User Tools
winbind_синхронизация_пользователей_с_microsoft_ad
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
winbind_синхронизация_пользователей_с_microsoft_ad [2009/04/17 08:29] val |
— (current) | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== WINBIND синхронизация пользователей с Microsoft AD ====== | ||
| - | ===== Настройка службы winbindd ===== | ||
| - | |||
| - | ==== FreeBSD ==== | ||
| - | <code> | ||
| - | [gX:~] # /usr/local/etc/rc.d/samba stop | ||
| - | |||
| - | [gX:~] # cat /etc/rc.conf | ||
| - | … | ||
| - | nmbd_enable="NO" | ||
| - | smbd_enable="NO" | ||
| - | winbindd_enable="YES" | ||
| - | … | ||
| - | |||
| - | [gX:~] # cd /usr/local/etc/ | ||
| - | </code> | ||
| - | |||
| - | ==== Ubuntu ==== | ||
| - | <code> | ||
| - | root@gX:~# /etc/init.d/samba stop | ||
| - | |||
| - | root@gX:~# apt-get install winbind | ||
| - | |||
| - | root@gX:~# cd /etc/samba | ||
| - | </code> | ||
| - | |||
| - | ==== FreeBSD/Ubuntu ==== | ||
| - | <code> | ||
| - | gX# cat smb.conf | ||
| - | </code><code> | ||
| - | [global] | ||
| - | workgroup = ADX | ||
| - | security = DOMAIN | ||
| - | idmap uid = 20000-40000 | ||
| - | idmap gid = 20000-40000 | ||
| - | template homedir = /home/%U | ||
| - | template shell = /bin/sh | ||
| - | winbind cache time = 36 | ||
| - | winbind use default domain = Yes | ||
| - | winbind enum users = yes | ||
| - | winbind enum groups = yes | ||
| - | </code><code> | ||
| - | gX# testparm | ||
| - | Load smb config files from /usr/local/etc/smb.conf | ||
| - | Loaded services file OK. | ||
| - | Server role: ROLE_DOMAIN_MEMBER | ||
| - | Press enter to see a dump of your service definitions | ||
| - | </code> | ||
| - | |||
| - | ===== Регистрация службы winbindd в домене ===== | ||
| - | <code> | ||
| - | gX# net rpc join -U Administrator | ||
| - | Administrators's password: | ||
| - | Joined domain ADX | ||
| - | </code> | ||
| - | |||
| - | ===== Запуск службы winbindd ===== | ||
| - | |||
| - | ==== FreeBSD ==== | ||
| - | <code> | ||
| - | [gX:~] # /usr/local/etc/rc.d/samba start | ||
| - | </code> | ||
| - | |||
| - | ==== Ubuntu ==== | ||
| - | <code> | ||
| - | root@gX:~# /etc/init.d/bind9 restart | ||
| - | root@gX:~# /etc/init.d/winbind restart | ||
| - | </code> | ||
| - | |||
| - | ==== Проверки ==== | ||
| - | <code> | ||
| - | gX# ntlm_auth --username=uX | ||
| - | password: | ||
| - | NT_STATUS_OK: Success (0x0) | ||
| - | |||
| - | gX# wbinfo -u | ||
| - | ... | ||
| - | |||
| - | gX# wbinfo -g | ||
| - | ... | ||
| - | </code> | ||
| - | |||
| - | ===== Настройка библиотеки nsswitch на использование winbind ===== | ||
| - | <code> | ||
| - | gX# cat /etc/nsswitch.conf | ||
| - | … | ||
| - | group: files winbind | ||
| - | passwd: files winbind | ||
| - | shadow: files winbind # for linux only | ||
| - | … | ||
| - | |||
| - | gX# wbinfo -n uX | ||
| - | gX# wbinfo -S … | ||
| - | |||
| - | gX# id uX | ||
| - | |||
| - | gX# chown -R uX:'domain users' /home/uX | ||
| - | </code> | ||
| - | |||
| - | ===== Настройка библиотеки pam на использование winbind ===== | ||
| - | |||
| - | ==== FreeBSD ==== | ||
| - | <code> | ||
| - | [gX:~] # cat /etc/pam.d/sshd | ||
| - | ... | ||
| - | auth sufficient /usr/local/lib/pam_winbind.so | ||
| - | auth required pam_unix.so no_warn try_first_pass | ||
| - | </code> | ||
| - | |||
| - | ==== Ubuntu ==== | ||
| - | root@g15:~# apt-get install libpam-modules | ||
| - | |||
| - | <code> | ||
| - | root@gX:~# more /etc/pam.d/sshd | ||
| - | ... | ||
| - | auth sufficient /lib/security/pam_winbind.so | ||
| - | # Standard Un*x authentication. | ||
| - | ... | ||
| - | </code> | ||
winbind_синхронизация_пользователей_с_microsoft_ad.1239942574.txt.gz · Last modified: 2013/05/22 13:50 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
