Re: [SOLVED] Samba+Kerberos inside LXC container...

I've found a decent workaround for this issue. I set a public IP for the container and put it in the DNS with hostname "samba". Et voilà: $ smbclient //samba/dati -k WARNING: The option -k|--kerberos is deprecated! Try "help" to get a list of possible commands. s

Re: Samba+Kerberos inside LXC container...

On 23.09.23 18:54, nimrod wrote: The syntax is no problem, it works like a charm with another server, which is not in a container, just a vmWare virtual machine. I don't think that samba and kerberos behave differnt in a lxc container. Both is not kernel related. But as I said, I coul

Re: Samba+Kerberos inside LXC container...

(functional level 2016). > > > No really help, I have no AD here. > > $ smbclient -k //dl560/dati > > WARNING: The option -k|--kerberos is deprecated! The syntax is no problem, it works like a charm with another server, which is not in a container, just a vmWare virtual

Re: Samba+Kerberos inside LXC container...

: The option -k|--kerberos is deprecated! Please read the smbclient man page regarding the --use-kerberos parameter. dns names here means the FQDN of the target host. Bet regards Ulf

Re: Samba+Kerberos inside LXC container...

> $ smbclient //dl560/dati -U someuser -W BNCRM > > and issuing the right credentials when prompted. > > What I cannot absolutely get working is access the same share with > Kerberos: > > $ smbclient -k //dl560/dati > > The above command is run as an authenticated user,

Samba+Kerberos inside LXC container...

in user without any problem.  I can also access the share with a command like: $ smbclient //dl560/dati -U someuser -W BNCRM and issuing the right credentials when prompted. What I cannot absolutely get working is access the same share with Kerberos: $ smbclient -k //dl560/dati The above comma

Re: Help Understanding Samba/ssh/LDAP/sssd/Kerberos/File Sharing?

2) the winbindd method - still supported, but perhaps on the road to > deprecation in favor of sssd > 3) the "modern" sssd method > (Kerberos also seems to be a method, but that may be wrapped up in one or > the other above methods.) > > It is my (possibly incor

Re: Help Understanding Samba/ssh/LDAP/sssd/Kerberos/File Sharing?

On Thu, Feb 18, 2021, 9:03 PM Nicholas Geovanis wrote: > On Thu, Feb 18, 2021, 8:11 PM Kent West wrote: > >> Ultimate goal: >> 1. Allow Windows/Mac users to map drives to Debian fileshares. >> 2. Allow Windows/Mac users to ssh into same Debian box. >> >> .. >> > My experience is that any m

Re: Help Understanding Samba/ssh/LDAP/sssd/Kerberos/File Sharing?

2) the winbindd method - still supported, but perhaps on the road to > deprecation in favor of sssd > 3) the "modern" sssd method > (Kerberos also seems to be a method, but that may be wrapped up in one or > the other above methods.) > > It is my (possibly incorrect) unders

Help Understanding Samba/ssh/LDAP/sssd/Kerberos/File Sharing?

uot;modern" sssd method (Kerberos also seems to be a method, but that may be wrapped up in one or the other above methods.) It is my (possibly incorrect) understanding that the sssd method does not yet provide Samba filesharing capabilities, making winbindd the preferred choice. I have found

Re: NFSv4 without Kerberos and permissions

On 10/19/2017 8:31 PM, John Ratliff wrote: On 10/16/2017 3:35 PM, Christian Seiler wrote: On 10/16/2017 07:57 PM, John Ratliff wrote: On 10/15/2017 3:38 AM, Christian Seiler wrote: Furthermore, the MANAGED_GIDS setting is only for NFSv2/3 and only for supplementary groups, not the primary grou

Re: NFSv4 without Kerberos and permissions

On 10/16/2017 3:35 PM, Christian Seiler wrote: On 10/16/2017 07:57 PM, John Ratliff wrote: On 10/15/2017 3:38 AM, Christian Seiler wrote: Furthermore, the MANAGED_GIDS setting is only for NFSv2/3 and only for supplementary groups, not the primary group. It is not a security setting, it really i

Re: NFSv4 without Kerberos and permissions

ants >> to: they can just read out the user ID of the file and send that >> to the server together with the read/write request. Only the root >> user is a bit more protected due to root_squash, and you can make >> the entire export read-only - but that's it when it c

Re: NFSv4 without Kerberos and permissions

exist. Therefore, permission denied. Then you are not idmapping correctly. NFSv4 has two modes of operation when it comes to users: 1) Use raw UIDs/GIDs like NFSv2/3 did. This is available since Linux 3.2 or 3.5 (I don't remember which) and only possible if sec=sys (i.e. no Ker

Re: NFSv4 without Kerberos and permissions

ssion denied. Then you are not idmapping correctly. NFSv4 has two modes of operation when it comes to users: 1) Use raw UIDs/GIDs like NFSv2/3 did. This is available since Linux 3.2 or 3.5 (I don't remember which) and only possible if sec=sys (i.e. no Kerberos) is used. In that case

Re: NFSv4 without Kerberos and permissions

On 10/14/2017 3:39 PM, Elena evlt wrote: perhaps value defaults of nfs in ubuntu and debian are different  and perhaps nfs versions are different and any of these paremeters aren't recognized in the host client. 2017-10-14 21:28 GMT+02:00 John Ratliff >: I rec

Re: NFSv4 without Kerberos and permissions

perhaps value defaults of nfs in ubuntu and debian are different and perhaps nfs versions are different and any of these paremeters aren't recognized in the host client. 2017-10-14 21:28 GMT+02:00 John Ratliff : > I recently set up an NFS v4 server on debian stretch. If I use a debian > client t

NFSv4 without Kerberos and permissions

I recently set up an NFS v4 server on debian stretch. If I use a debian client to mount the share, everything works fine. However, if I use a CentOS or a Ubuntu client, the permissions don't work. I have synchronized the group ids manually, and that's the only permissions I'm interested in.

Kerberos boot error - no log file

Anyone knows where this kerberos detailed log might be. I can't find it. Failed to start Kerberos 5 Key Distribution Center. See 'systemctl status krb5-kdc.service' for details. I found this on the boot.log And the following somewhere else: Mar 8 11:04:35 G0 systemd[1]: Star

Re: Kerberos-secured NFSv4: nss_getpwnam: name '8' does not map into domain

annoying issue with my new Kerberos-secured NFSv4 setup. Sometimes when Exim4 writes to the mounted NFS share, it fails to set owner and permissions on the written file. Exim4 runs as local user Debian-exim:Debian-exim but tries to set owner of created files on the NFS share to 'mail:mail&#

Re: Kerberos-secured NFSv4: nss_getpwnam: name '8' does not map into domain

Hi there, On 07/10/2015 01:02 PM, Jonas Meurer wrote: > Am 2015-07-08 15:34, schrieb Jonas Meurer: >> I've another annoying issue with my new Kerberos-secured NFSv4 setup. >> Sometimes when Exim4 writes to the mounted NFS share, it fails to set >> owner and permissions

Re: Kerberos-secured NFSv4: nss_getpwnam: name '8' does not map into domain

Hi, Am 2015-07-08 15:34, schrieb Jonas Meurer: I've another annoying issue with my new Kerberos-secured NFSv4 setup. Sometimes when Exim4 writes to the mounted NFS share, it fails to set owner and permissions on the written file. Exim4 runs as local user Debian-exim:Debian-exim but tries t

Re: Kerberos-secured NFSv4: nss_getpwnam: name '8' does not map into domain

I haven't tried anything, just some thought. Maybe it uses '8' as a name instead of uid. On Wed, Jul 8, 2015 at 9:34 AM, Jonas Meurer wrote: > Hi again, > > I've another annoying issue with my new Kerberos-secured NFSv4 setup. > Sometimes when Exim4 writes to th

Kerberos-secured NFSv4: nss_getpwnam: name '8' does not map into domain

Hi again, I've another annoying issue with my new Kerberos-secured NFSv4 setup. Sometimes when Exim4 writes to the mounted NFS share, it fails to set owner and permissions on the written file. Exim4 runs as local user Debian-exim:Debian-exim but tries to set owner of created files on th

Re: write permissions on Kerberos secured NFS share

On 06/28/2015 11:31 PM, Jonas Meurer wrote: > Am 28.06.2015 um 20:30 schrieb Christian Seiler: >> Also, I just noticed that your principal name was mail/nfs-client. >> Did you set up idmapping on the server correctly for that to work? > > Yes, I fiddled around with static mapping. But now that I r

Re: write permissions on Kerberos secured NFS share

mail/test.txt" mail >>> test >>> root@clt# su -s /bin/sh -c "touch /var/vmail/test" mail >>> touch: cannot touch ‘/var/vmail/test’: Permission denied >>> >>> The Kerberos ticket for local user 'mail' is managed by k5start: >>

Re: write permissions on Kerberos secured NFS share

‘/var/vmail/test’: Permission denied >> >> The Kerberos ticket for local user 'mail' is managed by k5start: >> >> clt# ps -ef |grep k5start | grep mail >> root 8965 1 0 16:04 ? 00:00:00 /usr/bin/k5start -u \ >> mail/nfs-client -o mail -p /var/

Re: write permissions on Kerberos secured NFS share

On 06/28/2015 07:51 PM, Jonas Meurer wrote: > root@clt# su -s /bin/sh -c "cat /var/vmail/test.txt" mail > test > root@clt# su -s /bin/sh -c "touch /var/vmail/test" mail > touch: cannot touch ‘/var/vmail/test’: Permission denied > > The Kerberos ticket for l

write permissions on Kerberos secured NFS share

Hi, I'm struggling with getting the permissions on an NFS share right. Mounting the NFS share on my client works. Read/write access as user 'root' works, and read access as user 'mail' works as well after I successfully authenticated at the Kerberos server as that user &#

Re: NFSv4+Kerberos shares and ownership (root:root)

Hi again, Am 08.06.2015 um 00:10 schrieb Jonas Meurer: > I'm trying to setup a new NFSv4 server with Kerberos as authentication. > The shares are exported as expected and I'm able to mount them using > krb5i authentication on the NFS clients. > > My problem is ownership

NFSv4+Kerberos shares and ownership (root:root)

Hello, I'm trying to setup a new NFSv4 server with Kerberos as authentication. The shares are exported as expected and I'm able to mount them using krb5i authentication on the NFS clients. My problem is ownership and permission management on the exported shares. I need the shares

kscreensaver and kerberos, strange behaviour

Hi, I have kerberos authentication on my debian (through lib_pamkrb5). Upon login (through kdm), my tickets are in /tmp/krb5cc__ and KRB5CCNAME is setup accordingly (that's the documented behaviour of libpam-krb5). However, sometimes (but not always), when I unlock my kde session (l

Re: error when configuring the Kerberos NFSv4 on Debian 6.0.3 (in testing no error)

Arno Schuring писал(а) в своём письме Wed, 16 Nov 2011 23:34:50 +0400: Kramarenko A. Maksim (mc@k-max.name on 2011-11-15 09:51 +0400): Arno Schuring писал(а) в своём письме Tue, 15 Nov 2011 03:30:54 +0400: [..] Nov 15 00:06:32 debian rpc.gssd[1730]: Success getting keytab entry for 'n

Re: error when configuring the Kerberos NFSv4 on Debian 6.0.3 (in testing no error)

quot; with Kreberos. > >> The second week I can not properly configure the server NFSv4 and > >> domain on Win 2k8 R2 via kerberos. Kinit command, etc. work > >> properly and get tickets from the KDC: > > > >> = > >

Re: error when configuring the Kerberos NFSv4 on Debian 6.0.3 (in testing no error)

Arno Schuring писал(а) в своём письме Tue, 15 Nov 2011 03:30:54 +0400: Kramarenko A. Maksim (mc@k-max.name on 2011-11-14 13:02 +0400): Hello, All! Tired of "fighting" with Kreberos. The second week I can not properly configure the server NFSv4 and domain on Win 2k8 R2 vi

Re: error when configuring the Kerberos NFSv4 on Debian 6.0.3 (in testing no error)

Kramarenko A. Maksim (mc@k-max.name on 2011-11-14 13:02 +0400): > Hello, All! > Tired of "fighting" with Kreberos. > The second week I can not properly configure the server NFSv4 and > domain on Win 2k8 R2 via kerberos. Kinit command, etc. work properly > and

error when configuring the Kerberos NFSv4 on Debian 6.0.3 (in testing no error)

Hello, All! Tired of "fighting" with Kreberos. The second week I can not properly configure the server NFSv4 and domain on Win 2k8 R2 via kerberos. Kinit command, etc. work properly and get tickets from the KDC: = ARCHIV ~ # kinit -k -t /etc/krb5.

libpam-mount and kerberos CIFS mounts

fine. If I try to activate kerberos mounts with sec=krb5 I get the error message „pam_mount(mount.c:73): mount error(126): Required key not available”. If I mount the CIFS share from a shell using /etc/fstab kerberos mounts are working. Is it impossible to access the kerberos ticket within the

Re (2): Kerberos conundrum in CUPS.

From: David Sastre Date: Mon, 23 May 2011 21:14:19 +0200 > FWIW, kerberos packages are named krb5* (apt-cache search krb5) Right oh. Thanks! peter@joule:~$ dpkg -l 'libkrb5*' Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/tr

Re: Kerberos conundrum in CUPS.

n the Web interface would get a dialogue window. After authentication > as root, the task could be completed. > > Now such an attempt gets this message. > "401 Unauthorized > > Enter your username and password or the root username and > password to access this page. If you

Kerberos conundrum in CUPS.

eted. Now such an attempt gets this message. "401 Unauthorized Enter your username and password or the root username and password to access this page. If you are using Kerberos authentication, make sure you have a valid Kerberos ticket." Given the absence of any dialogue for authent

Re: MIT Kerberos won't start at boot.

Le vendredi 30 janvier 2009 à 08:22 +0100, Louis Opter a écrit : > Hello, > > I have installed MIT Kerberos in conjunction with OpenLDAP and OpenAFS > on Debian Etch 'n half with this excellent howto : > http://techpubs.spinlocksolutions.com/dklar/kerberos.html > > B

MIT Kerberos won't start at boot.

Hello, I have installed MIT Kerberos in conjunction with OpenLDAP and OpenAFS on Debian Etch 'n half with this excellent howto : http://techpubs.spinlocksolutions.com/dklar/kerberos.html But Kerberos won't start at boot : Jan 30 07:39:47 coconutcrab krb5kdc[2417](info): setting

Help on kerberos passwordless login in ssh service

Hello list, My OS is Debian 4.0. I install 3 server, 1 is kerberos server(krb), 1 is ssh client(sshc) and 1 is ssh server(sshs). My kerberos server installed krb5-admin-server and krb5-kdc. I has add a principal root and host/krbsshs.hz.vobile in kerberos server. For ssh client and ssh server, I

Re: Kerberos with LDAP backend / Replace active directory

let me know Found one thanx, also found a doc (in portugese which I don't speak or read but managed to copy and paste). So I now have it all working from a Linux point of view. > > Yea I'm not actually sure why we need kerberos, but my boss seems to > > think we do... >

Re: Kerberos with LDAP backend / Replace active directory

On Tue, 14 Oct 2008, Clifford W. Hansen wrote: I take it I will need to get a Krb5 schema file for ldap? Yes, and iirc, one comes with Heimdal package (likely in /usr/share/doc) if you can't find one, let me know Yea I'm not actually sure why we need kerberos, but my boss seems t

Re: Kerberos with LDAP backend / Replace active directory

main - so the combination worked > fine for me... If you rely on anything beyond NT4 domain, you'll need > samba4 (in experimental) I take it I will need to get a Krb5 schema file for ldap? Yea I'm not actually sure why we need kerberos, but my boss seems to think we do... -- Than

Re: Kerberos with LDAP backend / Replace active directory

On Saturday 11 October 2008 16:30:21 Damon L. Chesser wrote: > On Fri, 2008-10-10 at 22:10 +0200, Clifford W. Hansen wrote: > > I'm looking to setup Kerberos with an LDAP backend, I have found a couple > > of howtos and nothing seems to be complete. > > > > Has any

Re: Kerberos with LDAP backend / Replace active directory

On Fri, 2008-10-10 at 22:10 +0200, Clifford W. Hansen wrote: > I'm looking to setup Kerberos with an LDAP backend, I have found a couple of > howtos and nothing seems to be complete. > > Has anybody set this up before and have documentation on how to replicate it. > > Ba

Re: Kerberos with LDAP backend / Replace active directory

On Fri, 10 Oct 2008, Clifford W. Hansen wrote: Has anybody set this up before and have documentation on how to replicate it. I had an existing LDAP setup for Linux/AIX/Samba - and it was trivial to get Heimdal-kdc up and running using the existing LDAP database, just had to add the requisite

Kerberos with LDAP backend / Replace active directory

I'm looking to setup Kerberos with an LDAP backend, I have found a couple of howtos and nothing seems to be complete. Has anybody set this up before and have documentation on how to replicate it. Basically what I am doing is trying to replace our Active Directory, with a samba d

Re: Heimdal Kerberos XDM and Login

have libpam-heimdal and have setup PAM correctly, everything should work. And indeed they do work just fine, thank you ... I'm using Heimdal at work & home with Kerberos pwd for most all authentication. -- Rick Nelson RFC 882 put the dot in .com, not Sun Microsystems

Re: Heimdal Kerberos XDM and Login

On Sat, Oct 4, 2008 at 9:31 PM, Jason C. Wells <[EMAIL PROTECTED]> wrote: > Does anyone know of a package for kerberized login and XDM, preferably > heimdal? I wasn't able to scare one up. > > Regards, > Jason C. Wells > (who has Debian on the desktop for the first time after many years with > Fre

Heimdal Kerberos XDM and Login

Does anyone know of a package for kerberized login and XDM, preferably heimdal? I wasn't able to scare one up. Regards, Jason C. Wells (who has Debian on the desktop for the first time after many years with FreeBSD) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscri

kerberos & ssh error message

Hello folks, system: etch64 ssh -vvv -o PreferredAuthentications=gssapi-with-mic [EMAIL PROTECTED] debug3: preferred gssapi-with-mic debug3: authmethod_lookup gssapi-with-mic debug3: remaining preferred: debug2: Unrecognized authentication method name: gssapi-with-mic debug1: No more authentica

suggestions needed: multiple nis, ldap, kerberos

hello folks, i am looking for suggestions on how to efficiently migrate multiple nis+autofs to be managed by ldap+kerberos. i have about 8 or more nis domains that i would like to consolidate. i would use ldap to hold the user list. there would a equivalent kerberos realm for each nis domain

openldap, kerberos, ssh

hello folks, i am trying to migrate from NIS setup to a ldap setup to achieve the following. a) LDAP server holds multiple NIS domain user information, nfs automount information associated with the nis domains. b) the user authentication via ssh is done against a kerberos server to provide one

openldap, kerberos, ssh

hello folks, i am trying to migrate from NIS setup to a ldap setup to achieve the following. a) LDAP server holds multiple NIS domain user information, nfs automount information associated with the nis domains. b) the user authentication via ssh is done against a kerberos server to provide one

openldap, kerberos, ssh

hello folks, i am trying to migrate from NIS setup to a ldap setup to achieve the following. a) LDAP server holds multiple NIS domain user information, nfs automount information associated with the nis domains. b) the user authentication via ssh is done against a kerberos server to provide one

Re: heimdal kerberos on debian?

compile it). Otherwise it runs fine with debian. Little trickier is to build smbk5pwd overlay on debian if you really need it. 2007/5/23, Martin Marcher <[EMAIL PROTECTED]>: Hello, does anyone have a link to a howto for heimdal kerberos (even basic)? i couldn't find anything for deb

heimdal kerberos on debian?

Hello, does anyone have a link to a howto for heimdal kerberos (even basic)? i couldn't find anything for debian+heimdal(+openldap - heimdal can store it's data in ldap). I found this: http://www.openinput.com/auth-howto/index.html which seems to be somewhat the reference of heimda

Re: kerberos on debian?

> Can anyone give me any reference, tutorial, manual or > hint about using kerberos on debian? there is a boatload of stuff on MIT's web sites: http://web.mit.edu/Kerberos/ http://stuff.mit.edu/afs/sipb.mit.edu/project/debian-athena/www/ -- Matt Zagrabelny - [EMAIL PROTECTED] - (21

kerberos on debian?

Hi, I want to handle users that login to several debian systems in my office, I want to manage the logins into a single system. Additionally, to know when the user login and how long they use their account when they login. I heard that kerberos can do such thing but I don't have any referenc

LDAP, Kerberos trouble

Hello, I'm setting up a central user directory with LDAP, password are in a kerberos database. It looks like everything works. However, it just doesn't work. If I remove LDAP and just get passwords from kerberos I can login just fine. Things go weird (in my opinion, no doubt

OpenAFS, Kerberos setup for Debian Sarge

Does anyone know of any documentation for setting up OpenAFS and Kerberos for Debian Sarge. We have roughly 100 Linux and Windows clients that use NFS and Samba to access roughly 10 file servers. The idea behind considering OpenAFS is to create a common file storage area our Linux and Windows

Re: Kerberos acl permission

On Thu, Dec 01, 2005 at 02:00:49PM -0800, Curtis Vaughan wrote: > Trying to set up keberos5 on a Debian Sarge server. As a note I am going > by the instructions provided by a Linux Journal article, which may be > found at: http://www.linuxjournal.com/article/7336 > > Regardless, setting it up ha

Kerberos acl permission

Trying to set up keberos5 on a Debian Sarge server. As a note I am going by the instructions provided by a Linux Journal article, which may be found at: http://www.linuxjournal.com/article/7336 Regardless, setting it up has been otherwise easy. But now I'm at the part where I want to add other

Re: Kerberos+LDAP+NIS?

I > know for sure that the uid is stored there but other stuff needed for > a working login on linux isnt there, like default shell. > I think that if I can set a default shell on login I guess I could use > LDAP/kerberos + automount and get the same result that I currently get > with NI

Re: Kerberos+LDAP+NIS?

login on linux isnt there, like default shell. I think that if I can set a default shell on login I guess I could use LDAP/kerberos + automount and get the same result that I currently get with NIS/Kerberos. All the users are on the same nfs export I think, so it wont require that much automount magic

Re: Kerberos+LDAP+NIS?

On Wednesday 20 July 2005 02:41 pm, Nils Erik Svangård wrote: > I cant! I dont have the authority to do that. > I have setup NIS which authenticate via the Kerberos server. I guess > it would be easiest to just add a group in NIS but LDAP is the future > and there is such nice GUIs.

Re: Kerberos+LDAP+NIS?

I cant! I dont have the authority to do that. I have setup NIS which authenticate via the Kerberos server. I guess it would be easiest to just add a group in NIS but LDAP is the future and there is such nice GUIs. Where do I prelogin scripting? Lets say a user enter a username and a password

Re: Kerberos+LDAP+NIS?

Nils Erik Svangård wrote: Hello! I recently got my debian box to authenticate user logins with kerberos! Now I have created a group in LDAP and I want that only users who is members of that group are allowed to login. The problem is that no information of shell or home directory is stored on

Kerberos+LDAP+NIS?

Hello! I recently got my debian box to authenticate user logins with kerberos! Now I have created a group in LDAP and I want that only users who is members of that group are allowed to login. The problem is that no information of shell or home directory is stored on the LDAP server, so I thougt

Re: LDAP with Kerberos authentification

On Thursday 30 June 2005 06:09 am, Eugen Wintersberger wrote: > Hi there > I have a problem with slapd using Kerberos V (GSSAPI) authentification > on Debian 3.1 Sarge. The Kerberos configuration seems to be ok since > cyrus imap daemon uses it without any problems. > >

LDAP with Kerberos authentification

Hi there I have a problem with slapd using Kerberos V (GSSAPI) authentification on Debian 3.1 Sarge. The Kerberos configuration seems to be ok since cyrus imap daemon uses it without any problems. I also added the appropriate principals to my Kerberos database and to the krb5.keytab file

Re: ldap, kerberos and ssh-krb5

return the UsePAM setting to yes. I found it in a thread that included this message: http://mailman.mit.edu/pipermail/kerberos/2004-October/006616.html Yahoo! Mail Stay connected, organized, and protected. Take the tour: http://tour.mail.yahoo.com/mailtour.html -- To UNSUBSCRIBE

Re: ldap, kerberos and ssh-krb5

Thanks to Mark for the debug hint. I did the debug thing for two users, one local to both client and server, and one in ldap. For the local user a few lines from the logs look like: Authorized to test1, krb5 principal [EMAIL PROTECTED] (krb5_kuserok) debug3: PAM: do_pam_account pam_acct_mgmt = 0

Re: ldap, kerberos and ssh-krb5

David Parutki wrote: I have a working installation with account information in ldap, workstations accessing account information via libnss-ldap and nscd. Further, a kerberos kdc with principals matcing users in ldap. All machines have a krb5.keytab. Home directories are currently served via nfs

ldap, kerberos and ssh-krb5

I have a working installation with account information in ldap, workstations accessing account information via libnss-ldap and nscd. Further, a kerberos kdc with principals matcing users in ldap. All machines have a krb5.keytab. Home directories are currently served via nfs from one server to the

Kerberos-authentication in Evolution

Hi, Up until a few days ago, I was happily using Kerberos 4 in Evolution to authenticate against a Cyrus IMAP server. Then it suddenly stopped working. Initially, I assumed that something had changed in the server configuration, but then I found this: http://bugs.debian.org/cgi-bin

Re: LDAP + Kerberos = Bloody Nightmare!

On Wed, 2004-12-22 at 22:27 -0800, Don Werve wrote: > I'm setting up an authentication system backended by OpenLDAP and > Kerberos, and want to stick with as much in the way of Debian-packaged > software as possible. Getting LDAP and Kerberos to work hasn't been > difficul

LDAP + Kerberos = Bloody Nightmare!

I'm setting up an authentication system backended by OpenLDAP and Kerberos, and want to stick with as much in the way of Debian-packaged software as possible. Getting LDAP and Kerberos to work hasn't been difficult, but getting LDAP to authenticate against Kerberos has proven to

LDAP + Kerberos = Bloody Nightmare!

I'm setting up an authentication system backended by OpenLDAP and Kerberos, and want to stick with as much in the way of Debian-packaged software as possible. Getting LDAP and Kerberos to work hasn't been difficult, but getting LDAP to authenticate against Kerberos has proven to

Testing + Kerberos

Hi! I've a problem I can't resolve for a few day, I installed a Debian Testing on it Mit Kerberos: ii krb5-admin-ser 1.3.3-2 Mit Kerberos master server (kadmind) ii krb5-config1.6Configuration files for Kerberos Version 5 ii krb5-doc 1.3.3-2Doc

Re: Kerberos problem!

On each host type hostname --fqdn and make sure that matches what Kerberos thinks the hostname is. I bet this is your problem. Also, drop the enctype related parameters from /etc/krb5.conf although not /etc/krb5kdc/kdc.conf. This isn't actually a problem, but the enctype stuff is not need

Re: Kerberos problem!

Beck Zoltan Gyula <[EMAIL PROTECTED]> writes: > I'm trying to configure a kerberos server, I read the documentation and > followed the instructions, but something is wrong I think. Make sure you've checked the usual things, in particular that the clocks on all of your ma

Kerberos problem!

Hi list members! I'm trying to configure a kerberos server, I read the documentation and followed the instructions, but something is wrong I think. I have two debian sarge linux nodes on intranet (10.0.0.0/24) with hostnames ha1.aitia and ha2.aitia. Teh kdc and the krb-admin server is th

Kerberos problem!

Hi list members! I'm trying to configure a kerberos server, I read the documentation and followed the instructions, but something is wrong I think. I have two debian sarge linux nodes on intranet (10.0.0.0/24) with hostnames ha1.aitia and ha2.aitia. Teh kdc and the krb-admin server is th

Re: User Mangment: LDAP, AFS, Kerberos

Ken McCord <[EMAIL PROTECTED]> wrote: > Turbo Fredriksson has a good write-up at > http://www.bayour.com/LDAPv3-HOWTO.html regarding Kerberos and > OpenLDAP. I'm working on a similiar project attempting to integrate > OpenLDAP, Kerberos and OpenAFS. IBM Germany has a

Re: User Mangment: LDAP, AFS, Kerberos

Turbo Fredriksson has a good write-up at http://www.bayour.com/LDAPv3-HOWTO.html regarding Kerberos and OpenLDAP. I'm working on a similiar project attempting to integrate OpenLDAP, Kerberos and OpenAFS. IBM Germany has an interesting project/product as well. Here's a pdf link to

Re: User Mangment: LDAP, AFS, Kerberos

Excellent comments by David. Just to add a few things... On Fri, 01 Aug 2003 11:26:21 -0400 David Z Maze <[EMAIL PROTECTED]> wrote: > Raffaele Sandrini <[EMAIL PROTECTED]> writes: > > > I am not sure if it is possible for this three compnents (AFS,LDAP > > and Ke

Re: User Mangment: LDAP, AFS, Kerberos

than one user database (LDAP and AFS (kerberos > 4)). I thought of using Kerberos 5 as login and credentials manager > because its very secure. (You might clarify your terminology and motivations here. Do you have other services that would benefit from having Kerberos around [IMAP comes to

User Mangment: LDAP, AFS, Kerberos

Hi I'm thinking about creating a central managed user and data system here. It should use AFS (OpenAFS) as virtual filesystem and LDAP (OpenLDAP) as User and Comuter info Database. I tried this earlier but it ended in more than one user database (LDAP and AFS (kerberos 4)). I thought of

Re: Kerberos on Debian - Windows clients

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark L. Kahnt wrote: | On Sun, 2003-06-29 at 19:49, Mark Devin wrote: | |>-BEGIN PGP SIGNED MESSAGE- |>Hash: SHA1 |> |>I have setup a number of hosts running Debian and using Kerberos for |>authentication. Now I need to have a

Re: Kerberos on Debian - Windows clients

On Sun, 2003-06-29 at 19:49, Mark Devin wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > I have setup a number of hosts running Debian and using Kerberos for > authentication. Now I need to have a Windows client connect to the > network. I eventually want to exp

Kerberos on Debian - Windows clients

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have setup a number of hosts running Debian and using Kerberos for authentication. Now I need to have a Windows client connect to the network. I eventually want to experiment with using OpenAFS / Coda for filesharing between the Windows computers

OpenLDAP and Kerberos questions

Hi all, I recently decided it would be a good thing to centralize all of the user information and authentication on my network. After some reading I found that Kerberos will provide me th necessary secure authentication scheme, and OpenLDAP should provide me the user information DB. Both

Re: MIT versus Heimdal Kerberos 5

on Mon, Jan 13, 2003 at 07:54:10PM +0100, Frank Lenaerts wrote about Re: MIT versus Heimdal Kerberos 5: Some things I forgot. > > My understanding is that you don't, really, and that the Kerberos code > > that appears in X might have maybe done authentication but not I supp

Re: MIT versus Heimdal Kerberos 5

on Mon, Jan 13, 2003 at 12:10:17PM -0500, David Z Maze wrote about Re: MIT versus Heimdal Kerberos 5: > Frank Lenaerts <[EMAIL PROTECTED]> writes: > > I configured MIT Kerberos 5 and can now use kerberised telnet, ftp, > > rlogin and ssh. However, I also want to have X o

Re: MIT versus Heimdal Kerberos 5

Frank Lenaerts <[EMAIL PROTECTED]> writes: > I configured MIT Kerberos 5 and can now use kerberised telnet, ftp, > rlogin and ssh. However, I also want to have X over Kerberos. My understanding is that you don't, really, and that the Kerberos code that appears in X migh

  1   2   >