User Tools
ntlm_авторизация_в_microsoft_ad
This is an old revision of the document!
Table of Contents
NTLM авторизация в Microsoft AD
Настройка службы winbindd
gX# cat smb.conf
[global]
workgroup = ADX
security = DOMAIN
winbind use default domain = Yes
idmap uid = 20000-40000
idmap gid = 20000-40000
template homedir = /home/%U
template shell = /bin/sh
winbind enum users = yes
winbind enum groups = yes
winbind cache time = 36
Запуск службы winbindd
FreeBSD
[gX:~] # /usr/local/etc/rc.d/samba restart
Ubuntu
root@gX:~# /etc/init.d/bind9 restart root@gX:~# /etc/init.d/winbind restart
Проверки
gX# ntlm_auth --username=uX password: NT_STATUS_OK: Success (0x0) gX# wbinfo -u ... gX# wbinfo -g ...
Настройка библиотеки nsswitch на использование winbind
gX# cat /etc/nsswitch.conf … group: files winbind passwd: files winbind shadow: files winbind # for linux only … gX# wbinfo -n uX gX# wbinfo -S … gX# id uX gX# chown -R uX:'domain users' /home/uX
Настройка библиотеки pam на использование winbind
FreeBSD
[gX:~] # cat /etc/pam.d/sshd ... auth sufficient /usr/local/lib/pam_winbind.so auth required pam_unix.so no_warn try_first_pass
Ubuntu
root@g15:~# apt-get install libpam-modules
root@gX:~# more /etc/pam.d/sshd ... auth sufficient pam_winbind.so # Standard Un*x authentication. ...
ntlm_авторизация_в_microsoft_ad.1240218331.txt.gz · Last modified: 2013/05/22 13:50 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
