L.P.H. van Belle
2016-07-21 10:15:25 UTC
Hai,
I was testing a toshiba printer, added it to the samba 4 domain, ( successfully ).
And mean while i was reading : https://wiki.samba.org/index.php/OpenSSH_Single_sign-on
And I noticed the following settings in the printer. .. anything usefull below ? thats why i post this.
And then im pointing to :
I think some of these nice examples/settings can help some people, especialy the mappings.
[libdefaults]
default_realm = REALM.DOMAIN.TLD
default_tgs_enctypes = AES256-CTS-HMAC-SHA1-96 AES128-CTS-HMAC-SHA1-96 RC4-HMAC DES-CBC-MD5 DES-CBC-CRC
default_tkt_enctypes = AES256-CTS-HMAC-SHA1-96 AES128-CTS-HMAC-SHA1-96 RC4-HMAC DES-CBC-MD5 DES-CBC-CRC
preferred_enctypes = AES256-CTS-HMAC-SHA1-96 AES128-CTS-HMAC-SHA1-96 RC4-HMAC DES-CBC-MD5 DES-CBC-CRC
dns_lookup_kdc = true
[domain_realm]
.realm.domain.tld = REALM.DOMAIN.TLD
realm.domain.tld = REALM.DOMAIN.TLD
[realms]
REALM.DOMAIN.TLD = {
auth_to_local = RULE:[1:$0\$1](^REALM\.DOMAIN\.TLD\\.*)s/^REALM\.DOMAIN\.TLD/NTDOMAIN/
auth_to_local = DEFAULT
}
[appdefaults]
pam = {
mappings = NTDOMAIN\\(.*) $***@REALM.DOMAIN.TLD
forwardable = true
validate = true
}
httpd = {
mappings = NTDOMAIN\\(.*) $***@REALM.DOMAIN.TLD
reverse_mappings = (.*)@REALM\.DOMAIN\.TLD NTDOMAIN\$1
}
Greetz,
Louis
I was testing a toshiba printer, added it to the samba 4 domain, ( successfully ).
And mean while i was reading : https://wiki.samba.org/index.php/OpenSSH_Single_sign-on
And I noticed the following settings in the printer. .. anything usefull below ? thats why i post this.
And then im pointing to :
auth_to_local = RULE:[1:$0\$1](^REALM\.DOMAIN\.TLD\\.*)s/^REALM\.DOMAIN\.TLD/NTDOMAIN/
and the pam / httpd mappings.
and the pam / httpd mappings.
I think some of these nice examples/settings can help some people, especialy the mappings.
[libdefaults]
default_realm = REALM.DOMAIN.TLD
default_tgs_enctypes = AES256-CTS-HMAC-SHA1-96 AES128-CTS-HMAC-SHA1-96 RC4-HMAC DES-CBC-MD5 DES-CBC-CRC
default_tkt_enctypes = AES256-CTS-HMAC-SHA1-96 AES128-CTS-HMAC-SHA1-96 RC4-HMAC DES-CBC-MD5 DES-CBC-CRC
preferred_enctypes = AES256-CTS-HMAC-SHA1-96 AES128-CTS-HMAC-SHA1-96 RC4-HMAC DES-CBC-MD5 DES-CBC-CRC
dns_lookup_kdc = true
[domain_realm]
.realm.domain.tld = REALM.DOMAIN.TLD
realm.domain.tld = REALM.DOMAIN.TLD
[realms]
REALM.DOMAIN.TLD = {
auth_to_local = RULE:[1:$0\$1](^REALM\.DOMAIN\.TLD\\.*)s/^REALM\.DOMAIN\.TLD/NTDOMAIN/
auth_to_local = DEFAULT
}
[appdefaults]
pam = {
mappings = NTDOMAIN\\(.*) $***@REALM.DOMAIN.TLD
forwardable = true
validate = true
}
httpd = {
mappings = NTDOMAIN\\(.*) $***@REALM.DOMAIN.TLD
reverse_mappings = (.*)@REALM\.DOMAIN\.TLD NTDOMAIN\$1
}
Greetz,
Louis
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba