Find the answer to your Linux question:
Results 1 to 3 of 3
Hello, Ok, I am a new user to symfony (day 1). Our symfony (set-up by my predecessor) which runs our intranet webserver doesnt authenticate ldap users since last week. It ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Oct 2012
    Posts
    15

    ldap in symfony (gentoo vm)


    Hello,
    Ok, I am a new user to symfony (day 1).
    Our symfony (set-up by my predecessor) which runs our intranet webserver doesnt authenticate ldap users since last week. It doesn't throw any error etc., just doesn't log me/users in
    pls help.

    also ask for any information and I would try my best to provide.

    many thanks in advance.
    os - gentoo 2.6.28
    php - 5.3.15

  2. #2
    Just Joined!
    Join Date
    Oct 2012
    Posts
    15
    ok, i gave-up on the idea of symfony plugin now. i am looking towards samba (where i should have looked in the first instance).

    Code:
    # cat /etc/krb5.conf 
    [logging] 
     default = FILE:/var/log/krb5libs.log 
     kdc = FILE:/var/log/krb5kdc.log 
     admin_server = FILE:/var/log/kadmind.log 
    
    [libdefaults] 
     default_realm = abc.com 
     dns_lookup_realm = false 
     dns_lookup_kdc = false 
    
    [realms] 
     abc.com = { 
      kdc = d.abc.com:88 
      admin_server = d.abc.com:749 
      default_domain = abc.com 
     } 
    
    [domain_realm] 
     .abc.com = abc.com 
      abc.com = abc.com 
    
    [kdc] 
     profile = /var/kerberos/krb5kdc/kdc.conf 
    
    [appdefaults] 
     pam = { 
       debug = false 
       ticket_lifetime = 36000 
       renew_lifetime = 36000 
       forwardable = true 
       krb4_convert = false 
     } 
    
    
    smb.conf
    [global] 
    workgroup = abc 
    netbios name = e 
    server string = Samba Server %v 
    local master = no 
    preferred master = no 
    domain logons = no 
    wins server = 193.63.xx.xx 
    wins proxy = no 
    winbind enum users = Yes 
    winbind enum groups = Yes 
    winbind use default domain = Yes 
    winbind nested groups = Yes 
    winbind separator = + 
    os level = 20 
    max log size = 50 
    encrypt passwords = yes 
    dns proxy = no 
    password server = * 
    security = ADS 
    realm = abc.com 
    username map = /etc/samba/smbusers 
    socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 IPTOS_LOWDELAY 
    add user script = /usr/sbin/useradd -m %u 
    valid users = midway 
    
    [homes] 
    comment = Home Directories 
    browseable = yes 
    writable = yes 
    case sensitive = no 
    
    [intranet] 
    comment = intranet 
    writable = yes 
    path = /home/intranet 
    force user = intranet 
    force group = intranet 
    valid users = midway 
    
    
    
    # net ads testjoin 
    [2012/10/02 16:34:32.540348,  0] libads/kerberos.c:333(ads_kinit_password) 
      kerberos_kinit_password e$@abc.com failed: Preauthentication failed 
    
    # net ads status 
    Enter root's password: 
    [2012/10/02 16:17:41.367505,  0] libads/kerberos.c:333(ads_kinit_password) 
      kerberos_kinit_password root@abc.com failed: Client not found in Kerberos database

  3. #3
    Just Joined!
    Join Date
    Oct 2012
    Posts
    15
    ok, solved it.
    a very simple fix that is rejoining the domain did the trick.

    Code:
    net ads join -U admin 
    password: 
    NT_STATUS_OK: Success (0x0) 
    
    ntlm_auth --username="midway" --domain="abc" --require-membership-of="abc\adgroup" 
    password: 
    NT_STATUS_OK: Success (0x0)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •