samba ads配置

yum install -y krb5-libs krb5-deve krb5-workstation pam_krb5 ntp
yum install -y samba samba-client samba-winbind-clients samba-winbind samba-common samba4-libs samba-swat

###修改dns解析  指向内部域dns
echo "
nameserver 172.16.0.10
" >/etc/resolv.conf

###########
\cp -f /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
ntpdate ad.xxxx.com #ntp6.aliyun.com
echo "*/3 * * * * /usr/sbin/ntpdate ad.xxxx.com &> /dev/null" > /tmp/crontab
crontab /tmp/crontab
##########

rpm -qa |grep krb5
rpm -qa |grep samba

sed -i ‘s/^SELINUX=.*/SELINUX=disabled/g‘ /etc/selinux/config
setenforce 0

sed -i "s#HOSTNAME=.*#HOSTNAME=$(hostname)#g" /etc/sysconfig/network
#sed -i ‘s#HOSTNAME=.*##‘ /etc/sysconfig/network-scripts/ifcfg-eth0 

echo "
127.0.0.1 $(hostname).xxxx.com $(hostname)
" >>/etc/hosts
#sed -i ‘s#net.ipv4.ip_forward = 0#net.ipv4.ip_forward = 1#g‘ /etc/sysctl.conf

echo "
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = xxxx.com
dns_lookup_realm = false
dns_lookup_kdc = true
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = yes
[realms]
xxxx.com = {
kdc = ad.xxxx.com:88
admin_server = ad.xxxx.com:749
default_domain = xxxx.com
}
[domain_realm]
.xxxx.com = xxxx.com
xxxx.com = xxxx.com
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
" >/etc/krb5.conf

echo "
passwd: files winbind
shadow: files winbind
group: files winbind
hosts: files dns
" >/etc/nsswitch.conf

echo "
# = = = = = = = = = = = ==GlobalSettings = = = = = = = = = = = = = = = = =
#-----------------------NetworkRelated Options -------------------------
    workgroup =XXXX
    server string  = Samba Server Version %v
    netbios name =$(hostname)
# ----------------------- Domain Members Options ------------------------
    security = ads
    passdb backend = tdbsam
    realm  = xxxx.com
    password server = ad.xxxx.com
    encrypt passwords  = yes
    idmap uid = 16777216-33554431
    idmap gid  = 18777216-33554431
    template shell = /bin/bash
    template homedir  = /home/%U
    winbind use default domain = true
    winbind offline logon  = false
    winbind enum groups = yes
    winbind enum users  = yes
    winbind separator = /
[global]
   ;security  = ads
   ;idmap uid = 16777216-33554431
   ; idmap gid  = 16777216-33554431
   ;template shell = /bin/bash
   ; winbind use default domain  = true
   ; winbind offline logon = false
[home]
     path  = /home/%D/%U
     browsable = no
[printers]
     comment  = All Printers
     path = /var/spool/samba
     printable  = Yes
     browseable = No
[test]
     path  = /test
     write list = XXXX/administrator,XXXX/admin
     valid users  = XXXX/administrator,XXXX/admin
     writeable = yes
     read only  = yes
     browsable = yes
     create mask  = 0777
     directory mask = 0777
" >/etc/samba/smb.conf

yum install setuptool -y
-------------------------------------------------------------------------------------------------------

#域连接测试
kinit -V [email protected]
klist     

#authconfig --enablewinbindauth --enablemd5 --enablekrb5 --disableshadow --update

#加入域
net ads join -U [email protected]

service smb restart
service winbind restart
chkconfig winbind on
chkconfig smb on

#测试是否加入域
wbinfo -t

#读取域用户组信息
wbinfo -g

#读取域用户信息
wbinfo -u 

#检测加入的域
wbinfo -m    

###离开域
net ads leave -U [email protected]

原文地址：https://www.cnblogs.com/blog-lhong/p/11742510.html

时间： 2024-08-30 08:10:15

samba ads配置的相关文章

Samba服务配置详解

引用一下David_Tang同学的Samba简介: Samba是一个能让Linux系统应用Microsoft网络通讯协议的软件,而SMB是Server Message Block的缩写,即为服务器信息块 .SMB主要是作为Microsoft的网络通讯协议,后来Samba将SMB通信协议应用到了Linux系统上,就形成了现在的Samba软件.后来微软又把 SMB 改名为 CIFS(Common Internet File System),即通用互联网文件系统,并且加入了许多新的功能,这样一来,使得

Samba的配置

对于linux与windows共享,和平共处,我们可以用Samba软件 Samba是一套免费的开源软件,可以在linux或其他类unix操作系统上实现windows域控制器,文件服务,打印服务等. Samba实现了windows系统所使用的核心网络协议:SMB(Server Message Block) Samba可以提供如下功能: 活动目录服务(Active Directory Server, ADS) 主域控制器(Primary Domain Controller, PDC) 共享目录共享

Samba网络配置

Samba网络配置操作环境 ubuntu14.04 1. 更新Linux源列表 sudo apt-get update 2. 安装Samba服务 sudo apt-get install samba samba-common 3. 新建访问共享资源的用户和设置密码 1.打开"终端窗口",输入"sudo useradd smbuser"-->回车-->用户创建成功.2.输入"sudo smbpasswd -a smbuser"--&g

centos samba/squid 配置第二十七节课

centos samba/squid 配置第二十七节课上半节课下半节课一. samba配置1. 什么是sambaSamba服务类似于windows上的共享功能,可以实现在Linux上共享文件,windows上访问,当然在Linux上也可以访问到.是一种在局域网上共享文件和打印机的一种通信协议,它为局域网内的不同计算机之间提供文件及打印机等资源的共享服务. 注意:smb侦听端口:139 和 445 端口 2. 安装配置samba yum install -y samba samb

samba简单配置

Samba是在Linux和UNIX系统上实现SMB协议的一个免费软件,由服务器及客户端程序构成.SMB (Server Messages Block,信息服务块)是一种在局域网上共享文件和打印机的一种通信协议,它为局域网内的不同计算机之间提供文件及打印机等资源的共享服务. samb启动的进程 nmbd NetBIOS服务 smbd 监听端口早些版本的TCP139 UDP 137和138 我这里用的samba4没有找到UDP端口,只开放了139端口如果系统自带可以先卸载,r

samba服务配置

Samba服务的配置配置匿名访问: [[email protected]~]# yum -y install samba samba-client //安装samba所需的软件包 [[email protected] ~]# vim /etc/samba/smb.conf //修改配置文件 [global] workgroup =WORKGROUP //工作组更改为workgroup security = share //

Ubuntu_12.04 server amd64安装读取数据失败以及samba的配置

Ubuntu_12.04 server amd64.iso 找了好多工具都会出现在安装组件的时候报错: 从光盘读取数据失败,请检查光盘的完整性: 那首先需要怀疑的是制作u盘启动盘工具错误,我试过很多建议不要使用UltraISO,LinuxLive USB Creator ,Win32 Disk Imager,LaoMaoTao_V2014,WinImage,SaleaeLogic_1.1.16C... 这些都是血淋淋的教训. 建议使用Universal-USB-Installer-1.9.5.4

Samba快速配置

Samba是linux,unix,windows之间进行交互操作的软件组件,Sanma是基于GPL协议的自由开源软件. 快速配置samba文件服务器 1.关闭防火墙和SELinux [[email protected] ~]# setenforce 0 #临时关闭 [[email protected] ~] # sed -i"/SELINUX=/c SELINUX=disable“\ >/etc/sysconfig/selinux #永久的关闭 [[email p

CentOS 6.5 samba实例配置

服务端:Linux CostOS 6.5 ,IP:192.168.1.201客户端:windows7 64位,IP:192.168.1.120 说明:配置此服务用于加强对samba服务的理解,并对用到的smb.conf配置参数做简要的注释,其他没有用到的smb.conf配置参数见我博客的samba配置参数详解一.题目 (1)在此服务器中安装配置Samba服务,创建三个用户m1,m2,m3.分别建立共享m1,m2,m3,public,本地目录分别为/opt/a1./opt/a2./opt/a3.