Differences

This shows you the differences between two versions of the page.

--- ntlm_аутентификация_в_microsoft_ad [2010/08/06 17:43]
val
+++ — (current)
@@ Line 1: / Line 1: @@
-====== NTLM аутентификация в Microsoft AD ======
-===== Настройка службы winbindd =====
-==== FreeBSD ====
-<code>
-[gate:~] # /usr/local/etc/rc.d/samba stop
-[gate:~] # cat /etc/rc.conf
-…
-nmbd_enable="NO"
-smbd_enable="NO"
-winbindd_enable="YES"
-…
-[gate:~] # cd /usr/local/etc/
-</code>
-==== Ubuntu (8.04) ====
-<code>
-root@gate:~# /etc/init.d/samba stop
-</code>
-==== Ubuntu (10.04) ====
-<code>
-root@gate:~# stop nmbd
-root@gate:~# stop smbd
-</code>
-==== Ubuntu ====
-<code>
-root@gate:~# apt-get install winbind
-root@gate:~# cd /etc/samba
-</code>
-==== FreeBSD/Ubuntu ====
-<code>
-gate# cat smb.conf
-</code><code>
-[global]
-        workgroup = ADCORPX
-        security = DOMAIN
-        winbind use default domain = Yes
-</code>
-===== Регистрация службы winbindd в домене =====
-<code>
-gate# net rpc join -U Administrator
-Administrators's password:
-Joined domain ADCORPX
-</code>
-===== Запуск службы winbindd =====
-==== FreeBSD ====
-<code>
-[gate:~] # /usr/local/etc/rc.d/samba start
-</code>
-==== Ubuntu ====
-<code>
-root@gate:~# /etc/init.d/bind9 restart
-root@gate:~# /etc/init.d/winbind restart
-</code>
-==== Проверки ====
-<code>
-gate# ntlm_auth --username=user
-password:
-NT_STATUS_OK: Success (0x0)
-</code>
-===== Использование NTLM аутентификации для proxy сервер squid =====
-==== FreeBSD ====
-<code>
-[gate:~] # pkg_add -r squid
-[gate:~] # chown root:squid /var/db/samba/winbindd_privileged/
-[gate:~] # cat /etc/rc.conf
-...
-squid_enable=yes
-[gate:~] # rehash
-[gate:~] # squid -z
-[gate:~] # cd /usr/local/etc/squid
-</code>
-==== Ubuntu ====
-<code>
-root@gate:~# apt-get install squid
-root@gate:~# cd /etc/squid
-</code>
-==== FreeBSD/Ubuntu ====
-<code>
-gate# rcsdiff squid.conf
-c211
-< #     auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
----
-> # for linux uncomment
-> # auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
-> # for freebsd uncomment
-> # auth_param ntlm program /usr/local/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
-a645,647
-> acl inetuser proxy_auth REQUIRED
-> http_access allow inetuser
-> # http_access allow localnet
-</code>
-==== FreeBSD ====
-<code>
-[gate:~] # /usr/local/etc/rc.d/squid start
-</code>
-==== Ubuntu ====
-<code>
-root@gate:~# /etc/init.d/squid restart
-</code>
-==== Разрешение доступа в интернет на основании членства в группе ====
-<code>
-gate# ntlm_auth --username=user --require-membership-of=ADCORPX\\inet
-</code>
-===== Настройка библиотеки pam на использование winbind =====
-==== FreeBSD ====
-<code>
-[gate:~] # cat /etc/pam.d/sshd
-...
-auth       sufficient      /usr/local/lib/pam_winbind.so
-auth       required        pam_unix.so             no_warn try_first_pass
-</code>
-==== Ubuntu ====
-root@gate:~# apt-get install libpam-modules
-<code>
-root@gate:~# more /etc/pam.d/sshd
-...
-auth       sufficient  pam_winbind.so
-# Standard Un*x authentication.
-...
-</code>

Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Differences

Page Tools