一环境介绍:
1.准备安装环境:
系统:centos6.8 x64
2.依赖# yum install perl gcc attr libacl-devel libblkid-devel \
gnutls-devel readline-devel python-devel gdb pkgconfig \
krb5-workstation zlib-devel setroubleshoot-server libaio-devel \
setroubleshoot-plugins policycoreutils-python \
libsemanage-python perl-ExtUtils-MakeMaker perl-Parse-Yapp \
perl-Test-Base popt-devel libxml2-devel libattr-devel \
keyutils-libs-devel cups-devel bind-utils libxslt \
docbook-style-xsl openldap-devel autoconf python-crypto pam-devel
# yum install autoconf automake gdb krb5-devel \
openldap-devel make pam-devel python-devel docbook-style-xsl \
libacl-devel libattr-devel libxslt
3-文件系统要求:
更改共享目录:
ext4系统:
vim /etc/fstab
/dev/... /srv/samba/demo ext4 defaults,barrier=1 1 1
4.安装目录: /usr/local/samba
IP range: 10.0.0.1 - 10.0.0.254
IP network: 10.0.0.0/24
Subnet mask: 255.255.255.0
Default gateway: 10.0.0.254
5.AD信息:
AD domain name: dcone.example.com
NetBIOS domain name: DCONE
AD DNS name: dcone.example.com
AD Kerberos realm: DCONE.EXAMPLE.COM
LDAP Domain DN: DC=dcone,DC=example,DC=com
Domain Administrator: DCONE\Administrator
Domain Administrator password: 456456aaaB
DNS servers: 10.0.0.1
6.AD域控
重要目录:
System binaries ("samba", etc.): /usr/local/samba/sbin/
Other binaries ("smbclient", etc.): /usr/local/samba/bin/
Private dir (AD database, etc.): /usr/local/samba/private/
Cache directory: /usr/local/samba/var/cache/
SysVol share: /usr/local/samba/var/locks/sysvol/
Netlogon share: /usr/local/samba/var/locks/sysvol/samdom.example.com/scripts/
7.域控数据:
Primary Domain Controller (PDC)
AD DC hostname: PDC
IP address: 10.0.0.1
AD DC hostname: DC1
IP address: 10.0.0.1
Server role: Domain Controller (DC)
Act as DNS server: yes
8.建立域,检查/etc/hosts文件配置:
127.0.0.1 localhost.localdomain localhost 10.0.0.1 dcone.example.com DCONE
二.安装过程:
1.下载:https://www.samba.org/
samba-4.4.5.tar.gz
$ tar -zxf samba-4.4.5.tar.gz $ cd samba-4.4.5 $ ./configure make make install
2.vim /etc/profile
export PATH=/usr/local/samba/bin/:/usr/local/samba/sbin/:$PATH source /etc/profile
3.#samba-tool domain provision --use-rfc2307 --interactive
出错提示密码太简单:password does not meet the complexity criteria
4.启动
# samba
5.测试:
$ smbclient -L localhost -U%
$ smbclient //localhost/netlogon -UAdministrator -c ‘ls‘
Enter Administrator‘s password:
Domain=[EXAMPLE] OS=[Windows 6.1] Server=[Samba 4.4.5]
. D 0 Sun Jul 17 14:26:43 2016
.. D 0 Sun Jul 17 14:28:58 2016
6795192 blocks of size 1024. 3240860 blocks available
6.配置:dns
vim /etc/resolv.conf
domain dcone.example.com
nameserver 10.0.0.1
7.测试DNS
~]# host -t SRV _ldap._tcp.example.com
_ldap._tcp.example.com has SRV record 0 100 389 dcone.example.com.
~]# host -t SRV _kerberos._udp.example.com
_kerberos._udp.example.com has SRV record 0 100 88 dcone.example.com.
~]# host -t A dcone.example.com.
dcone.example.com has address 10.0.0.1
8.配置kerberos认证
# ls -sf /usr/local/samba/private/krb5.conf /etc/krb5.conf
以上可以找台windows机器加域了!!!
-----------------------------------------------------------------
三.共享设置:
#mkdir -p /srv/samba/Demo/
#vim /usr/local/samba/etc/smb.conf
[Demo]
path = /srv/samba/Demo/
read only = no
# smbcontrol all reload-config
四.域用户管理及共享管理(通过windows客户端,安装adminpak.msi)