This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
ntlm_аутентификация_и_авторизация_в_microsoft_ad [2009/04/14 17:30] val |
ntlm_аутентификация_и_авторизация_в_microsoft_ad [2013/05/22 13:50] (current) |
||
---|---|---|---|
Line 3: | Line 3: | ||
===== Файловый сервер samba ===== | ===== Файловый сервер samba ===== | ||
<code> | <code> | ||
- | gX# id uX | ||
- | uid=20000(uX) gid=20005(Domain Users) groups=20005(Domain Users), 20011(samba) | ||
- | |||
gX# cat smb.conf | gX# cat smb.conf | ||
... | ... | ||
- | [user_write] | + | [homes] |
- | path = /tmp | + | read only = no |
- | valid users = ADX\uX, ADX\Administrator | + | |
- | read only = no | + | |
- | [group_write] | + | |
- | path = /tmp | + | |
- | valid users = @ADX\samba | + | |
- | read only = no | + | |
</code> | </code> | ||
Line 33: | Line 24: | ||
==== Ubuntu ==== | ==== Ubuntu ==== | ||
<code> | <code> | ||
- | @gX:~# /etc/init.d/samba stop | + | @gX:~# /etc/init.d/samba start |
</code> | </code> | ||
===== Proxy сервер squid ===== | ===== Proxy сервер squid ===== | ||
+ | |||
+ | ==== FreeBSD ==== | ||
<code> | <code> | ||
+ | [gX:~] # pkg_add -r squid | ||
+ | [gX:~] # chown root:squid /var/db/samba/winbindd_privileged/ | ||
+ | |||
+ | [gX:~] # cat /etc/rc.conf | ||
+ | ... | ||
+ | squid_enable=yes | ||
+ | |||
+ | [gX:~] # rehash | ||
+ | [gX:~] # squid -z | ||
+ | |||
+ | [gX:~] # cd /usr/local/etc/squid | ||
</code> | </code> | ||
+ | |||
+ | ==== Ubuntu ==== | ||
+ | <code> | ||
+ | root@gX:~# apt-get install squid | ||
+ | |||
+ | root@gX:~# cd /etc/squid | ||
+ | </code> | ||
+ | |||
+ | ==== FreeBSD/Ubuntu ==== | ||
+ | <code> | ||
+ | gX# rcsdiff squid.conf | ||
+ | 211c211 | ||
+ | < # auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp | ||
+ | --- | ||
+ | > # for linux uncomment | ||
+ | > # auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp | ||
+ | > # for freebsd uncomment | ||
+ | > # auth_param ntlm program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp | ||
+ | 644a645,647 | ||
+ | > acl inetuser proxy_auth REQUIRED | ||
+ | > http_access allow inetuser | ||
+ | > # http_access allow localnet | ||
+ | </code> | ||
+ | |||
+ | ==== FreeBSD ==== | ||
+ | <code> | ||
+ | [gX:~] # /usr/local/etc/rc.d/squid start | ||
+ | </code> | ||
+ | |||
+ | ==== Ubuntu ==== | ||
+ | <code> | ||
+ | root@gX:~# /etc/init.d/squid restart | ||
+ | </code> | ||
+ | |||
+ | ==== Разрешение доступа в интернет на основании членства в группе ==== | ||
+ | <code> | ||
+ | gX# ntlm_auth --username=uX --require-membership-of=ADX\\inet | ||
+ | </code> | ||
+ |