LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Red Hat
User Name
Password
Red Hat This forum is for the discussion of Red Hat Linux.

Notices

Reply
 
Search this Thread
Old 07-19-2012, 04:30 PM   #1
jonofmac
LQ Newbie
 
Registered: Jul 2012
Posts: 3

Rep: Reputation: Disabled
Kerberos and Active Directory Integration


Hello,

We have a Windows Server which handles all of the user accounts/information and we have several Windows and Linux boxes deployed. The Linux machines all run Scientific Linux 6 (Essentially CentOS 6, which is a redhat like distribution). They use Kerberos to authenticate with the Active Directory server.

When logging in on the Linux machines, when a password is about to expire, it shows "Your password will expire in XX days". Does anyone know the command line approach to find out how many days the password is valid for or expiration date? Similar to using net user in Windows command prompt. I've been searching all over the internet and cannot seem to figure this one out.

Thank you,

Jonathan
 
Old 07-19-2012, 04:39 PM   #2
Kustom42
Senior Member
 
Registered: Mar 2012
Distribution: Red Hat
Posts: 1,565

Rep: Reputation: 410Reputation: 410Reputation: 410Reputation: 410Reputation: 410
You will use the same net user syntax to the windows AD machine. The password policy is maintained on the AD server and as such it is queried from there by kerberos.
 
Old 07-19-2012, 04:53 PM   #3
jonofmac
LQ Newbie
 
Registered: Jul 2012
Posts: 3

Original Poster
Rep: Reputation: Disabled
Thanks,

Do you know what command I would use to sort of "tunnel" the command to the AD server then?
 
Old 07-19-2012, 05:05 PM   #4
Kustom42
Senior Member
 
Registered: Mar 2012
Distribution: Red Hat
Posts: 1,565

Rep: Reputation: 410Reputation: 410Reputation: 410Reputation: 410Reputation: 410
net user username
 
Old 07-19-2012, 11:16 PM   #5
jonofmac
LQ Newbie
 
Registered: Jul 2012
Posts: 3

Original Poster
Rep: Reputation: Disabled
I tried that originally, but it complains about the syntax being "net ads user info username" which asks for password and then output:
[***@***:~]# net ads user info ****
[2012/07/19 23:17:13.249505, 0] utils/net_ads.c:285(ads_startup_int)
ads_connect: No logon servers
[2012/07/19 23:17:16.496133, 0] utils/net_ads.c:285(ads_startup_int)
ads_connect: No logon servers

Not sure why it is doing this...


Edit:
Ok with: net ads user info **** --server=Domain Controller now returns below...

[2012/07/19 23:24:57.040867, 0] libads/kerberos.c:333(ads_kinit_password)
kerberos_kinit_password root@<Domain controller here> failed: Clients credentials have been revoked
I'm getting closer!


EDIT 2:
After running "kinit <username>" and running the command again, i get
wbcLookupSid: WBC_ERR_WINBIND_NOT_AVAILABLE

Any clues?

Last edited by jonofmac; 07-20-2012 at 08:04 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Debian Squeeze, Squid, Kerberos/LDAP Authentication, Active Directory Integration And Cyfin Re LXer Syndicated Linux News 0 06-17-2011 10:12 PM
Active Directory Integration ajaypulla Linux - Newbie 2 10-26-2010 07:07 AM
SLES11, Samba, Kerberos, LDAP integration with Active Directory jstalewski Suse/Novell 1 08-02-2010 01:10 PM
Active Directory Integration haverer Linux - Software 4 09-17-2009 06:31 AM
Active Directory Kerberos macusr Linux - Networking 5 03-24-2006 03:36 PM


All times are GMT -5. The time now is 10:23 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration