Comments on: RHEL Winbind Authentication Against Active Directory

By: Nick

Nick — Thu, 18 Feb 2010 19:16:38 +0000

Cliff,
After 2 days of trials, I did some thinking about our setup and there was really no need to do authentication on these shares so I made the security = share and that fixed my problems for now.
Thanks!

By: cliff

cliff — Wed, 17 Feb 2010 17:29:18 +0000

Nick,

It sounds like it’s not able to lookup the users domain credentials. Do you have your AD setup as part of your PAM stack?

By: cliff

cliff — Wed, 17 Feb 2010 17:26:45 +0000

I think, that if you look closely at the post date of the article above that you will find it was written during the days of RHEL 4. I think also, that if you had taken the time to investigate, you would have found that authconfig-tui did not exist on that release, and was not part of RHEL until release 5. I should also say thatauthconfig-tui supports all options of authconfig but it implies –update as the default action.

So, before writing wise ass comments, you may want to take some time and do a little research beforehand so that it’s not you who comes off looking foolish. Just some friendly advice.

By: nick

nick — Wed, 17 Feb 2010 16:18:48 +0000

Hey there, thanks for the post.
In a related vein, I have a RH server that used to do local NIS/Kerb authentication but now it authenticates users against an organization wide kerberos server. Everything is humming along except for cups/samba – windows users cannot connect to the print server and get an “access denied” info box. Most prominent error is the samba log stating “NT_STATUS_NO_LOGON_SERVERS”.
Any hints on where to go from here?
Thanks!

By: your_mother

your_mother — Thu, 30 Apr 2009 21:27:18 +0000

The command is supposed to be authconfig-tui in the article above, genius.

By: Chris Edwards

Chris Edwards — Mon, 17 Nov 2008 21:01:48 +0000

Follow these instructions to have your users directories automatically created….

http://kbase.redhat.com/faq/FAQ_43_5367.shtm

By: mohit

mohit — Tue, 03 Jun 2008 07:04:37 +0000

how to configure a squid server
all commands step by step

By: markwilson.it » Some more on using Active Directory for Linux/Mac OS X user authentication

Thu, 13 Mar 2008 12:18:17 +0000

[...] If you want to avoid entering the logon name as domainnameusername, then it is possible to configure a default domain for Winbind to use. [...]

By: Greywolf

Greywolf — Mon, 29 Oct 2007 21:02:37 +0000

I’m looking for a way to provide single-sign-on to an environment without having to explicitly configure every single UNIX client to join the domain and auth against the ADS; my thought was to set up an LDAP server which would perform the authentication against the ADS by proxy.

Is this possible? I have Solaris, HP and Linux clients, all of which I wish to be able to use single-sign-on.

Help?

By: cliff

cliff — Fri, 18 May 2007 12:21:59 +0000

Hey Mont,
Let me know how it goes. I confess that I needed to get this task done quickly, so I saw authconfig as my best bet. I know there is a way to do it on the command line as well. It pretty much just worked for me, so hopefully it will do the same for you

By: Mont

Mont — Thu, 17 May 2007 21:58:06 +0000

Thanks, I’ll give it a try. I had specifically read something that had said not to join the domain from within authconfig so I was curious when I saw your post.

By: cliff

cliff — Thu, 17 May 2007 20:21:28 +0000

Hi Mont,
If I remember correctly, authconfig asks for this information before it attempts to join the machine to the domain.

By: Mont

Mont — Thu, 17 May 2007 17:06:06 +0000

How does this get the username and password of a domain administrator that has the ability to add the computer to the domain? Or must “net ads join” be used if a username and password is required to add a user?

Thanks,
-Mont