User Tools
контроллер_домена_samba
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
контроллер_домена_samba [2012/07/18 13:43] val |
контроллер_домена_samba [2012/12/10 12:34] val |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| ===== Настройка сервера SAMBA как PDC ===== | ===== Настройка сервера SAMBA как PDC ===== | ||
| - | ==== FreeBSD ==== | + | ==== Установка SAMBA ==== |
| - | <code> | + | |
| - | [server:~] # pkg_add -r samba34 | + | |
| - | [server:~] # pkg_add -r tdb | + | [[Файловый сервер SAMBA#Установка SAMBA]] |
| - | [server:~] # сd /usr/local/etc/ | + | ==== Настройка сервера SAMBA как PDC ==== |
| - | </code> | + | |
| - | ==== Ubuntu ==== | + | === FreeBSD/Ubuntu === |
| - | <code> | + | |
| - | root@server:~# apt-get install samba | + | |
| - | + | ||
| - | root@server:~# cd /etc/samba/ | + | |
| - | </code> | + | |
| - | ==== FreeBSD/Ubuntu ==== | + | |
| <code> | <code> | ||
| server# cat smb.conf | server# cat smb.conf | ||
| Line 42: | Line 33: | ||
| </code> | </code> | ||
| - | ===== Связываем группы windows c группами unix и запускаем контроллер домена ===== | + | ==== Связываем группы windows c группами unix и запускаем контроллер домена ==== |
| - | ==== FreeBSD ==== | + | === FreeBSD === |
| <code> | <code> | ||
| [server:~] # pw groupadd users | [server:~] # pw groupadd users | ||
| Line 51: | Line 42: | ||
| [server:~] # net groupmap add ntgroup="Domain Users" unixgroup=users rid=513 type=d | [server:~] # net groupmap add ntgroup="Domain Users" unixgroup=users rid=513 type=d | ||
| [server:~] # net groupmap add ntgroup="Domain Guests" unixgroup=nobody rid=514 type=d | [server:~] # net groupmap add ntgroup="Domain Guests" unixgroup=nobody rid=514 type=d | ||
| + | |||
| + | [server:~] # net groupmap add ntgroup=group1 unixgroup=group1 rid=15001 type=d | ||
| [server:~] # net groupmap list | [server:~] # net groupmap list | ||
| Line 63: | Line 56: | ||
| </code> | </code> | ||
| - | ==== Ubuntu ==== | + | === Ubuntu === |
| <code> | <code> | ||
| root@server:~# net groupmap add ntgroup="Domain Admins" unixgroup=root rid=512 type=d | root@server:~# net groupmap add ntgroup="Domain Admins" unixgroup=root rid=512 type=d | ||
| root@server:~# net groupmap add ntgroup="Domain Users" unixgroup=users rid=513 type=d | root@server:~# net groupmap add ntgroup="Domain Users" unixgroup=users rid=513 type=d | ||
| root@server:~# net groupmap add ntgroup="Domain Guests" unixgroup=nogroup rid=514 type=d | root@server:~# net groupmap add ntgroup="Domain Guests" unixgroup=nogroup rid=514 type=d | ||
| + | |||
| + | root@server:~# net groupmap add ntgroup=group1 unixgroup=group1 rid=15001 type=d | ||
| root@server:~# net groupmap list | root@server:~# net groupmap list | ||
| root@server:~# restart smbd | root@server:~# restart smbd | ||
| - | root@server:~# start nmbd | + | root@server:~# restart nmbd |
| </code> | </code> | ||
| - | ===== Добавляем суперпользователя root в домен ===== | + | ==== Добавляем суперпользователя root в SAMBA домен ==== |
| <code> | <code> | ||
| server# smbpasswd -a root | server# smbpasswd -a root | ||
| Smb password: password | Smb password: password | ||
| - | … | + | ... |
| server# pdbedit -w -L | server# pdbedit -w -L | ||
| Line 94: | Line 89: | ||
| </code> | </code> | ||
| - | ===== Добавляем компьютер xp в домен ===== | + | ===== Добавление рабочих станций windows в SAMBA домен ===== |
| ==== FreeBSD ==== | ==== FreeBSD ==== | ||
| Line 105: | Line 100: | ||
| ==== Ubuntu ==== | ==== Ubuntu ==== | ||
| <code> | <code> | ||
| - | root@server:~# adduser --force-badname --home /tmp --shell /bin/false client1$ | + | root@server:~# useradd client1$ -d /tmp -s /usr/sbin/nologin |
| - | ... | + | |
| - | Enter new UNIX password: Pa$$w0rd | + | |
| - | root@server:~# adduser --force-badname --home /tmp --shell /bin/false client2$ | + | root@server:~# useradd client2$ -d /tmp -s /usr/sbin/nologin |
| - | ... | + | |
| </code> | </code> | ||
| Line 121: | Line 113: | ||
| [[http://wiki.samba.org/index.php/Windows7]] | [[http://wiki.samba.org/index.php/Windows7]] | ||
| - | ===== Добавляем пользователей user1 и user2 в домен ===== | + | ===== Добавление пользователей в SAMBA домен ===== |
| <code> | <code> | ||
| server# smbpasswd -a user1 | server# smbpasswd -a user1 | ||
| Line 130: | Line 122: | ||
| ... | ... | ||
| ...Password: spassword2 | ...Password: spassword2 | ||
| - | |||
| server# pdbedit -v -L user1 | grep Domain | server# pdbedit -v -L user1 | grep Domain | ||
| server# pdbedit -u user1 -I CORPX | server# pdbedit -u user1 -I CORPX | ||
| + | |||
| server# pdbedit -u user2 -I CORPX | server# pdbedit -u user2 -I CORPX | ||
| </code> | </code> | ||
| Line 140: | Line 132: | ||
| ==== FreeBSD ==== | ==== FreeBSD ==== | ||
| <code> | <code> | ||
| - | [server:~] # pw usermod user1 -G users | + | [server:~] # pw usermod user1 -G group1,users |
| - | [server:~] # pw usermod user2 -G users | + | [server:~] # pw usermod user2 -G group1,users |
| </code> | </code> | ||
| ==== Ubuntu ==== | ==== Ubuntu ==== | ||
| <code> | <code> | ||
| - | root@server:~# usermod -G users user1 | + | root@server:~# usermod -G group1,users user1 |
| - | root@server:~# usermod -G users user2 | + | root@server:~# usermod -G group1,users user2 |
| </code> | </code> | ||
| Line 157: | Line 149: | ||
| </code> | </code> | ||
| - | ===== Использование SAMBA PDC для идентификация доступа к сервисам ===== | + | ===== Добавление серверов unix в SAMBA домен ===== |
| - | ==== Регистрация сервера в PDC ==== | + | ==== FreeBSD ==== |
| - | + | ||
| - | === FreeBSD === | + | |
| <code> | <code> | ||
| [server:~] # pw useradd gate$ -d /tmp -s /usr/sbin/nologin | [server:~] # pw useradd gate$ -d /tmp -s /usr/sbin/nologin | ||
| </code> | </code> | ||
| - | === Ubuntu === | + | ==== Ubuntu ==== |
| <code> | <code> | ||
| - | root@server:~# adduser --force-badname --home /tmp --shell /bin/false gate$ | + | root@server:~# useradd gate$ -d /tmp -s /usr/sbin/nologin |
| - | ... | + | |
| - | ...Password: Pa$$w0rd | + | |
| </code> | </code> | ||
| - | ==== Настройка сервера на использование PDC ==== | + | ==== Настройка gate на использование PDC ==== |
| - | + | ||
| - | Аутентификация в режиме DOMAIN ([[Сервис WINBIND]]) | + | |
| - | + | ||
| - | Авторизация в режиме DOMAIN ([[Сервис WINBIND]]) | + | |
| + | * [[Сервис WINBIND#Регистрация unix системы в домене в режиме DOMAIN]] | ||
| ===== Использование Logon скрипта ===== | ===== Использование Logon скрипта ===== | ||
| Line 186: | Line 170: | ||
| <code> | <code> | ||
| server# cat smb.conf | server# cat smb.conf | ||
| + | </code><code> | ||
| + | [global] | ||
| ... | ... | ||
| logon script = logon.cmd | logon script = logon.cmd | ||
| Line 209: | Line 195: | ||
| <code> | <code> | ||
| server# cat /home/samba/logon.cmd | server# cat /home/samba/logon.cmd | ||
| + | </code><code> | ||
| net use M: \\gate\share | net use M: \\gate\share | ||
| net use N: \\gate\homes | net use N: \\gate\homes | ||
| + | </code><code> | ||
| server# unix2dos /home/samba/logon.cmd | server# unix2dos /home/samba/logon.cmd | ||
| или | или | ||
| server# todos /home/samba/logon.cmd | server# todos /home/samba/logon.cmd | ||
| + | или | ||
| + | awk '{printf $0"\r\n"}' /home/samba/logon.cmd > /home/samba/logon.cmd | ||
| </code> | </code> | ||
| - | Примечание: для установки ПО user должен либо входить в группу локальных админисраторов xp, либо входить в группу администраторов домена wheel (FreeBSD) или root (Ubuntu) | ||
| - | |||
| - | |||
контроллер_домена_samba.txt · Last modified: 2013/05/22 13:50 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
