Ubuntu Servers :: Get A List Of Both The Local Groups And The Groups In The Active Directory?

Feb 4, 2011

I already know of a work around to fix this problem, but I guess my question is why is this not working as expected? I am using a Windows Server 2008 R2 Active Directory for authentication.

I have run auth-client-config for the ldap profile and pam-auth-update. When running getent passwd, I get a list of both the local users and the users in the active directory (with populated information in the Unix schema extension). When running getent group I get a list of both the local groups and the groups in the active directory (with populated information in the Unix schema extension).

Interestingly enough, though, when I run su DOMAINUSER, after the prompt for the password I get an authentication error. In /var/log/auth.log I can see an entry with pam_ldap: missing "host" in file "/etc/ldap.conf". The SRV records in the DNS servers resolve correctly. I've checked this with nslookup and I have seen the records within my zone file. Obviously if the ldap.conf file is working with getent and the ldap server is resolving from the SRV records, it is working fine.

The interesting part is that the Windows Server 2008 R2 AD machine shows in the event viewer that there was a successful authentication, yet the Ubuntu box says no. When I add the host within the ldap.conf file, everything works...getent and the actual authentication, either initial login or su.

[Code]...

View 1 Replies


ADVERTISEMENT

Networking :: Using Windows Active Directory Groups

Apr 21, 2010

The scenario is I have a Windows Server 2003 Domain Controller which runs ADUC. I have created some security groups which I would like to apply to my network shares. The problem is, the majority of my network shares are based on Open Suse machines which, although are part of the domain, when trying to configure the shares using SMB, do not allow me to select the Active Directory groups. Any solution which will allow me to use ADUC security groups?

View 3 Replies View Related

Ubuntu Servers :: Mapping UNIX Groups To Windows Groups?

Oct 12, 2010

I am currently trying to set up a Samba domain server. In the Samba-HOWTO-Collection I found an
example file.(Point 3.3.3.1) In the explanations of the example below, the author says I need to map UNIX Groups to NT Groups. He writes a shell-script of how one could do it, but when I copy it and then execute it, I get the error:

Bad option: rid=512
Bad option: rid=513
Bad option: rid=514

The other groups do get mapped, just the Domain Admins, Domain Users and Domain Guests dont. This is the shell from the HOWTO:

#!/bin/bash
#### Shell-Skript f ̈r sp ̈tere Verwendung aufbewahren
net groupmap modify ntgroup="Domain Admins" unixgroup=ntadmins rid=512
net groupmap modify ntgroup="Domain Users" unixgroup=users rid=513
net groupmap modify ntgroup="Domain Guests" unixgroup=nobody rid=514

[Code]...

View 2 Replies View Related

General :: LFS /tools/bin/groups Not Displaying Supplementary Groups?

Jun 8, 2010

So i am at the stage of about to install the basic system and am using a derivation of the package management provided by Matthias S. Benkmann. To this end I am using his useradd and groupadd scripts to update the files:

/etc/passwd
/etc/group

My issue is that when I run the commands(created as part of temporary system when installing coreutils):

Code:

/tools/bin/su linux
#then as user
/tools/bin/groups

(here linux is the name of the user) This only returns the user being in the group named after user but not the additional group of 'install' Also, prior to logging in as user, if I use this command as root:

Code:

/tools/bin/groups linux

linux install This then returns that the user is in the correct groups. Lines from relevant files look like:

Code:

#/etc/passwd
linux:x:10000:10000::/usr/src/build:/bin/bash
#/etc/group

[code].....

View 8 Replies View Related

General :: Make All NIS Users Members Of More Than One Local Groups?

Nov 25, 2010

Is this possible to make groups members of a group (the same way aliases work for the mailing system). If not is there a painless way to make all my nis users members of more than one local groups? Maybe set this on the nis side and not per machine setup?

View 1 Replies View Related

CentOS 5 Server :: Making A Local Repo With Groups?

Apr 9, 2010

i just installed centos 5.4 and trying to make my local repo have groups listing of packages like the mirrors do

so i can make an spin off of the OS to my needs for web servers only / so on but
i cant get my head around the groups making part of the creatrepo

does anyone have any tips or hints or know how to make group listing of the packages

i copyed the DVD to hard drive and the repo .XML files they came with it and tryed that way but no luck yet

im running out of things to try

View 5 Replies View Related

General :: Allow Two Groups To Access A Directory?

Mar 2, 2010

I am in need of a rather complicated permissions scheme for particular directory. I have a directory /data I want the group developers to have read and execute access to this directory. Then, I want the group research to have read, execute, and WRITE permission for this directory. Now, I have a second directory /code which developers and research have full access to. And I have a third group, operations I want operations to be able to read /data but not be able to read /code Is this permissions scheme possible in linux?

View 1 Replies View Related

General :: How To Mount Remote Samba Share From Local Host With Multiple Groups

May 6, 2010

I am using mount.cifs to mount a remote samba share (both client and server are Ubuntu server 8.04) like this:mount.cifs //sambaserver/samba /mountpath -o credentials=/path/.credentials,uid=someuser,gid=1000.I mounted a user from local system with username and password with mount.cifs but the problem is that the user is part of multiple groups on the remote system and with mount.cifs I can only specify one gid. Is there a way to specify all the gids that the remote user has?

Mount the remote samba with multiple groups on the local system?Browse the mount from 1) with the terminal since I want to pass some files from samba as arguments to local programs.which runs through gvfs; but the newer gnome does not write to disk the ~/.gvfs anymore so I can't browse it in terminal. And the last solution would be NFS but that means that I have to synchronize the uids and gids on the local system with the ones from the server.

View 1 Replies View Related

Ubuntu Servers :: Any Way To Add Multiple Groups To Folder?

May 23, 2011

Looking for a way to add multiple groups to a folder. This feature is obviously available in most other platforms (Mac, Windows). Why can't I find any reference to this, or better yet, why doesn't this feature exist?

View 5 Replies View Related

OpenSUSE Network :: Samba - Use The "read List" And "write List" Options With Groups Under Share

Apr 27, 2010

I have a Samba server running in my Lan (mainly for file and print service). This server will act as a PDC (don't ask why...). I have a question: Under a share I can use the "read list" and "write list" options with groups (eg @users). Is that group a Linux or Samba group? If it's the later, am I forced to use the net groupmap command, or it is sufficient to have a group name in the /etc/group file? Should I add samba/linux users to that group (with net rpc) or is sufficient to have the group membership set in the linux?

View 4 Replies View Related

Ubuntu Servers :: Using Groups To Lock Users Away From Filesystem?

Mar 31, 2010

I'm currently running a small server using 9.10 and I wondered if using groups was a possible route in order to keep users away from the bulk of the file system and keep them in locked their home directories.

What I planned to do is use a group named 'allowsystemfiles' to be added to admin accounts, then to set parts of the file system to that group, along with the permissions 0760 to keep non-admin users out.

Is is a good idea or will this hose my system?

View 7 Replies View Related

Ubuntu Servers :: Groups: Cannot Find Name For Group ID 10000

Feb 5, 2011

I've installed OpenLDAP and libnss-ldap, as instructed in this tutorial. Then I try to login but I got the error

Code:

groups: cannot find name for group ID 10000

Here's the user and group ldif entry that I use to login

Code:

dn: uid=iwan,ou=people,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount

[code]....

View 7 Replies View Related

Ubuntu Servers :: IPsec - Limit Users Or Groups

Jun 22, 2011

I successfully configured a VPN using IPSec(Openswan) and xl2ptd. While roughly following this guide (among countless others): [URL]

The VPN-Connection works fine, connecting to it is also a swirl, I can reach all that I want in the network, and also the gateway to the Internet works - everything being routed through that VPN.

Now my problem is actually the next steps, and I didn't succeed finding the right result on any possible search:

a) I want to limit, that the VPN-Connection is only used for distinct connections to hosts, that aren't in a "company subnet", but the IP's are publicly available. (Example: The Target-IP 8.8.8.8 allows per iptables, that only my VPN-Host 1.2.3.4 accesses it via SSH, and thus I only can access that Target-IP via SSH when I'm on the VPN). When actually browsing to the ubuntu-website, I want, that NOT the VPN-Connection is used but rather my normal connection (as a reference: i'm on a Windows-Client - not my choice, btw.)

b) I want to have several such "limitations" grouped, and give users 'access-rights' to certain hosts (Examples: Admin gets access to all on all ports Testers get access to some machines on distinct ports CEO gets access only to the mailserver via POP3 or IMAP

View 1 Replies View Related

Ubuntu Servers :: Apache 2.2 Users And Groups In Virtual Hosts?

Mar 3, 2011

I have Apache up and running and have a few virtual sites enabled. All these sites belong to the same user and group and the directory root for each site is in /home/{same-user}/www/{site-name}/htdocs/

I use Samba to connect from Windows to these directories and by default, files and directories are saved as the {same-user} and {same-group}. My question is, would it cause a problem if I changed the user and group in the virtual server directives in /etc/apache2/sites-available/site.conf files, giving apache permission to write to these files and directories. In the past I have changed the user and group to www-data (the default) but this seems inefficient an cumbersome compared to what I intend to do.

I use the server mostly for development, although at times I have a small site or two available to the public. Before I do this I want to be sure I'm not leaving a gaping security hole by changing these things. If this is all wrong, what is the standard way of running virtual hosts from apache and what is the standard document root for virtual sites?

View 4 Replies View Related

Ubuntu Servers :: LDAP Users And Groups - Adding A User

Aug 4, 2011

I have Ubuntu 10.04.2 (Linux 2.6.32-33-server on x86_64) with OpenLDAP 2.4.21 and Webmin1.550. I converted my ldap database from another system with the older style schema (OpenLDAP 2.3.3 with slightly older Webmin version 1.480) and no longer use slapd.conf, but the newer slapd.d format.

It all works fine except for one thing. When I add a new user, it lets me type in the additional LDAP fields:

But when I click the Create button, all the fields get jumbled together in the Title/Position box with a diamond question mark delimiting the fields:

Modifying existing users (which have the Additional fields displaying correctly) also has the same result - it moves the fields all into the one Title/Position box with the diamond shapes with question marks inside between each entry. Is it a problem with my schema files? I tried reverting to the older shema files and slapd.conf and it still did the same thing on the new system. I am really at a loss.

Here is also the output of ldapsearch for that user (host and samba ids are sanitized):

Previously added users that show the fields properly have "description:" and then the field listed for each Additional LDAP field. Also shouldn't the "title" be visible in plain human readable text here? - it looks like it encrypted it somehow - similar to a password hash. The older system works fine and the fields are all readable and in their proper locations. But the new system just doesn't work right.

View 1 Replies View Related

Ubuntu Servers :: Prompt Root Password When Attempt To Manage Users And Groups Through The GUI

Mar 20, 2010

So i have a fresh install of the server edition of Karmic, i'm running the Xfce desktop. When I attempt to manage users and groups through the GUI, I am prompted for what I think is the root password, the reason I say this is because the account I am currently logged in has sudo privileges and it does not accept that password at all, but I read that by default the root account is 'locked,' (to be honest it was so long ago since I last installed Ubuntu I completely forgot if it is or isn't, my current desktop installation has su access) is it asking for the root password? why doesn't my current user account password work if the root account is 'locked'? I can perform all other administrative tasks with sudo no problem.

the funny thing is, I have the exact same setup in a virtual machine, the same problem happens, except for some strange reason after changing the password on the only account (besides root), the password required to administer users and groups stayed the same after the change. (at the time of installation I just put both the user and root password the same and now that it is setup), i'm now ready to change the passwords. except now I read that the root account is locked by default, but this strange problem occurs.

View 2 Replies View Related

Fedora Servers :: Add Newly Created Users To Supplementary Groups Automatically?

Jul 30, 2010

The question is, as far as I know Ubuntu distro adds a user created with useradd to supplementary groups automatically. For instance, I want to enable sudo for all newly created users on my LiveCD and want them to be added to the group 'wheel' on creation. I'm sure it is possible to do it in Fedora, but how?

View 10 Replies View Related

CentOS 5 Server :: Cannot Create Groups In Directory Server?

Feb 25, 2010

I have a centos 5.4 64-bit machine. I installed the directory server following those steps.
I then added some users using the Centos Management Consolecentos-idm-console -a http://localhost:3890 &

View 3 Replies View Related

Ubuntu :: 11.4 Users And Groups GUI?

Dec 20, 2010

I am logged in with the account i created with ubuntu back in 10.4 but i cant do anything with the users and groups management tool any idea's what might be wrong? It also doesnt ask to escalate provilages when i run it which i suspect is part of the issue.

View 2 Replies View Related

Ubuntu Servers :: Using Apt For Updating From A Local Directory And Samba Shared Directory

Jul 9, 2010

I want to update all the machines in the network from a central repository which is on my master server and whose archive directory is shared through samba.I searched in the man page of sources.list and found that there is an option for this but can't able to implement this. Can anybody kindly tell me the way to do the same.

View 1 Replies View Related

Ubuntu :: Kmail Won't Send To Groups?

May 12, 2010

Running 9.04 with Kmail 1.12.2 with KDE 4.3. Akonadi is activated. Everything works except I cannot email to a distribution list. Am using POP3 with SMPTE. Comes back with

p, li { white-space: pre-wrap; } Message sending failed since the following recipients were rejected by the server: test@steve-laptop (The server responded: "test@steve-laptop failed to route the address")

So I unchecked the default-domain inside my sending option for SMPTE and same thing.

Is there a manual switch or setting in kmailrc? I looked and didn't see anything. Doing the same thing on 3 different computers. Tried searching the net but couldn't find anything.

View 1 Replies View Related

Ubuntu :: Root Can't Run Users And Groups

Dec 30, 2010

I'm running 10.10 64-bit and have configured it for root graphical login for administration of the system. When I log in as root, I can run all menu items in System -> Administration with the exception of Users and Groups. When I try running this, the application starts, but I only get an animated spinning disk that doesn't stop, can't modify the users properties and I can't close the application unless I go to System -> Administration -> System Monitor -> Processes tab , highlight users-admin and click End Process.

View 6 Replies View Related

Ubuntu :: Remapping Keys With Key Groups?

Jul 20, 2011

I have a laptop which has no function keys (F1-F12), but does have a row of arbitrary keys at the top (volume control, multimedia, etc.). I've been able to remap these keys using xmodmap (e.g. 'keycode 000 = F1 NoSymbol F1'). However, this means that I lose the original function.Is there a way (using xmodmap or otherwise) to set these keys to produce a different keysym (e.g. XF86AudioRaiseVolume) only when the Super* key is pressed?* I would have preferred Fn, but it doesn't show up in xev so I'm guessing that's not possible.

View 2 Replies View Related

Server :: FTP Permissions For Several Groups?

Aug 1, 2010

I have a FTP server (vsftpd), and would like to setup different file permissions for different groups:

-"ftpusers" group should only be able to browse and download.

-"ftpadmins" group should be able to browse, download, AND WRITE (RNFR, RNTO, MKDIR....).

Let's say my main directory is /var/ftp/docs/. It should be accessible by "ftpusers" group, but only writeable by "ftpadmins" group. Other groups or users may not access it. Which permissions and ownership should I give? My problem is that the dir can't be owned by two groups...

View 2 Replies View Related

Ubuntu :: Users/Groups Now Showing After Import?

Feb 10, 2010

Imported users and groups (UIDs 500 and above) from Redhad to Ubuntu 9.10 by appending users to the passwd, shadow and group files. Users and groups appear to work, but they do not show in the Users/Groups GUI. Is that because they do not start at a UID 1000 and up? What are my options to make them visable?

View 4 Replies View Related

Ubuntu Multimedia :: What Is Storage Groups - Advantages?

Mar 21, 2010

I have installed mythbuntu and all is going well! A couple of questions.

1) What is a storage group and what advantage do they have ?

2) When I select "watch videos" it takes me to the next window which is called storage group. There is a question mark and is called storage...

I have attached picture.

View 1 Replies View Related

Ubuntu :: Create Users And Groups By Using CLI Tools?

May 7, 2010

How do you create users and groups by using CLI tools?

View 1 Replies View Related

Ubuntu :: Authentication Failure On Users And Groups

May 8, 2010

I upgraded from 8.04LTS to 10.04LTS desktop. I can do sudo as root at the terminal, but I can't pass authentication trying to add a user (System->Administration->Users and Groups).

Here is what I got: An error occurred while checking for authorizations: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. You may report this as a bug.

View 4 Replies View Related

Ubuntu :: Change ORDER Of Groups One Belongs To?

May 10, 2010

I'm currently using an NFS server to share data on our small business network. It works a bit faster than SAMBA, but I do have a problem. NFS takes group id from the first 16 groups a member belongs to when mounted - let's not get into how that doesn't make huge amount of sense

Since I assigned about 6 different groups to our users internally to control directory access, some internal groups do not pass when mounting the server's files (as ubuntu has at least 8 or so groups that are system dependent). Is there a way to change the ORDER of the groups a user belongs to? I see that what gets passed to NFS mount follows exactly the order given when I type "group" when logged in. The groups do not come in alphabetical order or group ID number. I did try changing the order of entries in /etc/group and that also doesn't do anything. Essentially they seem completely random.

View 1 Replies View Related

Ubuntu :: Users And Groups Authentication Fails

Jun 13, 2010

I recently tried installing a new version of VirtualBox PUEL version, after uninstalling an earlier version. But the major issue I have now is that I can no longer modify my User Settings. Clicking on the "Autnenticate" icon gets me a failure notice: "System policy prevents modifying the system configuration", with details reading "Action: org.freedesktop.systemtoolsbackends.set". Hovering over this link says to click on the link to edit the file, but nothing happens. Searching the file system tells me this file does not exist. Prior to this episode with VirtualBox, I had no trouble modifying Users and Groups. I was able to remove a group from the command line, but the cannot get the GUI authorization to work. I have searched the forums and bugs for similar problems, and, although there appear to be a number of similar issues, no where can I find any clear information on how this system is supposed to work, or what I need to do to correct the problem.

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved