Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Using Samba On Debian Linux

    Încărcat de

    Márcio O Borges
    32 vizualizări4 pagini
    Using Samba on Debian Linux

    Titlu original

    Using Samba on Debian Linux

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    Using Samba on Debian Linux

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    32 vizualizări4 pagini

    Using Samba On Debian Linux

    Încărcat de

    Márcio O Borges
    Using Samba on Debian Linux

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 4

    08/04/2015

    UsingSambaonDebianLinux

    DebianAdministration
    About
    Archive
    Contribute
    FAQ
    Search
    Tags

    UsingSambaonDebianLinux
    PostedbyltackmannonThu26Jan2006at10:29
    Tags:activedirectory,filesystems,howto,kerberos,network,samba
    ThisarticlewillshowyouhowtoinstallSamba3.XonDebianLinux3.1(Sarge)andmakeit
    authenticateagainstaWindowsserverrunningActiveDirectory.Itisnotintendedonreplacingthe
    actualofficialSamba3manualwhichisaquitegoodreadanyway.

    Coresoftware
    IwillshowtwowaysofinstallingSamba:usingaptordirectlyfromsourceineithercasemakesure
    apt'spackageindexfilesaresynchronized:
    aptgetupdate
    aptgetupgrade

    Toinstallfromaptrun:
    aptgetinstallsambasmbclientwinbindkrb5dockrb5user\

    krb5config

    TocompileSambayourselfyouneedtohaveMITKerberosandOpenLDAPinstalled:
    aptgetinstalllibkrb53libcupsys2gnutls10libldap2\

    libldap2devlibkrb5devkrb5dockrb5user\

    krb5config

    ThengrapthelatestversionoftheSambasource(forthisarticlewewillusesamba3.0.9.tar.gz),and
    do:
    tarzxvfsamba3.0.9.tar.gzC/tmp/
    cd/tmp/samba3.0.9/source
    ./configure\

    prefix=/usr\

    localstatedir=/var\

    withconfigdir=/etc/samba\

    withprivatedir=/etc/samba\

    withfhs\

    withquotas\

    withsmbmount\

    withpam\

    withpam_smbpass\

    withsyslog\

    withutmp\

    withsambabook=/usr/share/swat/using_samba\
    https://www.debianadministration.org/article/340/Using_Samba_on_Debian_Linux

    1/14

    08/04/2015

    UsingSambaonDebianLinux

    withswatdir=/usr/share/swat\

    withsharedmodules=idmap_rid\

    withlibsmbclient\

    withautomount\

    withmsdfs\

    withads\

    withwinbind\

    withwinbindauthchallenge\

    withmanpageslangs=en\

    withidmap\

    withaclsupport\

    withldap
    make
    makeinstall

    Windowsserversetup
    InstallaWindowsserverandmakeitactasadomaincontroller(seethisguideforpointersonsetting
    upadomaincontroller).Iwillusethefollowngserversetup:
    DomainadministratoracountonWindowsserver:administrator>
    Domainname:testdomain
    Fullyqualifieddomainname:testdomain.local
    HostnameofWindowsdomaincontroller:win2003test
    IPaddressofWindowsdomaincontroller:192.168.1.101
    Youshouldfamilateyourselfwithwhatthesecororspondstoinyourlocaldomainbeforecontinuing
    withthisguide.

    Networksetup
    WeneedtomakesurethatDNSisworkingproperlyontheserverrunningSamba,thisisdoneby
    makingtheWindowsDomaincontrollerthedefaultDNSserver.TodothisIsubstitutemyDNS
    configurationin/etc/resolve.confwiththefolowing:
    searchtestdomain.local
    nameserver192.168.1.101

    IfyouhavemorethanoneDNSserverinyourdomain,thenalsoaddthemhere.TestDNSusing:
    nslookupwin2003test
    >Server:192.168.1.101
    >Address:192.168.1.101
    >Name:win2003test.testdomain.local
    >Address:192.168.1.101

    Testreverselookupusing:
    host192.168.1.101
    >101.1.168.192.inaddr.arpadomainnamepointer
    >win2003test.testdomain.local.

    Ifforsomereasonanyofthesetwotestfails,thengothroughyournetworksetupandthissection
    https://www.debianadministration.org/article/340/Using_Samba_on_Debian_Linux

    2/14

    08/04/2015

    UsingSambaonDebianLinux

    again.YourDNSmustbecorrectlyconfiguredinordertorunSambasuccessfullywithActive
    Directory.

    Kerberossetup
    WewillhavetoconfigureKerberos(oryoucouldavoidthisbysettingthepasswordserverin
    /etc/samba/smb.conf,tothePDCemulatorbutthenyouwouldbetalkingoldschoolNTLMwiththe
    domaincontroller).TogetrealADworkingaddthefolowinglinesto/etc/krb5.conf:
    [realms]
    TESTDOMAIN.LOCAL={

    kdc=win2003test.testdomain.local

    admin_server=win2003test.testdomain.local
    }

    Thendo:
    kinitadministrator@TESTDOMAIN.LOCAL

    Thesyntaxiskinituser@REALM,whereREALMisyourActiveDirectorydomainnameandmustbe
    alluppercase.Ifyoudonotusealluppercasefortherealm,you'lleitherreceivethiserror:kinit(v5):
    CannotfindKDCforrequestedrealmwhilegettinginitialcredentialsorthiserror:kinit(v5):KDC
    replydidnotmatchexpectationswhilegettinginitialcredentials.Youcantestyourkerberossetupby
    issuing
    klist

    Ifitreportsthatyouhavenokeysinthecachethensomethingiswrong.Intheeventthatyourecive:
    kinit(v5):Clockskewtoogreatwhilegettinginitialcredentialsthenmakesurethattheclock
    synchronisationbetweenyourWindowsServerandyourLinuxserveriswithinfiveminutes.Ifthe
    timeisoffbymorethenthetwoserverswillunablesendticketinformationtoeachother.

    Optional:UseaNTPServer
    Onewaytosolvetheclocksynchronisationproblemistouseatimeserver(youmightevenwantto
    useyouractivedirectoryserver(s)).UsingaNTPserverisoptionalandnotstrictlyrequiredinorder
    torunaSambainanAD,butanywayhereishowitisdone.Firstinstalltherequiredntppackages:
    aptgetinstallntpdate

    Thenaddyourfavoritetimeserver(s)to'''/etc/ntp.conf''',andexecute:
    /etc/init.d/ntpdaterestart

    Sambasetup
    Toconnectuptoyourdomaincreate:/etc/samba/smb.confandadd:
    https://www.debianadministration.org/article/340/Using_Samba_on_Debian_Linux

    3/14

    08/04/2015

    UsingSambaonDebianLinux

    [global]
    security=ads
    passwordserver=win2003test
    encryptpasswords=yes
    workgroup=testdomain
    realm=TESTDOMAIN.LOCAL
    netbiosname=temporay
    idmapuid=1000020000
    idmapgid=1000020000
    winbindenumusers=yes
    winbindenumgroups=yes
    winbindusedefaultdomain=Yes

    Inworkgroupinsertthedomainname,realmshouldbesettothefullyqualifieddomainname
    (uppercase).InsertthenameoftheWindowsservertoauthenticateagainstinthepasswordserver
    field.Wearenowreadytostarttheneededservices:
    smbd
    nmbd

    Tojointhedomaininthedefaultorganisationunitdo:
    netadsjoinWtestdomainSwin2003testUadministrator

    oruseanotherunitlikethis:
    netadsjoinDenmark\/Copenhagen\/ComputersWtestdomain\

    Swin2003testUadministrator

    Nowcheckifeverythingworksbyissuingthefolowingcommands:
    Testdomaincomputeraccount:netadstestjoin.
    Testwinbindd:wbinfoutolistADusersandwbinfogforgroups.
    TestconnectiontoaremoteWindowsserverfromtheSambaserver:smbclientL
    //win2003testk.
    Runwbinfotitshouldreturn:checkingthetrustsecretviaRPCcallssucceeded,otherwise
    youhavedonesomthingwrong(usetestparmvtocheckyourSambaconfiguration).
    FinallytestconnectivityfromaWindowsbox:StartRun\\SAMBASERVER.
    AddComment

    <<<CDburningwitha2.4kernel:howtoconfigureDebianproperly?Morehardwaremonitoring:
    IPMI>>>

    Whyaretheseadvertshere?
    #
    Re:UsingSambaonDebianLinux
    PostedbyAnonymous(84.194.xx.xx)onThu26Jan2006at10:52
    Thisisgoodandshort.LikethebestHOWTOs!
    https://www.debianadministration.org/article/340/Using_Samba_on_Debian_Linux

    4/14

    S-ar putea să vă placă și