Edit.

Was able to get the local users to authenticate but not with ldap users. It
seems i misconfigured something on the directors.ini so it allowed anything
to login

Now Im determining on what modules to add on the /etc/pam.d/bareos file to
finally allow ldap authentication

On Tue, Jul 9, 2019 at 3:53 PM Tam Angustia <[email protected]>
wrote:

> On Thursday, May 2, 2019 at 3:07:06 PM UTC+8, Frank Ueberschar wrote:
> > Would you mind to share details about your implementation where it fails
> > (logfiles from the director, etc.)?
> >
> >
> > Am 01.05.19 um 17:04 schrieb Tam Angustia:
> > > Has anyone implemented an ldap authentication on the latest stable
> release of bareos (18.2.5)?
> > > If so, would you mind sharing the details on how you were able to
> implement it?
> > >
> > > I have tested it but it seems that it doesnt work, 18.2.5 bareos only
> works with pam_unix.so.
> > >
> > > I am trying to approach how to automate creating tenants thats why im
> exploring this concept.
> > >
> > > I will either test out a php-pam reset password or explore further the
> ldap one.
> > >
> > > Hopefully will update this post as well
> > >
> > --
> > Mit freundlichen Grüßen
> >
> >   Frank Ueberschar                          [email protected]
> >   Bareos GmbH & Co. KG                      Phone: +49 221 63 06 93-88
> >   http://www.bareos.com                     Fax:   +49 221 63 06 93-10
> >
> >   Sitz der Gesellschaft: Köln | Amtsgericht Köln: HRA 29646
> >   Geschäftsführer: Stephan Dühr, M. Außendorf, J. Steffens, P. Storz
>
> Hi Frank, I got it working with just affixing
> " auth       required     pam_unix.so"
> on the /etc/pam.d/bareos file
>
> Ive also come to realize that any account on the ldap server can login
> even if our ldap server has whitelists on specific machines, nor console
> users written on the console directory under bareos-dir.d
>
> A few things to note:
>
> first, in order to test the local machine users,
> I included bareos on the root group, modified /etc/shadows to 400, as this
> was currently 000 then tested a local user created on the machine with
> restricted ACLs.
>
> This has worked without errors.
>
> However, upon registering the machine to our ldap server, ordinary users,
> even without configuring on the console to be included, were able to login
> using their ldap accounts.
>
> Even if I enrolled the user as console users to bareos and restricting ACL
> controls, still, full admin privileges are automatically given.
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "bareos-users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/bareos-users/O9yGD0w6quU/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> [email protected].
> To post to this group, send email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/bareos-users/9339994e-b117-4fac-b18f-ad44772a2cdd%40googlegroups.com
> .
> For more options, visit https://groups.google.com/d/optout.
>


-- 


*JOTHAM IVAN O. ANGUSTIA*
Science Research Specialist I
Research and Development Division
Advanced Science and Technology Institute
+63905 929 0262
+63916 777 1662

-- 
You received this message because you are subscribed to the Google Groups 
"bareos-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/bareos-users/CACaeCvEGWoB4NCkVdtM1Ae0oA8_4FRkA3DpCDNUubwMyWHAW%2Bg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to