 2009
I'm trying in the company where I work to persuade my co-partners to move slowly into the world of linux, but because everything are set up on Windows is quite difficult. Though I can install at least in one PC openSuse or Ubuntu (I prefer openSuse), but the problem is that I have to find a way to make the authentication to a Windows Domain, which is running Windows Server 2003.
How is this possible? Is this procedure painless or I have to read a lot of staffs in order to make it work? I would be obliged if you could give me some steps on how to do it. I can't stand windows any more
View 5 Replies
View Related
Jan 18, 2011
I'm using openSUSE 11.1 and would like to authenticate vsftp users against a mysql database. The newest version of pam-mysql I can find is from 2005. I'm concerned about using something from what appears to be a dead project. Is there an alternative? I'm trying to come up with a solution where I can manage FTP users from an application running from Windows desktops.
View 1 Replies
View Related
May 7, 2011
On this moment i configure a testenvironment with 1 Microsoft active directory server and 1 Opensuse 11 samba filesharing server. But i have a issue. The samba server is add to the domain and the servers can communicate with eachother. I can login to the domain on the samba server and the LDAP settings tab on yast2 samba configuration tool tell me that samba and the MS LDAP server can communicate with eachother. I can see the shares on the samba server but i can't autenticate myself. When i whant to logon than see i always "domain: domainname.local" and "access denied". My question is now how can i give the MS administrator account rights to view the shares and configure the rights for the other users.Samba config file
PHP Code:
[global]
workgroup = WIN-FVJBNQIJE9O@WOENSDRECHT.LOCAL
[code]....
View 1 Replies
View Related
Mar 9, 2010
I would like to use a wireless network from Ubuntu. In the network drop-down menu I select a network (this is a University network I have an account there). Then I get a windows with the following fields:
Wireless Security: [WPA&WPA2
Enterprise] Authentication:
[Tunneled TLS] Anonymous Identity:
[] CA Certificate: [(None)]
Inner Authentication: [some
letters] User Name: []
Password: []
I put there my user name and password and do not change default value and leave "Anonymous Identity"blank.
As a result of that I get "Authentication required by wireless network". How can I solve this problem?
I think it is important to notice that our system administrator tried to find some files (which are probably needed to be used as "CA Certificate"). He said that he does not know where this file is located on Ubuntu (he support only Windows). So, probably this is direction I need to go. I need to find this file. But may be I am wrong. May be something else needs to be done.
View 2 Replies
View Related
Apr 29, 2010
This is what I have... An existing network with about 2 dozen Linux servers, varied distros, and about 3 dozen workstations, the vast majority of which are Windows XP pro, but there is one Windows Vista business, two Ubuntu, one Mac, and soon to be a Windows 7 pro. User accounts vary across all servers. There are 4 samba servers hosting different file shares.
This is what I need to do... I must centralize the user password database for all workstations if possible, if not, at least for all the windows workstations. I also need the user passwords for the samba file shares to be synchronized with those of the workstations. I need to have the workstation/file-share passwords expire every 90 days. I also must centralize the user passwords for all Linux Servers, but this can be done separately and I know there are tools like Kerberos available for this.
Is this possible to do with so many user accounts already existing in so many different places on the network, or would this "centralized authentication" require new user accounts to be created across the network?
If this is possible, what tools/services are the easiest and fastest to set this up with? As usual, I have an urgent deadline looming over me for this project and am trying as hard as I can to avoid the company slipping back into the realm of M$ or other proprietary software to accomplish this. Keep in mind, I don't need any additional services, such as roaming profiles, or anything like that. I really just need a centralized password database that can be referenced by Windows, and the Samba file shares.
View 4 Replies
View Related
May 15, 2011
I have more than 150 Linux desktop computer in my office IT setup.
I want to configure LDAP centralize network authentication for all the desktop computer.
My requirement is below mentioned.
The LDAP server will only authenticate the desktop computer at the log-in time when the user start computer.
The home directory of all the user should be create in their desktop local computer not in the LDAP server.
And flexibility of user log-in for every desktop. (any user can log-in any computer with his/her username and password)and the home directory will create automatically in the local desktop computer automatically the moment any user will log-in to any computer in the network and the LDAP server will authenticate for desktop-network log-in in to the computer.
View 1 Replies
View Related
