User Tools
ldap_авторизация_в_microsoft_ad
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
ldap_авторизация_в_microsoft_ad [2009/04/16 14:05] val |
— (current) | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== LDAP авторизация в Microsoft AD ====== | ||
| - | ===== Получение информации о пользователе в AD по протоколу LDAP ===== | ||
| - | <code> | ||
| - | gX# ldapsearch -x -h sX -b "dc=adX,dc=class" -D "cn=Administrator,cn=Users,dc=adX,dc=class" -W "sAMAccountName=uX" | ||
| - | </code> | ||
| - | |||
| - | ===== Модификация схемы AD ===== | ||
| - | |||
| - | Устанавливаем NIS server из пакета SFU | ||
| - | |||
| - | Опции инсталяции: | ||
| - | <code> | ||
| - | Custom: | ||
| - | Server for NIS | ||
| - | </code> | ||
| - | Добавляем группу "guX" | ||
| - | |||
| - | Устанавливаем ее UNIX свойство | ||
| - | <code> | ||
| - | gid: 10001 | ||
| - | </code> | ||
| - | |||
| - | Добавляем UNIX атрибуты пользователю "uX" | ||
| - | <code> | ||
| - | uid: 10001 | ||
| - | группа по умолчанию: guX | ||
| - | home dir: /home/uX | ||
| - | </code> | ||
| - | |||
| - | ===== Удаляем учетную запись uX из системы ===== | ||
| - | Оставьте домашний каталог | ||
| - | |||
| - | ==== FreeBSD ==== | ||
| - | <code> | ||
| - | [gX:~] # rmuser uX | ||
| - | </code> | ||
| - | |||
| - | ==== Ubuntu ==== | ||
| - | <code> | ||
| - | root@g13:~# userdel uX | ||
| - | </code> | ||
| - | |||
| - | ==== FreeBSD/Ubuntu ==== | ||
| - | <code> | ||
| - | gX# id uX | ||
| - | id: uX: No such user | ||
| - | </code> | ||
| - | |||
| - | ===== Настройка nss ldap на использование AD ===== | ||
| - | |||
| - | ==== FreeBSD ==== | ||
| - | <code> | ||
| - | [gX:~] # pkg_add -r nss_ldap | ||
| - | |||
| - | [gX:~] # cat /usr/local/etc/nss_ldap.conf | ||
| - | </code> | ||
| - | |||
| - | ==== Ubuntu ==== | ||
| - | <code> | ||
| - | root@gX:~# apt-get install libnss-ldap | ||
| - | Ответы по умолчанию | ||
| - | |||
| - | root@gX:~# cat /etc/ldap.conf | ||
| - | </code> | ||
| - | |||
| - | ==== FreeBSD/Ubuntu ==== | ||
| - | <code> | ||
| - | host 192.168.X.20 # for restart local dns | ||
| - | base dc=adX,dc=class | ||
| - | binddn cn=Administrator,cn=Users,dc=adX,dc=class | ||
| - | bindpw password | ||
| - | scope sub | ||
| - | nss_base_passwd cn=Users,dc=adX,dc=class?one | ||
| - | nss_base_group cn=Users,dc=adX,dc=class?one | ||
| - | nss_map_objectclass posixAccount User | ||
| - | nss_map_attribute uid msSFU30Name | ||
| - | nss_map_attribute uniqueMember msSFU30PosixMember | ||
| - | nss_map_attribute homeDirectory msSFU30HomeDirectory | ||
| - | nss_map_objectclass posixGroup Group | ||
| - | nss_map_attribute gidNumber msSFU30GidNumber | ||
| - | nss_map_attribute uidNumber msSFU30UidNumber | ||
| - | nss_map_attribute loginShell msSFU30LoginShell | ||
| - | </code> | ||
| - | |||
| - | ===== Настройка nsswitch на использование ldap ===== | ||
| - | <code> | ||
| - | gX# cat /etc/nsswitch.conf | ||
| - | ... | ||
| - | group: files ldap | ||
| - | passwd: files ldap | ||
| - | shadow: files ldap #для linux | ||
| - | ... | ||
| - | </code> | ||
ldap_авторизация_в_microsoft_ad.1239876302.txt.gz · Last modified: 2013/05/22 13:50 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
