From: Galen J. <Gal...@sa...> - 2012-01-30 02:17:24
|
Hello, I’m having what I hope is a common enough problem that someone has a way to fix it…or can point me to what I’m missing. I have a RHEL system that uses AD via a VAS PAM module for authentication. I finally got the system to allow me to authenticate using the Unix password by explicitly adding the pam args from a different module (it didn’t like the “include” option) to the Webmin pam.d file. The problem I’m having now is that when I attempt to select a group or even individual users to add to Webmin, it only looks at the local groups and files. The selection boxes show me the user/group lists and allow me to select them but then fails silently when clicking “save”. I feel sure I’m missing something simple…some setting in the bowels of Webmin. If I define the user by hand, it works just fine…however, I have hundreds of users I need to configure certain modules for and would prefer not to have to do them by hand. Has anyone else run into this and how did you fix it? Thanks =G= |
From: Jamie C. <jca...@we...> - 2012-01-30 03:44:16
|
On 29/Jan/2012 18:17 Galen Johnson <Gal...@sa...> wrote .. > Hello, > > I’m having what I hope is a common enough problem that someone has a way to fix > it…or can point me to what I’m missing. I have a RHEL system that uses AD > via a VAS PAM module for authentication. I finally got the system to allow me > to authenticate using the Unix password by explicitly adding the pam args from > a different module (it didn’t like the “include” option) to the Webmin pam.d > file. > > The problem I’m having now is that when I attempt to select a group or even individual > users to add to Webmin, it only looks at the local groups and files. The selection > boxes show me the user/group lists and allow me to select them but then fails silently > when clicking “save”. I feel sure I’m missing something simple…some setting > in the bowels of Webmin. If I define the user by hand, it works just fine…however, > I have hundreds of users I need to configure certain modules for and would prefer > not to have to do them by hand. > > Has anyone else run into this and how did you fix it? Hi Galen, It sounds like you need to setup NSS-LDAP as well, so that active directory users are also real Unix users. Webmin has the ability to allow Unix users to login with permissions determined by their groups (at Webmin -> Webmin Users -> Configure Unix user Authentication), but this only works when NSS-LDAP has been configured. - Jamie |
From: Galen J. <Gal...@sa...> - 2012-01-30 17:58:41
|
-----Original Message----- > On 29/Jan/2012 18:17 Galen Johnson <Gal...@sa...> wrote .. >> Hello, >> >> I’m having what I hope is a common enough problem that someone has a way to fix >> it…or can point me to what I’m missing. I have a RHEL system that uses AD >> via a VAS PAM module for authentication. I finally got the system to allow me >> to authenticate using the Unix password by explicitly adding the pam args from >> a different module (it didn’t like the “include” option) to the Webmin pam.d >> file. >> >> The problem I’m having now is that when I attempt to select a group or even individual >> users to add to Webmin, it only looks at the local groups and files. The selection >> boxes show me the user/group lists and allow me to select them but then fails silently >> when clicking “save”. I feel sure I’m missing something simple…some setting >> in the bowels of Webmin. If I define the user by hand, it works just fine…however, >> I have hundreds of users I need to configure certain modules for and would prefer >> not to have to do them by hand. >> >> Has anyone else run into this and how did you fix it? > > Hi Galen, > > It sounds like you need to setup NSS-LDAP as well, so that active directory users > are also real Unix users. Webmin has the ability to allow Unix users to login with > permissions determined by their groups (at Webmin -> Webmin Users -> Configure Unix > user Authentication), but this only works when NSS-LDAP has been configured. > > - Jamie I was afraid you'd say something like that. I haven't been able to get that to work properly. With the LDAP client, I can browse the AD server but I haven't been able to figure out how to make the users and groups show up in the LDAP Users and Groups module. It just baffles me that it can determine the users and groups that are in AD to select but it can't see them when it tries to add them to Webmin. It's seems like the viewer is using system calls but the implementation module uses a different method. =G= |
From: Jamie C. <jca...@we...> - 2012-01-30 19:00:03
|
On 30/Jan/2012 09:58 Galen Johnson <Gal...@sa...> wrote .. > > -----Original Message----- > > > On 29/Jan/2012 18:17 Galen Johnson <Gal...@sa...> wrote .. > >> Hello, > >> > >> I’m having what I hope is a common enough problem that someone has a way to > fix > >> it…or can point me to what I’m missing. I have a RHEL system that uses > AD > >> via a VAS PAM module for authentication. I finally got the system to allow > me > >> to authenticate using the Unix password by explicitly adding the pam args from > >> a different module (it didn’t like the “include” option) to the Webmin > pam.d > >> file. > >> > >> The problem I’m having now is that when I attempt to select a group or even > individual > >> users to add to Webmin, it only looks at the local groups and files. The selection > >> boxes show me the user/group lists and allow me to select them but then fails > silently > >> when clicking “save”. I feel sure I’m missing something simple…some > setting > >> in the bowels of Webmin. If I define the user by hand, it works just fine…however, > >> I have hundreds of users I need to configure certain modules for and would prefer > >> not to have to do them by hand. > >> > >> Has anyone else run into this and how did you fix it? > > > > Hi Galen, > > > > It sounds like you need to setup NSS-LDAP as well, so that active directory users > > are also real Unix users. Webmin has the ability to allow Unix users to login > with > > permissions determined by their groups (at Webmin -> Webmin Users -> Configure > Unix > > user Authentication), but this only works when NSS-LDAP has been configured. > > > > - Jamie > > I was afraid you'd say something like that. I haven't been able to get that to > work properly. With the LDAP client, I can browse the AD server but I haven't > been able to figure out how to make the users and groups show up in the LDAP Users > and Groups module. It just baffles me that it can determine the users and groups > that are in AD to select but it can't see them when it tries to add them to Webmin. > It's seems like the viewer is using system calls but the implementation module > uses a different method. You should be able to set this up relatively easily in Webmin using the "LDAP Client" module. - Jamie |
From: Galen J. <Gal...@sa...> - 2012-01-30 19:34:26
|
-----Original Message----- From: Jamie Cameron [mailto:jca...@we...] Sent: Monday, January 30, 2012 2:00 PM To: Webmin users list Subject: Re: [webmin-l] Converting PAM users On 30/Jan/2012 09:58 Galen Johnson <Gal...@sa...> wrote .. > > -----Original Message----- > > > On 29/Jan/2012 18:17 Galen Johnson <Gal...@sa...> wrote .. > >> Hello, > >> > >> I’m having what I hope is a common enough problem that someone has a way to > fix > >> it…or can point me to what I’m missing. I have a RHEL system that uses > AD > >> via a VAS PAM module for authentication. I finally got the system to allow > me > >> to authenticate using the Unix password by explicitly adding the pam args from > >> a different module (it didn’t like the “include” option) to the Webmin > pam.d > >> file. > >> > >> The problem I’m having now is that when I attempt to select a group or even > individual > >> users to add to Webmin, it only looks at the local groups and files. The selection > >> boxes show me the user/group lists and allow me to select them but then fails > silently > >> when clicking “save”. I feel sure I’m missing something simple…some > setting > >> in the bowels of Webmin. If I define the user by hand, it works just fine…however, > >> I have hundreds of users I need to configure certain modules for and would prefer > >> not to have to do them by hand. > >> > >> Has anyone else run into this and how did you fix it? > > > > Hi Galen, > > > > It sounds like you need to setup NSS-LDAP as well, so that active directory users > > are also real Unix users. Webmin has the ability to allow Unix users to login > with > > permissions determined by their groups (at Webmin -> Webmin Users -> Configure > Unix > > user Authentication), but this only works when NSS-LDAP has been configured. > > > > - Jamie > > I was afraid you'd say something like that. I haven't been able to get that to > work properly. With the LDAP client, I can browse the AD server but I haven't > been able to figure out how to make the users and groups show up in the LDAP Users > and Groups module. It just baffles me that it can determine the users and groups > that are in AD to select but it can't see them when it tries to add them to Webmin. > It's seems like the viewer is using system calls but the implementation module > uses a different method. You should be able to set this up relatively easily in Webmin using the "LDAP Client" module. - Jamie I thought that, too :-) =G= |