Navigation

    ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. ldap
    Log in to post
    • WLS-ITGuy

      Account getting locked out
      IT Discussion • ldap login • • WLS-ITGuy

      9
      0
      Votes
      9
      Posts
      142
      Views

      WLS-ITGuy

      @DustinB3403 said in Account getting locked out:

      @WLS-ITGuy said in Account getting locked out:

      @DustinB3403 said in Account getting locked out:

      Any services or scheduled tasks that might be setup under this account?

      Possibly, however the password hasn't changed in the last 30 days that it would cause this.

      Then something was turned on recently that is using a password older than 30 days.

      Nope. Turns out I had a couple servers that I was giving RDP remote access to another vendor for them to migrate to a new server and I forgot to turn off RDP.

    • zachary715

      How to authenticate via AD to non-domain server
      IT Discussion • active directory bookstack ldap • • zachary715

      26
      0
      Votes
      26
      Posts
      417
      Views

      wirestyle22

      @black3dynamite He shouldn't need to. I'm running it on 16.04 and what he is trying to do works for me.

    • wirestyle22

      Configuring Bookstack to use LDAP
      IT Discussion • bookstack ldap • • wirestyle22

      9
      1
      Votes
      9
      Posts
      1963
      Views

      wirestyle22

      @dbeato said in Configuring Bookstack to use LDAP:

      This are my settings

      # General auth #AUTH_METHOD=standard AUTH_METHOD=ldap # LDAP Host LDAP_SERVER=1.2.3.4:636 # The base DN for users LDAP_BASE_DN=DC=domain,DC=com #The full DN and password for binding LDAP_DN=CN=bookstack,CN=Users,DC=domain,DC=com LDAP_PASS=S0UP3rS7r0ngP@ssW0rd #A filter to use when searching for users LDAP_USER_FILTER=(&(mail=${user})) LDAP_VERSION=3 # Set the default 'email' attribute. Defaults to 'mail' LDAP_EMAIL_ATTRIBUTE=mail # Set the property to use for a user's display name. Defaults to 'cn' LDAP_DISPLAY_NAME_ATTRIBUTE=cn # Enable LDAP group sync, Set to 'true' to enable. LDAP_USER_TO_GROUPS=true # LDAP user attribute containing groups, Defaults to 'memberOf'. LDAP_GROUP_ATTRIBUTE="memberOf" # Remove users from roles that don't match LDAP groups. LDAP_REMOVE_FROM_GROUPS=false LDAP_AUTO_CONFIRM_EMAIL=true # A full list of options can be found in the '.env.example.complete' file.

      Make sure to have the local admin logged in and not logged out while you change and save the changes so then you can add yourself as admin tied to AD.

      I just made the default role admin and then changed it after my initial logon lol

    • s.hackleman

      Help with Active Directory Terminology
      Developer Discussion • active directory azure azure ad kerberos ldap oauth saml • • s.hackleman

      16
      1
      Votes
      16
      Posts
      451
      Views

      Reid Cooper

      Azure AD's Use of SAML Protocol

    • M

      RocketChat LDAP
      IT Discussion • active directory ldap rocketchat snap • • mattbagan

      4
      1
      Votes
      4
      Posts
      675
      Views

      scottalanmiller

      @mattbagan said in RocketChat LDAP:

      @scottalanmiller Do you know where the snap version of mongodb is installed? I can't find it.

      Under /var/lib/snapd/snap/rocketchat-server/current/bin/

      But what you want to do I assume is use Compass and just attach to it remotely. It's on port 27017 as usual.

    • scottalanmiller

      Zimbra Unable to start TLS: hostname verification failed when connecting to ldap master
      IT Discussion • ldap ldaps tls zimbra • • scottalanmiller

      12
      3
      Votes
      12
      Posts
      8366
      Views

      G

      Had this error after installing a new commercial certificate. The error seems valid as my server hostname and certificate name do not match, but it is my understanding this name mismatch is allowed and should still work.

      To resolve this I just ran these two commands as Zimbra user.
      zmlocalconfig -e ldap_starttls_required=false
      zmlocalconfig -e ldap_starttls_supported=0

      I am slightly concerned as to the security implications of disabling these settings. I am still on ldap not ldaps and this is on CentOS 7.

    • AlyRagab

      NextCloud with FreeIPA
      IT Discussion • freeipa ldap linux nextcloud openldap owncloud • • AlyRagab

      16
      1
      Votes
      16
      Posts
      4058
      Views

      scottalanmiller

      Done

    • jrc

      Good step by step for setting up a Radius Server and LDAPS
      IT Discussion • ldap ldaps radius windows server 2012 r2 • • jrc

      5
      1
      Votes
      5
      Posts
      1967
      Views

      dbeato

      Radius
      https://blog.ubnt.com/2016/11/04/managing-radius-authentication-unifi/
      http://www.petenetlive.com/KB/Article/0000685
      http://thesolving.com/server-room/configure-radius-server-windows-authenticate-cisco-vpn-users/

      For LDAPS see below:
      http://www.petenetlive.com/KB/Article/0000962
      https://www.petri.com/enable-secure-ldap-windows-server-2008-2012-dc

    • mlnews

      OpenLDAP with Samba Issue
      IT Discussion • ldap openldap samba • • mlnews

      4
      1
      Votes
      4
      Posts
      1385
      Views

      stacksofplates

      Why samba instead of sssd?

    • anthonyh

      Long Shot - Evolution & Zimbra GAL
      IT Discussion • email evolution ldap zimbra zimbra gal • • anthonyh

      17
      1
      Votes
      17
      Posts
      2695
      Views

      anthonyh

      Used the local admin account to bind, and GAL address autocompletion works in Evolution and Thunderbird. So, thats good. Now to create that dummy account...

    • Kelly

      Authenticating Linux against AD
      IT Discussion • active directory ldap linux sssd winbind • • Kelly

      31
      3
      Votes
      31
      Posts
      4518
      Views

      PSX_Defector

      @Kelly said:

      @PSX_Defector said:

      @Kelly said:

      I've also been looking at PowerBroker Identity Services from BeyondTrust. It is where Likewise ended up after a series of acquisitions. It looks like I'm going to have to be building a virtual network and trying some of this.

      I've used this in multiple companies, from an airline in America to an oil exploration company.

      Works like a champ, it's built on Winbind, but now has actual support versus calling RedHat and hoping for the best.

      Did you use PBIS Open or the paid version? The paid version is significantly more than I can afford at about $1,600 per server instance.

      This was back in the Likewise days. So free.99.

    • stacksofplates

      AutoFS and NFS Home
      IT Discussion • autofs identity management ldap linux red hat • • stacksofplates

      28
      0
      Votes
      28
      Posts
      3152
      Views

      stacksofplates

      @dafyre said:

      @johnhooks said:

      @scottalanmiller said:

      @johnhooks said:

      @dafyre said:

      Why are there two NFS servers to start with? (Just curious)

      They're only 20-24 drives each. About 50TB per server. All of the engineer's home folders are on them so one isn't enough.

      At some point down the road we are going to implement a clustered storage but we just don't have the time right now because of time constraints for this project.

      Gluster could be done in an hour. I have how tos posted for both NFS Home Automounting and Gluster :)

      Ha yes anywhere else it would take no time at all. We have so much red tape to jump through it's ridiculous.

      Start setting up and testing a Gluster Cluster (see what I did there?)... and maybe by the time you get it set up and tested, you'll be done playing jump rope with the red tape.

      The other issue is the NFS servers we have right now are applicances (was done before I got here I've only been here less than a month). We can install certain things, but too much and we might lose "support."

      We have to have these inspectors come in and approve stuff if any changes are made to this network. It's ridiculous.

    • Brains

      (SOHO) Dual WAN Load Balancing Gigabit VPN Router with RADIUS / ldap Support Recommendations
      IT Discussion • dual wan gigabit ldap load balancing radius router vpn • • Brains

      37
      2
      Votes
      37
      Posts
      4758
      Views

      Brains

      @PSX_Defector said:

      @Brains said:

      It's just bad timing and we are in the healthcare market and subject to Texas's Workers Compensation craziness, so its been a rough year or two for us.

      Then you best not be using PPTP. Compliance audits will come down on you hard.

      If anyone will be at Lone Star PHP in Texas this weekend, let me know. Ill be there and will buy you a beer.

      I thought you were talking about Big Texas Beer Fest, which was last weekend.

      I was planning on trying to use L2TP and darn for missing the Beer Fest. That's my kind of place! Well Whiskey Fest would be MORE my kinda place haha.

      I also wanted to ask you about this as well:
      3 Year Warranty & InControl 2 for Balance One/Balance One Core

      I really doubt the cloud management would be useful for us since we only have 2 local devices (one active at a time). We will get free firmware updates AFAIK, so I don't really know why that is mentioned. Is there any reason we should get this package? 25% price increase for 2 additional years of warranty doesn't seem worth it to me.

    • stacksofplates

      Linux and LDAP
      IT Discussion • kerberos ldap linux nfs • • stacksofplates

      24
      2
      Votes
      24
      Posts
      3255
      Views

      Reid Cooper

      OpenLDAP is what the average Linux shop is going to turn to when looking to implement an "AD like" authentication mechanism when no Windows is involved.

    • nadnerB

      What does the world need? MOAR LUMIAS!
      News • ldap microsoft • • nadnerB

      2
      0
      Votes
      2
      Posts
      919
      Views

      Dashrender

      I'm not surprised by this. MS didn't want to be completely silent, but at the same time they don't want to release a new Flagship without Windows 10.

    • thanksajdotcom

      Setting Up First DC at Home
      IT Discussion • active directory domain controller ldap linux windows • • thanksajdotcom

      30
      0
      Votes
      30
      Posts
      5226
      Views

      coliver

      Wish I could be helpful I haven't had a need to do this since... 2010? And that was for college.

      I do remember that everyone was struggling with Ubuntu to get it connected to AD but CentOS (which is what I was using at the time) worked flawlessly.

    • scottalanmiller

      LDAP Bind Error 8341 on Domain Controller
      IT Discussion • active directory domain controller ldap windows • • scottalanmiller

      15
      0
      Votes
      15
      Posts
      10305
      Views

      Dashrender

      @scottalanmiller said:

      It's OpenVPN and IPSec, I've used both a ton. No concerns there at all. But it doesn't do what Pertino does. While both are VPNs, they are completely different things. Pertino is a hosted full mesh. Ubiquiti, like any hardware VPN, is a site to site VPN. ** There are very few times that both would be an option for the same network.**

      Really? I could see this being useful in my case where I have 4 remote locations using Site to Site, and for my mobile users they could use Pertino.