User Tools
контроллер_домена_samba
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
контроллер_домена_samba [2012/07/18 13:28] val |
контроллер_домена_samba [2012/07/30 20:47] val |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| ===== Настройка сервера SAMBA как PDC ===== | ===== Настройка сервера SAMBA как PDC ===== | ||
| - | ==== FreeBSD ==== | + | ==== Установка SAMBA ==== |
| - | <code> | + | |
| - | [server:~] # pkg_add -r samba34 | + | |
| - | [server:~] # сd /usr/local/etc/ | + | [[Файловый сервер SAMBA#Установка SAMBA]] |
| - | </code> | + | |
| - | ==== Ubuntu ==== | + | ==== Настройка сервера SAMBA как PDC ==== |
| - | <code> | + | |
| - | root@server:~# apt-get install samba | + | |
| - | root@server:~# cd /etc/samba/ | + | === FreeBSD/Ubuntu === |
| - | </code> | + | |
| - | ==== FreeBSD/Ubuntu ==== | + | |
| <code> | <code> | ||
| server# cat smb.conf | server# cat smb.conf | ||
| Line 32: | Line 25: | ||
| path = /home/ | path = /home/ | ||
| read only = no | read only = no | ||
| - | map hidden = Yes | + | map hidden = Yes |
| map system = Yes | map system = Yes | ||
| </code><code> | </code><code> | ||
| Line 40: | Line 33: | ||
| </code> | </code> | ||
| - | ===== Связываем группы windows c группами unix и запускаем контроллер домена ===== | + | ==== Связываем группы windows c группами unix и запускаем контроллер домена ==== |
| - | ==== FreeBSD ==== | + | === FreeBSD === |
| <code> | <code> | ||
| [server:~] # pw groupadd users | [server:~] # pw groupadd users | ||
| Line 49: | Line 42: | ||
| [server:~] # net groupmap add ntgroup="Domain Users" unixgroup=users rid=513 type=d | [server:~] # net groupmap add ntgroup="Domain Users" unixgroup=users rid=513 type=d | ||
| [server:~] # net groupmap add ntgroup="Domain Guests" unixgroup=nobody rid=514 type=d | [server:~] # net groupmap add ntgroup="Domain Guests" unixgroup=nobody rid=514 type=d | ||
| + | |||
| + | [server:~] # net groupmap add ntgroup=group1 unixgroup=group1 rid=15001 type=d | ||
| [server:~] # net groupmap list | [server:~] # net groupmap list | ||
| Line 61: | Line 56: | ||
| </code> | </code> | ||
| - | ==== Ubuntu ==== | + | === Ubuntu === |
| <code> | <code> | ||
| root@server:~# net groupmap add ntgroup="Domain Admins" unixgroup=root rid=512 type=d | root@server:~# net groupmap add ntgroup="Domain Admins" unixgroup=root rid=512 type=d | ||
| Line 70: | Line 65: | ||
| root@server:~# restart smbd | root@server:~# restart smbd | ||
| - | root@server:~# start nmbd | + | root@server:~# restart nmbd |
| </code> | </code> | ||
| - | ===== Добавляем суперпользователя root в домен ===== | + | ==== Добавляем суперпользователя root в SAMBA домен ==== |
| <code> | <code> | ||
| server# smbpasswd -a root | server# smbpasswd -a root | ||
| Smb password: password | Smb password: password | ||
| - | … | + | ... |
| server# pdbedit -w -L | server# pdbedit -w -L | ||
| Line 92: | Line 87: | ||
| </code> | </code> | ||
| - | ===== Добавляем компьютер xp в домен ===== | + | ===== Добавление рабочих станций windows в SAMBA домен ===== |
| ==== FreeBSD ==== | ==== FreeBSD ==== | ||
| Line 103: | Line 98: | ||
| ==== Ubuntu ==== | ==== Ubuntu ==== | ||
| <code> | <code> | ||
| - | root@server:~# adduser --force-badname --home /tmp --shell /bin/false client1$ | + | root@server:~# useradd client1$ -d /tmp -s /usr/sbin/nologin |
| - | ... | + | |
| - | Enter new UNIX password: Pa$$w0rd | + | |
| - | root@server:~# adduser --force-badname --home /tmp --shell /bin/false client2$ | + | root@server:~# useradd client2$ -d /tmp -s /usr/sbin/nologin |
| - | ... | + | |
| </code> | </code> | ||
| Line 119: | Line 111: | ||
| [[http://wiki.samba.org/index.php/Windows7]] | [[http://wiki.samba.org/index.php/Windows7]] | ||
| - | ===== Добавляем пользователей user1 и user2 в домен ===== | + | ===== Добавление пользователей в SAMBA домен ===== |
| <code> | <code> | ||
| server# smbpasswd -a user1 | server# smbpasswd -a user1 | ||
| Line 128: | Line 120: | ||
| ... | ... | ||
| ...Password: spassword2 | ...Password: spassword2 | ||
| - | |||
| server# pdbedit -v -L user1 | grep Domain | server# pdbedit -v -L user1 | grep Domain | ||
| server# pdbedit -u user1 -I CORPX | server# pdbedit -u user1 -I CORPX | ||
| + | |||
| server# pdbedit -u user2 -I CORPX | server# pdbedit -u user2 -I CORPX | ||
| </code> | </code> | ||
| Line 138: | Line 130: | ||
| ==== FreeBSD ==== | ==== FreeBSD ==== | ||
| <code> | <code> | ||
| - | [server:~] # pw usermod user1 -G users | + | [server:~] # pw usermod user1 -G group1,users |
| - | [server:~] # pw usermod user2 -G users | + | [server:~] # pw usermod user2 -G group1,users |
| </code> | </code> | ||
| ==== Ubuntu ==== | ==== Ubuntu ==== | ||
| <code> | <code> | ||
| - | root@server:~# usermod -G users user1 | + | root@server:~# usermod -G group1,users user1 |
| - | root@server:~# usermod -G users user2 | + | root@server:~# usermod -G group1,users user2 |
| </code> | </code> | ||
| Line 155: | Line 147: | ||
| </code> | </code> | ||
| - | ===== Использование SAMBA PDC для идентификация доступа к сервисам ===== | + | ===== Добавление серверов unix в SAMBA домен ===== |
| - | ==== Регистрация сервера в PDC ==== | + | ==== FreeBSD ==== |
| - | + | ||
| - | === FreeBSD === | + | |
| <code> | <code> | ||
| [server:~] # pw useradd gate$ -d /tmp -s /usr/sbin/nologin | [server:~] # pw useradd gate$ -d /tmp -s /usr/sbin/nologin | ||
| </code> | </code> | ||
| - | === Ubuntu === | + | ==== Ubuntu ==== |
| <code> | <code> | ||
| - | root@server:~# adduser --force-badname --home /tmp --shell /bin/false gate$ | + | root@server:~# useradd gate$ -d /tmp -s /usr/sbin/nologin |
| - | ... | + | |
| - | ...Password: Pa$$w0rd | + | |
| </code> | </code> | ||
| - | ==== Настройка сервера на использование PDC ==== | + | ==== Настройка gate на использование PDC ==== |
| - | + | ||
| - | Аутентификация в режиме DOMAIN ([[Сервис WINBIND]]) | + | |
| - | + | ||
| - | Авторизация в режиме DOMAIN ([[Сервис WINBIND]]) | + | |
| + | * [[Сервис WINBIND#Регистрация unix системы в домене в режиме DOMAIN]] | ||
| ===== Использование Logon скрипта ===== | ===== Использование Logon скрипта ===== | ||
| Line 184: | Line 168: | ||
| <code> | <code> | ||
| server# cat smb.conf | server# cat smb.conf | ||
| + | </code><code> | ||
| + | [global] | ||
| ... | ... | ||
| logon script = logon.cmd | logon script = logon.cmd | ||
| Line 207: | Line 193: | ||
| <code> | <code> | ||
| server# cat /home/samba/logon.cmd | server# cat /home/samba/logon.cmd | ||
| + | </code><code> | ||
| net use M: \\gate\share | net use M: \\gate\share | ||
| net use N: \\gate\homes | net use N: \\gate\homes | ||
| + | </code><code> | ||
| server# unix2dos /home/samba/logon.cmd | server# unix2dos /home/samba/logon.cmd | ||
| или | или | ||
| server# todos /home/samba/logon.cmd | server# todos /home/samba/logon.cmd | ||
| </code> | </code> | ||
| - | Примечание: для установки ПО user должен либо входить в группу локальных админисраторов xp, либо входить в группу администраторов домена wheel (FreeBSD) или root (Ubuntu) | ||
| - | |||
контроллер_домена_samba.txt · Last modified: 2013/05/22 13:50 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
