SAMBA FILE SERVER AND WINDOWS ACTIVE DIRECTORY
ADS and DNS server IP : 192.168.3.14
Samba server IP: 192.168.3.13
yum install samba-*
yum install krb5-*
*************************************************
# /etc/resolv.conf
search aiamibd.com
nameserver 192.168.3.14
*************************************************
# /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = AIAMIBD.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
[realms]
AIAMIBD.COM = {
kdc = aia.aiamibd.com
}
[domain_realm]
.aiamibd.com = AIAMIBD.COM
aiamibd.com = AIAMIBD.COM
************************************************
# /etc/nsswitch.conf
#
passwd: files winbind compat
shadow: files winbind compat
group: files winbind compat
#hosts: db files nisplus nis dns
hosts: files dns winbind
*************************************************
# Add samba server to domain user
net ads join -U administrator
/etc/init.d/winbind restart
/etc/init.d/smb restart
/etc/init.d/nmb restart
# check it
kinit administrator
klist
wbinfo -u
wbinfo -g
*************************************************
Global Settings
[global]
workgroup = AIAMIBD
password server = aia.aiamibd.com
realm = AIAMIBD.COM
security = ads
idmap config * : range = 16777216-33554431
template shell = /bin/bash
winbind use default domain = yes
winbind offline logon = true
# ----------------------- Network Related Options -------------------------
server string = Samba Server Version %v
hosts allow = 127. 192.168.
# --------------------------- Logging Options -----------------------------
# Max Log Size let you specify the max size log files should reach
# logs split per machine
log file = /var/log/samba/log.%m
# max 50KB per log file, then rotate
max log size = 50
# ----------------------- Standalone Server Options ------------------------
passdb backend = tdbsam
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = yes
writable = yes
valid users = %S
valid users = AIAMIBD\%S
[omes]
comment = omes Directories
path = /omes
browseable = yes
writable = yes
valid users = @"AIAMIBD\Domain Users"
(Note: Permission to access omes folder for All Domain users)
[INFRA]
comment = Use for all domain Users
path = /IT
browseable = yes
writable = yes
valid users = @"AIAMIBD\samba-infra"
(Note: Permission to access INFRA folder for samba-infra group users of AD)
[Spacial]
comment = Use for all domain Users
path = /software
browseable = yes
writable = yes
valid users = AIAMIBD\tumi ami test1
(Note: Permission to access Spacial folder for some domain users of AD)
ADS and DNS server IP : 192.168.3.14
Samba server IP: 192.168.3.13
yum install samba-*
yum install krb5-*
*************************************************
# /etc/resolv.conf
search aiamibd.com
nameserver 192.168.3.14
*************************************************
# /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = AIAMIBD.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
[realms]
AIAMIBD.COM = {
kdc = aia.aiamibd.com
}
[domain_realm]
.aiamibd.com = AIAMIBD.COM
aiamibd.com = AIAMIBD.COM
************************************************
# /etc/nsswitch.conf
#
passwd: files winbind compat
shadow: files winbind compat
group: files winbind compat
#hosts: db files nisplus nis dns
hosts: files dns winbind
*************************************************
# Add samba server to domain user
net ads join -U administrator
/etc/init.d/winbind restart
/etc/init.d/smb restart
/etc/init.d/nmb restart
# check it
kinit administrator
klist
wbinfo -u
wbinfo -g
*************************************************
Global Settings
[global]
workgroup = AIAMIBD
password server = aia.aiamibd.com
realm = AIAMIBD.COM
security = ads
idmap config * : range = 16777216-33554431
template shell = /bin/bash
winbind use default domain = yes
winbind offline logon = true
# ----------------------- Network Related Options -------------------------
server string = Samba Server Version %v
hosts allow = 127. 192.168.
# --------------------------- Logging Options -----------------------------
# Max Log Size let you specify the max size log files should reach
# logs split per machine
log file = /var/log/samba/log.%m
# max 50KB per log file, then rotate
max log size = 50
# ----------------------- Standalone Server Options ------------------------
passdb backend = tdbsam
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = yes
writable = yes
valid users = %S
valid users = AIAMIBD\%S
[omes]
comment = omes Directories
path = /omes
browseable = yes
writable = yes
valid users = @"AIAMIBD\Domain Users"
(Note: Permission to access omes folder for All Domain users)
[INFRA]
comment = Use for all domain Users
path = /IT
browseable = yes
writable = yes
valid users = @"AIAMIBD\samba-infra"
(Note: Permission to access INFRA folder for samba-infra group users of AD)
[Spacial]
comment = Use for all domain Users
path = /software
browseable = yes
writable = yes
valid users = AIAMIBD\tumi ami test1
(Note: Permission to access Spacial folder for some domain users of AD)
No comments:
Post a Comment