Edit. Was able to get the local users to authenticate but not with ldap users. It seems i misconfigured something on the directors.ini so it allowed anything to login
Now Im determining on what modules to add on the /etc/pam.d/bareos file to finally allow ldap authentication On Tue, Jul 9, 2019 at 3:53 PM Tam Angustia <[email protected]> wrote: > On Thursday, May 2, 2019 at 3:07:06 PM UTC+8, Frank Ueberschar wrote: > > Would you mind to share details about your implementation where it fails > > (logfiles from the director, etc.)? > > > > > > Am 01.05.19 um 17:04 schrieb Tam Angustia: > > > Has anyone implemented an ldap authentication on the latest stable > release of bareos (18.2.5)? > > > If so, would you mind sharing the details on how you were able to > implement it? > > > > > > I have tested it but it seems that it doesnt work, 18.2.5 bareos only > works with pam_unix.so. > > > > > > I am trying to approach how to automate creating tenants thats why im > exploring this concept. > > > > > > I will either test out a php-pam reset password or explore further the > ldap one. > > > > > > Hopefully will update this post as well > > > > > -- > > Mit freundlichen Grüßen > > > > Frank Ueberschar [email protected] > > Bareos GmbH & Co. KG Phone: +49 221 63 06 93-88 > > http://www.bareos.com Fax: +49 221 63 06 93-10 > > > > Sitz der Gesellschaft: Köln | Amtsgericht Köln: HRA 29646 > > Geschäftsführer: Stephan Dühr, M. Außendorf, J. Steffens, P. Storz > > Hi Frank, I got it working with just affixing > " auth required pam_unix.so" > on the /etc/pam.d/bareos file > > Ive also come to realize that any account on the ldap server can login > even if our ldap server has whitelists on specific machines, nor console > users written on the console directory under bareos-dir.d > > A few things to note: > > first, in order to test the local machine users, > I included bareos on the root group, modified /etc/shadows to 400, as this > was currently 000 then tested a local user created on the machine with > restricted ACLs. > > This has worked without errors. > > However, upon registering the machine to our ldap server, ordinary users, > even without configuring on the console to be included, were able to login > using their ldap accounts. > > Even if I enrolled the user as console users to bareos and restricting ACL > controls, still, full admin privileges are automatically given. > > -- > You received this message because you are subscribed to a topic in the > Google Groups "bareos-users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/bareos-users/O9yGD0w6quU/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/bareos-users/9339994e-b117-4fac-b18f-ad44772a2cdd%40googlegroups.com > . > For more options, visit https://groups.google.com/d/optout. > -- *JOTHAM IVAN O. ANGUSTIA* Science Research Specialist I Research and Development Division Advanced Science and Technology Institute +63905 929 0262 +63916 777 1662 -- You received this message because you are subscribed to the Google Groups "bareos-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/bareos-users/CACaeCvEGWoB4NCkVdtM1Ae0oA8_4FRkA3DpCDNUubwMyWHAW%2Bg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
