This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
ntlm_аутентификация_и_авторизация_в_microsoft_ad [2009/04/14 17:27] val created |
ntlm_аутентификация_и_авторизация_в_microsoft_ad [2013/05/22 13:50] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== NTLM аутентификация и авторизация в Microsoft AD ====== | ====== NTLM аутентификация и авторизация в Microsoft AD ====== | ||
+ | |||
+ | ===== Файловый сервер samba ===== | ||
+ | <code> | ||
+ | gX# cat smb.conf | ||
+ | ... | ||
+ | [homes] | ||
+ | read only = no | ||
+ | </code> | ||
+ | |||
+ | ==== FreeBSD ==== | ||
+ | <code> | ||
+ | [gX:~] # /usr/local/etc/rc.d/samba stop | ||
+ | |||
+ | [gX:~] # ee /etc/rc.conf | ||
+ | ... | ||
+ | winbindd_enable="YES" | ||
+ | nmbd_enable="YES" | ||
+ | smbd_enable="YES" | ||
+ | |||
+ | [gX:~] # /usr/local/etc/rc.d/samba start | ||
+ | </code> | ||
+ | |||
+ | ==== Ubuntu ==== | ||
+ | <code> | ||
+ | @gX:~# /etc/init.d/samba start | ||
+ | </code> | ||
+ | |||
+ | ===== Proxy сервер squid ===== | ||
+ | |||
+ | ==== FreeBSD ==== | ||
+ | <code> | ||
+ | [gX:~] # pkg_add -r squid | ||
+ | |||
+ | [gX:~] # chown root:squid /var/db/samba/winbindd_privileged/ | ||
+ | |||
+ | [gX:~] # cat /etc/rc.conf | ||
+ | ... | ||
+ | squid_enable=yes | ||
+ | |||
+ | [gX:~] # rehash | ||
+ | [gX:~] # squid -z | ||
+ | |||
+ | [gX:~] # cd /usr/local/etc/squid | ||
+ | </code> | ||
+ | |||
+ | ==== Ubuntu ==== | ||
+ | <code> | ||
+ | root@gX:~# apt-get install squid | ||
+ | |||
+ | root@gX:~# cd /etc/squid | ||
+ | </code> | ||
+ | |||
+ | ==== FreeBSD/Ubuntu ==== | ||
+ | <code> | ||
+ | gX# rcsdiff squid.conf | ||
+ | 211c211 | ||
+ | < # auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp | ||
+ | --- | ||
+ | > # for linux uncomment | ||
+ | > # auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp | ||
+ | > # for freebsd uncomment | ||
+ | > # auth_param ntlm program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp | ||
+ | 644a645,647 | ||
+ | > acl inetuser proxy_auth REQUIRED | ||
+ | > http_access allow inetuser | ||
+ | > # http_access allow localnet | ||
+ | </code> | ||
+ | |||
+ | ==== FreeBSD ==== | ||
+ | <code> | ||
+ | [gX:~] # /usr/local/etc/rc.d/squid start | ||
+ | </code> | ||
+ | |||
+ | ==== Ubuntu ==== | ||
+ | <code> | ||
+ | root@gX:~# /etc/init.d/squid restart | ||
+ | </code> | ||
+ | |||
+ | ==== Разрешение доступа в интернет на основании членства в группе ==== | ||
+ | <code> | ||
+ | gX# ntlm_auth --username=uX --require-membership-of=ADX\\inet | ||
+ | </code> | ||