|
|
下面这样折腾可以自动共享当前用户的home,
vi /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = HWA.NET
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
forwardable = yes
[realms]
HWA.NET = {
kdc = cdad.hwa.net:88
kdc = ad.hwa.net:88
admin_server = ad.hwa.net:389
default_domain = hwa.net
}
[domain_realm]
.hwa.net = HWA.NET
hwa.net = HWA.NET
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
vi /etc/samba/smb.conf
[global]
workgroup = HWA
server string = %h
dns proxy = no
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action = /usr/share/samba/panic-action %d
encrypt passwords = true
security = ads
realm = HWA.NET
password server = AD.HWA.NET
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
# sending the correct chat script for the passwd program in Debian Sarge).
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
# to anonymous connections
map to guest = bad user
usershare allow guests = yes
#idmap uid = 16777216-33554431
#idmap gid = 16777216-33554431
template shell = /sbin/nologin
template homedir = /home/%U
winbind use default domain = true
winbind offline logon = true
winbind enum groups = yes
winbind enum users = yes
winbind separator = /
[homes]
comment = Home Directories
path = /local_home/%U
valid users = hwa.net/%U
read only = no
writable = yes
browseable = No
把/etc/resolve.conf 添加AD的DNS
设置/etc/hosts
启动 smb、 winbind
然后加域
net ads join -U test@HWA.NET -S AD.HWA.NET
|
|
|
|
|
|
|
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2014-4-24 09:20:36
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡