On Thursday, May 2, 2019 at 3:07:06 PM UTC+8, Frank Ueberschar wrote: > Would you mind to share details about your implementation where it fails > (logfiles from the director, etc.)? > > > Am 01.05.19 um 17:04 schrieb Tam Angustia: > > Has anyone implemented an ldap authentication on the latest stable release > > of bareos (18.2.5)? > > If so, would you mind sharing the details on how you were able to implement > > it? > > > > I have tested it but it seems that it doesnt work, 18.2.5 bareos only works > > with pam_unix.so. > > > > I am trying to approach how to automate creating tenants thats why im > > exploring this concept. > > > > I will either test out a php-pam reset password or explore further the ldap > > one. > > > > Hopefully will update this post as well > > > -- > Mit freundlichen Grüßen > > Frank Ueberschar [email protected] > Bareos GmbH & Co. KG Phone: +49 221 63 06 93-88 > http://www.bareos.com Fax: +49 221 63 06 93-10 > > Sitz der Gesellschaft: Köln | Amtsgericht Köln: HRA 29646 > Geschäftsführer: Stephan Dühr, M. Außendorf, J. Steffens, P. Storz
Hi Frank, I got it working with just affixing " auth required pam_unix.so" on the /etc/pam.d/bareos file Ive also come to realize that any account on the ldap server can login even if our ldap server has whitelists on specific machines, nor console users written on the console directory under bareos-dir.d A few things to note: first, in order to test the local machine users, I included bareos on the root group, modified /etc/shadows to 400, as this was currently 000 then tested a local user created on the machine with restricted ACLs. This has worked without errors. However, upon registering the machine to our ldap server, ordinary users, even without configuring on the console to be included, were able to login using their ldap accounts. Even if I enrolled the user as console users to bareos and restricting ACL controls, still, full admin privileges are automatically given. -- You received this message because you are subscribed to the Google Groups "bareos-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/bareos-users/9339994e-b117-4fac-b18f-ad44772a2cdd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
