Net ads join — различия между версиями
Материал из Wiki AlterOS
Строка 27: | Строка 27: | ||
# authconfig --enablekrb5 --krb5kdc=xs-winsrv.xs.local --krb5adminserver=xs-winsrv.xs.local --krb5realm=XS.LOCAL --enablewinbind --enablewinbindauth --smbsecurity=ads --smbrealm=XS.LOCAL --smbservers=xs-winsrv.xs.local --smbworkgroup=XS --winbindtemplatehomedir=/home/%U --winbindtemplateshell=/bin/bash --enablemkhomedir --enablewinbindusedefaultdomain --update | # authconfig --enablekrb5 --krb5kdc=xs-winsrv.xs.local --krb5adminserver=xs-winsrv.xs.local --krb5realm=XS.LOCAL --enablewinbind --enablewinbindauth --smbsecurity=ads --smbrealm=XS.LOCAL --smbservers=xs-winsrv.xs.local --smbworkgroup=XS --winbindtemplatehomedir=/home/%U --winbindtemplateshell=/bin/bash --enablemkhomedir --enablewinbindusedefaultdomain --update | ||
+ | |||
+ | |||
+ | # net ads join -U admin51 | ||
+ | |||
+ | |||
+ | # mcedit /etc/samba/smb.conf | ||
+ | |||
+ | |||
+ | |||
+ | [global] | ||
+ | workgroup = XS | ||
+ | password server = xs-winsrv.xs.local | ||
+ | realm = XS.LOCAL | ||
+ | security = ads | ||
+ | idmap config * : range = 16777216-33554431 | ||
+ | template homedir = /home/%U | ||
+ | template shell = /bin/bash | ||
+ | kerberos method = secrets only | ||
+ | winbind use default domain = true | ||
+ | winbind offline logon = false | ||
+ | |||
+ | passdb backend = tdbsam | ||
+ | |||
+ | load printers = no | ||
+ | show add printer wizard = no | ||
+ | printcap name = /dev/null | ||
+ | disable spoolss = yes | ||
+ | |||
+ | domain master = no | ||
+ | local master = no | ||
+ | preferred master = no | ||
+ | os level = 1 | ||
+ | |||
+ | log level = 3 | ||
+ | log file = /var/log/samba/log.%m |
Версия 12:38, 20 февраля 2019
# mcedit /etc/sysconfig/selinux
SELINUX=disabled setenforce 0
# systemctl stop firewalld # systemctl disable firewalld
вводные данные:
xs.local название домена 10.1.3.4 ip адрес контроллера домена xs-winsrv.xs.local полное имя контроллера домена xs-design имя сервера centos, который вводим в домен admin51 учетная запись администратора домена
hostnamectl set-hostname <comp name.doamin>
- yum install chrony
mcedit /etc/chrony.conf
server xs-winsrv.xs.local iburst
# yum install samba-winbind samba-winbind-clients samba pam_krb5 krb5-workstation chrony
# authconfig --enablekrb5 --krb5kdc=xs-winsrv.xs.local --krb5adminserver=xs-winsrv.xs.local --krb5realm=XS.LOCAL --enablewinbind --enablewinbindauth --smbsecurity=ads --smbrealm=XS.LOCAL --smbservers=xs-winsrv.xs.local --smbworkgroup=XS --winbindtemplatehomedir=/home/%U --winbindtemplateshell=/bin/bash --enablemkhomedir --enablewinbindusedefaultdomain --update
# net ads join -U admin51
# mcedit /etc/samba/smb.conf
[global] workgroup = XS password server = xs-winsrv.xs.local realm = XS.LOCAL security = ads idmap config * : range = 16777216-33554431 template homedir = /home/%U template shell = /bin/bash kerberos method = secrets only winbind use default domain = true winbind offline logon = false
passdb backend = tdbsam
load printers = no show add printer wizard = no printcap name = /dev/null disable spoolss = yes
domain master = no local master = no preferred master = no os level = 1
log level = 3 log file = /var/log/samba/log.%m