Ubuntu Servers :: Setup Boxes For AD Authentication
Nov 4, 2010
To begin, this is the thread that I always use to set up my Ubuntu boxes for AD authentication:
[URL]
I've had this 10.04 server running for about three months with AD authentication running on it perfect. I have multiple Samba shares that authenticate from AD as well. For some reason, this week it decided to completely stop accepting any authentication from AD.
I checked all of my config files, they are all untouched. I have restarted the machine multiple times. I have unjoined and rejoined the domain on the Ubuntu server. I have no audit failures in my security logs on the domain controller.
Output of /var/log/auth.log whenever I try to log on via an AD user:
Code:
Nov 4 11:58:50 caribbean sshd[1869]: Invalid user justin from 10.3.17.12
Nov 4 11:58:50 caribbean sshd[1869]: Failed none for invalid user justin from 10.3.17.12 port 54738 ssh2
Nov 4 11:58:51 caribbean sshd[1869]: pam_winbind(sshd:auth): getting password
[Code].....
View 2 Replies
ADVERTISEMENT
Nov 18, 2010
I want to connect to the same machine that that I have OpenSSH server on which uses keys and I have disabled password-based logins (for ssh). Apparently, this also affects SFTP which makes sense. How do I setup SFTP to use key-based authentication?
View 5 Replies
View Related
Nov 7, 2010
What is the fastest setup to do this? All I want is an internally authenticated webmail server that other servers can send mail to for collection of test emails. Don't need LDAP or anything fancy, just a internal LAN only webmail server. I've got Squirrelmail setup on Ubuntu Server and can't get authentication setup with Squirrelmail and every tutorial I read is way over complicated or has nothing on how to authenticate Squirrelmail with internal, system users.
View 2 Replies
View Related
Mar 14, 2011
On Ubuntu server 10.10, with a relay smtp server with authentication via postfix; I keep getting 535: Incorrect authentication data. I'm sure my username and password is correct. Heres how I set up postfix: I created a file called smarthosts.conf in my /etc/postfix/ directory that contains the following:
[Code].....
my server uses plain text authentication on port 25. I would like to use security like SSL, but this particular server is unsecured.
View 9 Replies
View Related
Jun 25, 2011
I have been trying to setup IPSEC encryption between two linux boxes. I have a server application which runs on Linux Box A and a client application which runs on Linux Box B. The client sends the data to server. I have captured wireshark logs at both server and client end. In the wireshark logs I can see that the Box B send ESP packets to the Box A.
But the server Application running at Box A is is not able to get any packets. If I turn the policy off at Box B, Box B sends normal UDP data packets to Box A, but still the Server Application running at box A doesn't get any packets.( Expected behavior since policy at Box A enforces that all packets coming from Box B should be encrypted.)
If I turn the policy off at Box A and Box B both, the server application receives the unencrypted data which is also expected behavior. But when the policy is turned on at both the boxes the encrypted packets reach the Box A but are not delivered to the server application. If anyone has faced such issue please help me to debug this issue. I have attached the ifconfig and policy settings at Box A and Box B for your reference.
View 2 Replies
View Related
Feb 7, 2011
i am not able to set up a crossover connection between 2 CENTOS 5.5 boxes.
View 4 Replies
View Related
Feb 19, 2010
I've been trying to fix this problem for over a month, on irc chats and searching google for forum threads, all leading me in different directions all bringing me nowhere. In trying to connect from my Windows machine I get the following error:Quote: Windows cannot access \ubuntu
Check the spelling of the name. Otherwise, there might be a problem with your network. To try to identify and resolve the network problems, click Diagnose. Well, clicking "Diagnose" is a huge waste of time.I've paste binned by /etc/samba/smb.conf file and it can be found below -[URL]... Also, when I am on the Ubuntu machine attempting to browse the machines on the network and go to Places >> Network >> Windows Network I get the following error: Quote: Unable to mount location Failed to retreive share list from server
View 2 Replies
View Related
Jan 10, 2011
How much resources are needed to run a mail server with approximately 75 boxes?
View 2 Replies
View Related
Jun 1, 2009
I have fedora running as our email server at work using sendmail. It used to have spamassassin and MailScanner installed, but one of those died over the weekend and killed the mail server. We do not need either of these as we are using a web based spam filter now (postini), so I tried removing these. I have discovered that the mail is in the mqueue waiting for delivery to the users mailboxes. I have tried using "sendmail -q -v":
Code:
Running /var/spool/mqueue/n51Jx6Gg023820 (sequence 1 of 1174)
<abaughman@grandproductsinc.com>... Connecting to local...
<abaughman@grandproductsinc.com>... Deferred: local mailer (/usr/bin/procmail) exited with EX_TEMPFAIL
Running /var/spool/mqueue/n51JsuRe023619 (sequence 2 of 1174)
<ksullivan@grandproductsinc.com>... Connecting to local...
<ksullivan@grandproductsinc.com>... Deferred: local mailer (/usr/bin/procmail) exited with EX_TEMPFAIL .....
I do not have a procmail config file: /etc/procmailrc. I am not sure why, or what it should be, perhaps that is the problem. I guess I don't exactly know how this server runs all that well. I was able to get it up and running but never understood it enough to now find what is not working correctly.
View 1 Replies
View Related
Apr 28, 2009
I have recently set up a mail server running dovecot and everything is fine. However, I now want to retrieve the contents of 2 pop mail boxes and insert them into the IMAP structure under dovecot. I need to check for spam and sort them according to sender and recipient.
What is my best software option for retrieving the mail?
View 3 Replies
View Related
Mar 15, 2010
I have connected a Windows 7 pc to a Ubuntu pc using a crossover cable & TCPIP. This works fine - can ping both ways and can 'see' both icons however when I try to setup the printer in Ubuntu the task fails at a prompt fpr user name - workgroup - password prompt. It tells me I must give a password to connect to the Windows box. This setup has worked when using WinXP but fails now. I have used all passwords known to me but nada. Where in the world is the Authentication dialogue originated? I'm both new to linux commands and loosing the will to live!
View 2 Replies
View Related
May 7, 2010
After years with Linux and using ssh on a daily basis I have to admit I've never setup public/private key authentication and I've never run passwordless logon to ssh. It's not that I've never tried, I have - I've just never got it working. That to me is an almost alien concept as I am a tinkerer at heart and rarely stop until something is working the way I'd like it to. I get the principle of what's going on but I've always had a mental block about it.
View 3 Replies
View Related
Mar 14, 2010
I ended up setting up a basic linux file server as a pdc for that office. Our main office is a windows 2000 ads domain. The two offices are connected with a vpn. I only have two users at the new location so I simply have the linux and samba usernames/passwords setup manually. I would like to know if it is possible to setup a domain trust between the two sites so I don't have to create a username/password in the remote site for every user at the main office to access. I did some searching but came up empty.
View 5 Replies
View Related
May 22, 2010
I am using ubuntu 10.04. I want to set up authentication to mount hard disk and other removable devices.
View 5 Replies
View Related
Feb 1, 2011
I have two Linux machines, SVNServer and ProdServer. I would like to use RSA key authentication so that I can log into either one of them from the other. I have no problem setting up key authentication that goes ProdServer --> SVNServer. However when I follow the same process to setup keys to go from SVNServer to ProdServer I have trouble.
A summary of what I did:
$ ssh-keygen -t rsa (i accepted all defaults)
$ scp .ssh/id_rsa.pub lynchs@ProdServer:./tempkey
** on prodserver $cat tempkey >> .ssh/authorized_keys
$ ssh lynchs@ProdServer
No luck! It still prompts me for my password! Not sure if it is related but there is a third machine, again I can use key authentication to connect to SVNServer without a problem, but key authenication does not work when connecting to ProdServer.
View 7 Replies
View Related
Aug 18, 2010
I was trying to setup SSL Client authentication on only one virtual host. Here is a brief excerpt sample of my conf file for the virtual host:
<VirtualHost xx.xx.xx.xx:443>
SSLRequire %{SSL_CLIENT_S_DN_O} eq "something"
SSLVerifyClient require
SSLVerifyDepth 2
</VirtualHost>
But when I try to check for syntax errors tells me SSLRequire not allowed here I do not want to add SSLRequire on the main httpd.conf because I only want it for one virtual host. The rest of the virtual hosts do not need it.
View 2 Replies
View Related
Mar 8, 2011
setup user authentication server and internet accounting server like ISA and Active Directory in Windows?
View 4 Replies
View Related
Mar 29, 2010
My first post here. I've been using Ubuntu to run our internal mail server for a while now on Ubuntu server 9.04 and ISPconfig 2. I've read a lot of threads on poeple that have difficulty connecting to their server using SSH from outside the LAN and it is not the same problem I have. Well, not entirely the same.
My problem is that my authentication fails from outside the LAn, but I can connect to the SSH port from outside my LAN. The other threads pointed towards checking the router port forwarding etc, but I can see my SSH log in asking for my username and password. So, at this stage I know the port forwarding worked, otherwise I wouldn't even see the log in prompt.
Has anyone see this before where you can connect, but the authentication fails? I can use the correct username and password from inside the LAN, but using the same credentials from outside fails.
View 2 Replies
View Related
Jun 6, 2010
I try to install a server based on Ubuntu. It will provide many different services as SMTP, IMAP, Jabber, SVN(via Apache),maybe a groupware and some other web applications.I'm looking for a way of authenticating the same set of users (a user essentially has a username, a domain it is belonging to and some passwords) against all of the services.What is the most flexible and elegant way? I need a method which is not too bloated (mysql or ldap would be okay) and is easily applyable to all those services and all services which maybe will come later.
I've read some documentation about sasl, mysql-authentication, ldap-authentication, pam, cyrus, apache, ... and i'm somewhat confused now about the proper way.For now I suspect MySQL to be the best method for that, but i'm not sure about the flexibility for embedding it into all the services.
View 1 Replies
View Related
Mar 16, 2010
i am currently working in a windows server 2003 domain environment and i want to install and configure a ubuntu server 9.10 as a samba file server and i want to allow windows domain users to access the samba shares with windows authentication from the AD , so they can use their windows user names and passwords to access samba shares.i followed the wiki docs and configured kerb5.conf , smb.conf and winbind but i am unable to add the samba pc to the windows domain
View 9 Replies
View Related
Jun 18, 2010
I've just installed Ubuntu Server for the first time with the goal as setting it up as a proxy server for our Apple computers here since I can get neither ISA of OS X Server's firewall to play properly. So far I have the machine authenticating against our OS X OpenLDAP server and multiple NIC's setup ready to be connected to the outside world. My question is does anyone have a preference on what proxy I should be using? So far my search efforts seem to of turned up Squid Proxy as a favorite among Ubuntu users but I can't seem to work out how to get it authenticating against my OpenLDAP server.
View 5 Replies
View Related
Aug 23, 2010
I have set up an apache 2 server, but can't seem to get authentication to work properly. I have set up this in my apache2.conf:
Code:
<Directory /var/www>
AllowOverride AuthConfig
</Directory>
<Directory /var/www>
AuthType Basic
[Code]...
I have created the passwords file with htpasswd and defiantly have the right password for bob. However, when I try to log in the box just comes up over and over again and never authenticates. What am I doing wrong? I'm a newbie, so please bear with me if I've missed something really stupid.
View 4 Replies
View Related
Oct 30, 2010
I have set up a Ubuntu server to handle Dan's Guardian for protection of the children. I need next to set up a centralized file server and some kind of authentication method.
We are dual booting the computers just now since we need to use "Rosetta Stone" language software and they will not release a certain plugin for Linux according to our assigned help person. We also use pure Windows XP in some classrooms for now, and will do so until the school's children gets used to Ubuntu.
So, what is the best authentication method for a mixed environment? Where might I find a Ubuntu "howto" on the method?
What is the best way to set up a file server? Howto? Can the box running Dan's Guardian also be the authentication box and file server? (it is our newest box, only 2 years old and has a large hard drive)
View 4 Replies
View Related
Mar 16, 2011
i am taking another stab at this. The last time i attempted it, it seemed like everyone had a different way to do it, but nobody could give me an answer on how to do it...
I currently have a Domain Controller Running sme server and a domain controller, using ldap as a backend. I have two file servers runing ubuntu 10.04. My overall goal is to have it so when i create a username on the domain controller, it is then automatically copied over to the fileservers. This way everyone will have their own username and password to access the fileservers and ill be able to track what people do on the fileservers.
The next necessity is for me to be able to apply permissions to the folders on the fileserver based on the users that are created on the domain controller.
View 2 Replies
View Related
Aug 6, 2011
I am running a ubuntu server and want to host a web application (php/mysql based) however I dont want to use usernames and passwords for authentication. I'd like to use a client certificate. The military uses similar technology using the CAC card to provide the certificate for authentication.
not sure if this would be done using the apache modules or if php would be a better place to play with this
View 3 Replies
View Related
Aug 26, 2011
LDAP Authentication for Web Access I am trying to build a LDAP server to allow access to the wireless network in conjunction with Meraki wireless access points. I am using Ubuntu 10.10 and trying to install OpenLDAP from their documentation but I keep running into the error "configure: error: MozNSS not found - please specify the location to the NSPR and NSS header files in CPPFLAGS and the location to the NSPR and NSS libraries in LDFLAGS (if not in the system location)" I have OpenSSL installed but I also got these when I ran ./configure
checking openssl/ssl.h usability... no
checking openssl/ssl.h presence... no
checking for openssl/ssl.h... no
checking gnutls/gnutls.h usability... no
[code]....
View 1 Replies
View Related
Jan 29, 2010
I would like to configure Squid and DansGuardian that way, that it's a Proxy with Authentication via Website. That means: A new Notebook gets about DHCP the Network-Information like IP-Adress etc.. When he now tries to open a Internet connection it should check if he's authenticated and if not he should get (if this try is from a browser) a login screen in http. It should also not be possible to have internetconnection without being logged in. The clients are Windoze, Mac and Linux. My question now. What programms/deamons are there for doing this authentication. Would you decide for another Programm instead of Squid?
View 2 Replies
View Related
Feb 3, 2010
Just installed Alfresco 3.2 using the Canonical repo in Karmic. Unable to find proper guide to enable Active Directory authentication.
View 3 Replies
View Related
Apr 14, 2010
I would like to know whether ldap can be used to authenticate wireless clients with my server.server and clients are connected to a wireless router and i am able to get wireless adapter work in my ubuntu. Is there any anything extra which is required or the openldap server will work for wireless clients?
View 1 Replies
View Related
Jul 18, 2010
I have tomcat installed with port forwarding to http port 80. I configure ldap authentication for apache2(/var/www). But I could not configure tomcat for ldap authentication.
View 1 Replies
View Related
