Benutzer-Werkzeuge
admin_grundlagen:samba-member
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen gezeigt.
| — |
admin_grundlagen:samba-member [2014/02/20 19:28] (aktuell) |
||
|---|---|---|---|
| Zeile 1: | Zeile 1: | ||
| + | ====== PDC ====== | ||
| + | Vorraussetzung: weiterer Rechner ist [[samba-pdc]] oder [[samba-ldap-pdc]] | ||
| + | ====== Domänen-Mitglied ohne Winbind ====== | ||
| + | (nicht empfohlen) | ||
| + | ===== Pakete ===== | ||
| + | samba | ||
| + | |||
| + | ===== Konfiguration ===== | ||
| + | ''/etc/samba/smb.conf'' : | ||
| + | <file> | ||
| + | [global] | ||
| + | workgroup = kurs | ||
| + | security = domain | ||
| + | add user script = /usr/sbin/useradd -d /tmp %u | ||
| + | |||
| + | [freigabe] | ||
| + | path = /tmp | ||
| + | writable = yes | ||
| + | </file> | ||
| + | |||
| + | ====== Domänen-Mitglied mit Winbind====== | ||
| + | ===== Benötigte Pakete ===== | ||
| + | Debian: samba winbind | ||
| + | |||
| + | CentOS: samba samba-common | ||
| + | |||
| + | openSuSE ab 11.4: samba-winbind | ||
| + | ===== Winbind tdb Konfiguration ===== | ||
| + | ''/etc/samba/smb.conf'' : | ||
| + | <file> | ||
| + | [global] | ||
| + | workgroup = kurs | ||
| + | security = domain | ||
| + | idmap uid = 20000 - 30000 | ||
| + | idmap gid = 20000 - 30000 | ||
| + | template shell = /bin/bash | ||
| + | winbind use default domain = Yes | ||
| + | |||
| + | # ab samba 3.4 notwendig: ( gibts da noch ne andere Lösung? ) | ||
| + | map untrusted to domain = yes | ||
| + | |||
| + | [freigabe] | ||
| + | path = /tmp | ||
| + | writable = yes | ||
| + | </file> | ||
| + | |||
| + | openSuSE ab 11.4: | ||
| + | /etc/init.d/smb stop | ||
| + | /etc/init.d/nmb stop | ||
| + | CentOS 5: | ||
| + | /etc/init.d/smb stop | ||
| + | Debian 5: | ||
| + | /etc/init.d/samba stop | ||
| + | |||
| + | |||
| + | ====== Rechner in die Domäne aufnehmen ====== | ||
| + | Bug in openSuSE 13.1 (PDC): AppArmor verhindert, dass auf dem PDC ein Benutzer angelegt werden kann. Lösung: auf dem PDC | ||
| + | systemctl stop apparmor.service | ||
| + | |||
| + | |||
| + | net rpc join -U smbadmin | ||
| + | |||
| + | openSuSE ab 11.4: | ||
| + | /etc/init.d/winbind restart | ||
| + | /etc/init.d/smb start | ||
| + | /etc/init.d/nmb start | ||
| + | CentOS 5: | ||
| + | /etc/init.d/smb start | ||
| + | Debian 5: | ||
| + | /etc/init.d/winbind restart | ||
| + | /etc/init.d/samba start | ||
| + | |||
| + | ===== Domänenaufname testen ===== | ||
| + | wbinfo --own-domain | ||
| + | wbinfo -t | ||
| + | wbinfo -u | ||
| + | wbinfo -a kurs\\iw%villa | ||
| + | |||
| + | ====== Linux Benutzer über winbind beziehen ====== | ||
| + | ''/etc/nsswitch.conf'' : | ||
| + | <file> | ||
| + | passwd: files winbind | ||
| + | group: files winbind | ||
| + | shadow: files winbind | ||
| + | </file> | ||
| + | |||
| + | oder | ||
| + | |||
| + | ''/etc/nsswitch.conf'' : | ||
| + | <file> | ||
| + | passwd: compat | ||
| + | group: compat | ||
| + | shadow: compat | ||
| + | passwd_compat: winbind | ||
| + | group_compat: winbind | ||
| + | shadow_compat: winbind | ||
| + | </file> | ||
| + | |||
| + | echo '+::::Samba User::' >> /etc/passwd | ||
| + | echo '+:::' >> /etc/group | ||
| + | echo '+::::::::' >> /etc/shadow | ||
| + | |||
| + | |||
| + | ===== testen ===== | ||
| + | getent passwd iw | ||
| + | |||
| + | |||
| + | ====== Checkliste ====== | ||
| + | ===== Ist Samba Domänenmitglied? ===== | ||
| + | net rpc testjoin -U smbadmin | ||
admin_grundlagen/samba-member.txt · Zuletzt geändert: 2014/02/20 19:28 (Externe Bearbeitung)
Seiten-Werkzeuge
Falls nicht anders bezeichnet, ist der Inhalt dieses Wikis unter der folgenden Lizenz veröffentlicht: CC Attribution-Noncommercial-Share Alike 4.0 International
