I would like to configure samba with PEM (with LDAP). I've already found, on the server, configured the PAM Authentication(with LDAP) for ssh. I wanted to know if it was possible to configure PAM for to authenticate to another LDAP only for SAMBA.
Is possibile duplicate the /etc/pam_ldap.conf let it point to another LDAP and then configure SAMBA to use this new file?
The /etc/pam_ldap.conf
Code:
#####################
uri ldap://server1
uri ldap://server2
base group ou=esercizio,ou=Groups,dc=soc
base passwd ou=esercizio,ou=People,dc=soc
base shadow ou=esercizio,ou=People,dc=soc
scope passwd onelevel
#filter passwd (eraccountpamstatus=0)
scope group onelevel
scope shadow onelevel
base dc=soc
#uid nslcd
#gid ldap
ssl start_tls
tls_cacertdir /etc/openldap/cacerts
#####################
Thanks
Marcello
Moderator's Comments:
Please use CODE tags as required by forum rules!
Last edited by RudiC; 08-26-2016 at 11:07 AM..
Reason: Added CODE tags.
I have a linux machine which authenticate users to ldap, this is working fine. But I would like to limit users that logon to the machines to just the system admins.
The machines hosts different web sites which users accessed from there home directory like http://foo.mdx.ac.uk/~username
At the... (0 Replies)
Greetings!! I am attempting to solve a rather thorny issue and I was hoping that someone might have some insight into what is going on here..
At this point I have an openLDAP server that is working quite splendidly! :)
I have a working directory with users able to authenticate it and TLS... (2 Replies)
Hi,
I´m trying to make Solaris authenticate users in AD. NTP is working, nsswitch.ldap is listed above, DNS is Ok and I made something different in pam.conf, krb5.conf and sshd_config (see above)
nsswitch.ldap:
passwd: files ldap
group: files ldap
hosts: files dns
ipnodes: ... (0 Replies)
Hi,
I have recently taken control of a number of RHEL5.3 servers that have samba shares setup on them and are authenticating using pam and winbind. My issue is that any user that has an active directory account can currently log in to the linux boxes using their ad credentials. I need to... (0 Replies)
Please I am having problem to login using Active Directory Services 2008 R2 accounts on a cubox ubuntu (2.6.32.9-dove-5.4.2 #46). "getent passwd" only shows local users, however I can querry ADS users using ldapsearch command.
I have 2 systems, one that does not use gdm can login with all users... (0 Replies)
Please I am having problem to login using Windows 2008 R2 Active Directory Services accounts on a cubox ubuntu (2.6.32.9-dove-5.4.2 #46). "getent passwd" only shows local users, however I can querry ADS users using ldapsearch command.
I have 2 systems, one that does not use gdm can login with all... (1 Reply)
I am working on configuring Samba with Remote LDAP for Authentications but facing issue on the same.
I googled for the this but most of the setup is to connect local Samba and LDAP with samba-ldap tools but in my case this is on a separate machines.
Please help me to configure this.
... (0 Replies)
Hi Folks,
I've install 389 Directory Server on a Centos 7.0 server. Over the last two days I've been trying to connect a MacBook running 10.10.5 to the server as a client and I'm having only partial success.
I've "Joined" to my network Account Server, and set my LDAP Mappings to... (2 Replies)
Discussion started by: jlh
2 Replies
LEARN ABOUT REDHAT
uri::ldap
URI::ldap(3) User Contributed Perl Documentation URI::ldap(3)NAME
URI::ldap - LDAP Uniform Resource Locators
SYNOPSIS
use URI;
$uri = URI->new("ldap:$uri_string");
$dn = $uri->dn;
$filter = $uri->filter;
@attr = $uri->attributes;
$scope = $uri->scope;
%extn = $uri->extensions;
$uri = URI->new("ldap:"); # start empty
$uri->host("ldap.itd.umich.edu");
$uri->dn("o=University of Michigan,c=US");
$uri->attributes(qw(postalAddress));
$uri->scope('sub');
$uri->filter('(cn=Babs Jensen)');
print $uri->as_string,"
";
DESCRIPTION
"URI::ldap" provides an interface to parse an LDAP URI in its constituent parts and also build a URI as described in RFC 2255.
METHODS
"URI::ldap" support all the generic and server methods defined by URI, plus the following.
Each of the following methods can be used to set or get the value in the URI. The values are passed in unescaped form. None of these will
return undefined values, but elements without a default can be empty. If arguments are given then a new value will be set for the given
part of the URI.
$uri->dn( [$new_dn] )
Set or get the Distinguised Name part of the URI. The DN identifies the base object of the LDAP search.
$uri->attributes( [@new_attrs] )
Set or get the list of attribute names which will be returned by the search.
$uri->scope( [$new_scope] )
Set or get the scope that the search will use. The value can be one of "base", "one" or "sub". If none is given in the URI then the
return value will default to "base".
$uri->_scope( [$new_scope] )
Same as scope(), but does not default to anything.
$uri->filter( [$new_filter] )
Set or get the filter that the search will use. If none is given in the URI then the return value will default to "(objectClass=*)".
$uri->_filter( [$new_filter] )
Same as filter(), but does not default to anything.
$uri->extensions( [$etype => $evalue,...] )
Set or get the extensions used for the search. The list passed should be in the form etype1 => evalue1, etype2 => evalue2,... This is
also the form of list that will be returned.
SEE ALSO
RFC-2255
AUTHOR
Graham Barr <gbarr@pobox.com>
Slightly modified by Gisle Aas to fit into the URI distribution.
COPYRIGHT
Copyright (c) 1998 Graham Barr. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same
terms as Perl itself.
perl v5.8.0 2000-08-02 URI::ldap(3)
08-26-2016
