I don't know how many times I've setup samba shares, but... It's been a while since the last time. The SID UID maps used to always seem random. I.E. if I had to move the data to another box, I'd have to note all of the SID / UID relations and write scripts to convert them on the new box.
This last time I used the rid method (first time I'd seen it). All went well for a while. Users authenticated from the domain with no issue, etc... After about a week of operation, the mappings started to drop off. When this happens the only way to fix it is use wbinfo -R UID and get the user name, then find the files with the UID+offset and chown them. I've written a scipt file to do this, but that's not the point.
Attached is my smb config file. What am I missing here.
Hello
I have multiple accounts that running application that uses unique port number
I want to generate this port from some sid number that stays constant for every user account , is there any place in the system
that generate number that is unique to the account ?
thanks (0 Replies)
Hi,
i am working on Tru64 os...
When i try to connect to an Oracle instance, the usual method i follow is
chsxsora1:oracle:PRD1 > . oraenv
ORACLE_SID = ? PRD1
But for one Instance it was not working,
chsxsora2:oracle:TST2 > . oraenv
ORACLE_SID =*= ? TST2
i... (0 Replies)
you spend an entire day with scripting nightmares and go to bed real late in the early morning hrs to wake up to your gf asking you a question and your only answer is "It's in the script" LMAO
Happened to me this morning would you believe that?? My daughter is 10yrs old and my gf wanted to check... (3 Replies)
I was going write a script from following site.
Unix Shell Script to Execute Oracle SQL Query (link removed)
My configuration setting for oracle XE.
export ORACLE_HOME=/usr/lib/oracle/xe/app/oracle/product/10.2.0/server
export PATH=$PATH:$ORACLE_HOME/bin
export ORACLE_SID=XE
but after... (4 Replies)
Hi,
I'm considering implementing pam_krb5 on RHEL 5.5 and Solaris 10, and I'm in an environment that has a number of legacy NIS domains. They've all been migrated into Active Directory, RFC2307, with the NIS maps that differed in each domain kept within its own container. However, users and... (0 Replies)
Hello,
I do not know if this is the right title to use. I have a large dictionary database which has the following structure:
where a b c d e are in English and p q r s t are in a target language., the two separated by the delimiter =.
What I am looking for is a perl script which will take... (5 Replies)
Hi!
I am having a problem when logging in on a solaris 10 server, after typing one or two commands, I lose connectivity, with the following message:
server unexpectedly closed network connection
I have checked the following:
grep `uname -n` /etc/inet/hosts /etc/inet/ipnodes... (8 Replies)
Discussion started by: fretagi
8 Replies
LEARN ABOUT OSX
pam_winbind
PAM_WINBIND(7)PAM_WINBIND(7)NAME
pam_winbind - PAM module for Winbind
DESCRIPTION
This tool is part of the samba(7) suite.
pam_winbind is a PAM module that can authenticate users against the local domain by talking to the Winbind daemon.
OPTIONS
pam_winbind supports several options which can either be set in the PAM configuration files or in the pam_winbind configuration file situ-
ated at /etc/security/pam_winbind.conf. Options from the PAM configuration file take precedence to those from the configuration file.
debug
Gives debugging output to syslog.
debug_state
Gives detailed PAM state debugging output to syslog.
require_membership_of=[SID or NAME]
If this option is set, pam_winbind will only succeed if the user is a member of the given SID or NAME. A SID can be either a group-SID,
a alias-SID or even a user-SID. It is also possible to give a NAME instead of the SID. That name must have the form: MYDOMAINmygroup or
MYDOMAINmyuser. pam_winbind will, in that case, lookup the SID internally. Note that NAME may not contain any spaces. It is thus recom-
mended to only use SIDs. You can verify the list of SIDs a user is a member of with wbinfo --user-sids=SID.
try_first_pass
use_first_pass
By default, pam_winbind tries to get the authentication token from a previous module. If no token is available it asks the user for the
old password. With this option, pam_winbind aborts with an error if no authentication token from a previous module is available.
use_authtok
Set the new password to the one provided by the previously stacked password module. If this option is not set pam_winbind will ask the
user for the new password.
krb5_auth
pam_winbind can authenticate using Kerberos when winbindd is talking to an Active Directory domain controller. Kerberos authentication
must be enabled with this parameter. When Kerberos authentication can not succeed (e.g. due to clock skew), winbindd will fallback to
samlogon authentication over MSRPC. When this parameter is used in conjunction with winbind refresh tickets, winbind will keep your
Ticket Granting Ticket (TGT) uptodate by refreshing it whenever necessary.
krb5_ccache_type=[type]
When pam_winbind is configured to try kerberos authentication by enabling the krb5_auth option, it can store the retrieved Ticket Grant-
ing Ticket (TGT) in a credential cache. The type of credential cache can be set with this option. Currently the only supported value is:
FILE. In that case a credential cache in the form of /tmp/krb5cc_UID will be created, where UID is replaced with the numeric user id.
Leave empty to just do kerberos authentication without having a ticket cache after the logon has succeeded.
cached_login
Winbind allows to logon using cached credentials when winbind offline logon is enabled. To use this feature from the PAM module this
option must be set.
silent
Do not emit any messages.
SEE ALSO wbinfo(1), winbindd(8), smb.conf(5)VERSION
This man page is correct for version 3.0 of Samba.
AUTHOR
The original Samba software and related utilities were created by Andrew Tridgell. Samba is now developed by the Samba Team as an Open
Source project similar to the way the Linux kernel is developed.
This manpage was written by Jelmer Vernooij and Guenther Deschner.
PAM_WINBIND(7)