Net ads join — различия между версиями
Материал из Wiki AlterOS
| Строка 27: | Строка 27: | ||
# authconfig --enablekrb5 --krb5kdc=xs-winsrv.xs.local --krb5adminserver=xs-winsrv.xs.local --krb5realm=XS.LOCAL --enablewinbind --enablewinbindauth --smbsecurity=ads --smbrealm=XS.LOCAL --smbservers=xs-winsrv.xs.local --smbworkgroup=XS --winbindtemplatehomedir=/home/%U --winbindtemplateshell=/bin/bash --enablemkhomedir --enablewinbindusedefaultdomain --update | # authconfig --enablekrb5 --krb5kdc=xs-winsrv.xs.local --krb5adminserver=xs-winsrv.xs.local --krb5realm=XS.LOCAL --enablewinbind --enablewinbindauth --smbsecurity=ads --smbrealm=XS.LOCAL --smbservers=xs-winsrv.xs.local --smbworkgroup=XS --winbindtemplatehomedir=/home/%U --winbindtemplateshell=/bin/bash --enablemkhomedir --enablewinbindusedefaultdomain --update | ||
| + | |||
| + | |||
| + | # net ads join -U admin51 | ||
| + | |||
| + | |||
| + | # mcedit /etc/samba/smb.conf | ||
| + | |||
| + | |||
| + | |||
| + | [global] | ||
| + | workgroup = XS | ||
| + | password server = xs-winsrv.xs.local | ||
| + | realm = XS.LOCAL | ||
| + | security = ads | ||
| + | idmap config * : range = 16777216-33554431 | ||
| + | template homedir = /home/%U | ||
| + | template shell = /bin/bash | ||
| + | kerberos method = secrets only | ||
| + | winbind use default domain = true | ||
| + | winbind offline logon = false | ||
| + | |||
| + | passdb backend = tdbsam | ||
| + | |||
| + | load printers = no | ||
| + | show add printer wizard = no | ||
| + | printcap name = /dev/null | ||
| + | disable spoolss = yes | ||
| + | |||
| + | domain master = no | ||
| + | local master = no | ||
| + | preferred master = no | ||
| + | os level = 1 | ||
| + | |||
| + | log level = 3 | ||
| + | log file = /var/log/samba/log.%m | ||
Версия 12:38, 20 февраля 2019
# mcedit /etc/sysconfig/selinux
SELINUX=disabled setenforce 0
# systemctl stop firewalld # systemctl disable firewalld
вводные данные:
xs.local название домена 10.1.3.4 ip адрес контроллера домена xs-winsrv.xs.local полное имя контроллера домена xs-design имя сервера centos, который вводим в домен admin51 учетная запись администратора домена
hostnamectl set-hostname <comp name.doamin>
- yum install chrony
mcedit /etc/chrony.conf
server xs-winsrv.xs.local iburst
# yum install samba-winbind samba-winbind-clients samba pam_krb5 krb5-workstation chrony
# authconfig --enablekrb5 --krb5kdc=xs-winsrv.xs.local --krb5adminserver=xs-winsrv.xs.local --krb5realm=XS.LOCAL --enablewinbind --enablewinbindauth --smbsecurity=ads --smbrealm=XS.LOCAL --smbservers=xs-winsrv.xs.local --smbworkgroup=XS --winbindtemplatehomedir=/home/%U --winbindtemplateshell=/bin/bash --enablemkhomedir --enablewinbindusedefaultdomain --update
# net ads join -U admin51
# mcedit /etc/samba/smb.conf
[global] workgroup = XS password server = xs-winsrv.xs.local realm = XS.LOCAL security = ads idmap config * : range = 16777216-33554431 template homedir = /home/%U template shell = /bin/bash kerberos method = secrets only winbind use default domain = true winbind offline logon = false
passdb backend = tdbsam
load printers = no show add printer wizard = no printcap name = /dev/null disable spoolss = yes
domain master = no local master = no preferred master = no os level = 1
log level = 3 log file = /var/log/samba/log.%m
