(This was posted at the end of another thread, where it probably didn't belong, so reposting here)I have Active Directory set up on one machine (and I can't really adjust the settings very much) and Ubuntu Server 10.04, which I would like to use as a client.I followed the directions at https://help.ubuntu.com/community/LD...Authentication, but when I get to
Code: getent passwd I don't see anything from the LDAP, and ssh'ing into the box from an LDAP/AD username certainly doesn't work.
In addition, I've attempted to use Webmin's LDAP Configuration module to configure it. I can connect to the server and can browse it with the LDAP browser with my settings, but the Webmin package doesn't recognize the users (which are organized in one of four Organizational Units (OUs) within the OU that I have as my Search Base) as users,
I have configured squid with AD. It is working fine. Now I want to use dansguardian with squid for web filtering on group bases, what should I do. What configuration i have to do in squid for dansguardian and all my users in AD also authenticate with dansguardian and also how I use dansguardian.
I've been working on building an LTSP server for diskless booting. I have a tftp server that's booting the system. I followed the steps on [URL] .... to build the LTSP server.
I had to make one change from the guide. I have a cisco router that's acting as the DHCP, I'm not very familiar with Cisco IOS so instead of playing with that, I decided to modify the default file on the PXE.
I commented the kernel append line and added the following instead
I'm mounting the nfs as a rw file system for now. I'm planning to make it read only once I have it working the way I want. In addition to this, I also chroot into the LTSP root and installed lightdm + mate. As I understood what I read, this would boot the environment on the diskless system. All of this seem to work correctly.
What I need to do next is to find a way to setup the LTSP clients to log in by authenticating on the active directory. I understand that the login account used by the LTSP client has to exist on the LTSP server.
I have successfully added the LTSP server as a worksation within the windows domain and I can log into domain accounts from the LTSP server but domain credentials do not work when using an LTSP client, I can only log in if I use an account that exists on the LTSP server. I wanted to know if there is a way to accomplish AD authentication.
Do I have to build an LDAP server on the LTSP server, sync accounts with the Active Directory to be able to log in with AD credentials?
I followed these steps to add a client to my active directory domain, everything is working as expected except that when a username has whitespace it creates a directory in /home with whitespace and gconf fail to access his config dir in the user's home. KDE also fails to start but I don't know what's failing yet. I found that the easiest way to fix these issues is to replace whitespaces by underline in homepaths so I changed the pam_mkhomedir source to replace the whitespaces and save it using the usermod command. It should work but is not... the reason is that I can't change the user data using the usermod because domain users are not in /etc/passwd.
I have a very old Pentium 3 that don`t have USB or PS2 suport. I need to configure a serial mouse. I did it on debian etch editing xorg.conf. I chage the mouse protocol to "Microsoft" and it works normaly. But on squeeze it does not exist!
During the second OS (CentOS) setup, the shared SWAP partition was formatted and now I get the following under Debian: Code: # free total used free shared buffers cached Mem: 507524 251436 256088 0 11488 78332 -/+ buffers/cache: 161616 345908 Swap: 0 0 0 How to configure Squeeze to use again this SWAP partition?
Setup a DNS/DHCP/Directory server on Debian? I would like to configure the things in Debian so that can join Linux and Windows(if possible as m not sure yet) clients to the directory server. Any links to setup both Forward and Reverse lookup zone in the environment.
I want to use FTP client (for example ncftp) to connect in active mode. I have firewall (iptables) on my laptop and most of time I am behind rooter. With outgoing packets and with passive mode all is working fine.But some sites accept only active mode.I could open some port range in firewall and in rooter for active data packets, but I don't know how to solve security issues.So how should I correctly manage active ftp connection?
How can I set data port range when opening active connection with ncftp (or maybe another ftp client)?How can I limit that incoming connections to that ports range is accepted only by ncftp or else dropped?
I set up rsyslog for the first time on my sole Linux server (Debian Lenny), and I am using one PC to test it over the next few days. I currently have the Windows syslog daemon disabled so only the client is active.Before I recommend using it to collect logs from our production servers, has anyone heard of or had any problems with Syslog for Windows (URL...) running on XP/2003/etc? From what I've read is that since it sends the data over the network using UDP instead of TCP or an NFS mount, there should be no potential for problems.
I am trying to follow this tutorial below so that I can get Text to the right of icons on the GNOME desktop. [URL] Everything so far has worked fine, except when I get to step 3 where I compile Nautilus. When I try to run the command ./configure --prefix=/usr It tells me bash: ./configure: No such file or directory
I found a tool made for Ubuntu called Xautoclick. I downloaded it and it is called "xautoclick-0.30.tar.gz" The installation notes say "tallatBe sure you have the proper development packages for your distribution installed (i.e. something like xserver-xorg-dev, gtk2-dev, et cetera). After that, run:
./configure make sudo make install" I have no clue what to do... I typed in "./configure" in the terminal and it says "bash: ./configure: No such file or directory?
I've been trying to find a single set of instructions that define how to configure Fedora 12 to authenticate using Active directory without 100 steps (plus or minus) but difficult at best. I have about 12 Fedora 12 servers running as stand alone servers in a Windows 2003 network.
Can someone point me to a great set of instructions that can easily be replicated across multiple servers and a few workstations?
I have set my Ubuntu 10.04 box with our Windows domain. I can see from "net ads info" that I am on the domain. I can also get the password and group info with getent.So far so good. But I have tried to configure pam basically by following this guide:http://www.ccs.neu.edu/home/battista...nbind/pam.html
Yet when I try to su or login as an AD user I just get and immediate "Unknown id: <userid>".I have had a look at /var/log/auth.log and there are no errors there.Can anyone provide some tips on debugging the pam configuration?
I'm actually a software developer, develop exclusively on Linux, and do know how to go about taking care of a Linux distro, so don't start telling me that 'sudo' isn't a sushi roll...
Question... I want to implement an Active Directory like authentication in a Linux-only environment. My office has approximately 15-25 local desktop PCs all running Ubuntu 10+ and one Ftp & SVN server running Ubuntu 10+.
Each developer has his/her own personal local account on his PC, and the shared PCs have different, local accounts for those developers. The FTP server has ONE (!!) account that everybody uses to access it, as does SVN.
The big picture is that I would like to install & configure a VPN server for remote developers. Before doing that, I'd like to find a way to unify the users across the network so that there exists only one UserX in the network.
I have AD DS installed on Windows Server 2008 R2. Also, I've got SLES 10.3 as NFSv4 server, which will allow remote users to mount their /home partitions. What I need, is NFSv4 w/Kerberos. As AD server already has integrated Kerberos server, I need SLES to authenticate in it.Everything works good, but when it comes to svcgssd service activation, I receive an error.Here's the log:
/usr/sbin/rpc.svcgssd -f ERROR: GSS-API: error in gss_acquire_cred(): Miscellaneous failure - No principal in keytab matches desired name
My boss has commissioned me with creating a new file server to replace a M$ server that is installed now. We want to go with Linux for many reasons, but one big thing we want to be able to do is still manage permissions using M$ type permissions from our XP desktop's rather than unix style permissions. How would this be accomplished on a CentOS box?
I have a freshly installed CentOS 5.4 box which I'm trying to get AD authentication working on. I have AD authentication via kerberos working for SSH, but when I try and have it work for SMB shares I'm getting an access denied error. What's even more odd is that when I tell pam to use winbind to authenticate SSH...it works just fine. Wbinfo -a username%password authenticates fine and getent passwd and group enumerates the AD users and groups ok. My smbd.log was throwing the following error "Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE" but has since stopped for some reason, but googling this indicated I needed re-join the machine to the domain, which I have.
I have tried using likewise but I came across this yesterday. When you install Likewise only on a Linux, Unix, or Mac computer and not on Active Directory, you cannot associate a Likewise cell with an organizational unit, and thus you have no way to define a home directory shell in Active Directory for users who log on the computer with their domain credentials. I am trying to pull attributes from acitve directory.. namely the homeDirectory