[linux] Winbind
Jozo M.
jomasw na host.sk
Úterý Leden 28 14:44:59 CET 2003
Ano musis sa pohrat aj s PAM.D. Tam musi byt modul pam_winbindd a
nss_winbindd. V zdrojakoch samby
je jeden pdf subor ktory to presne popisuje nemam to teraz poruke ale ide
to.
nss_winbindd.so - sluzi iba na pridanie uzivatelov z W2k
pam_winbindd.so - sluzi na overenie hesla.
cau.
J.
----- Original Message -----
From: "Kocur" <kocur na zsvak.sk>
To: <linux na lists.linux.sk>
Sent: Tuesday, January 28, 2003 2:25 PM
Subject: Re: [linux] Winbind
> no ...
> mam ponastavovane vsetky parametre co su aj tu..
> ale nebadam nic...
>
> treba sa hrat aj z pam.d ...???
> alebo ani moc nie...
>
> podla toho co som sa docital v maualy
> by mi to malo zistit WNT/W2K-AD Userov a Grupy
> a zapisat ich do passwd a group,
> teda by im malo vytvorit accounty na linuxe...
>
> a vraj by to malo aj spravit HOME_DIR
> z parametrom ' templatate homedir = /home/%D/%U '
>
> predpokladam ze v sambe treba mat zapnutu
> synchronizaciu SMBUserov zo SYSUsermy.... ( alebo nie...??:))
> subor smbpasswd mi existuje,ale stale su vnom
> len userovia,ktorych som tam pridal ja...
>
> stale mi pripada se to nic nerobi...
> aj ked do domeny som nalogoval v pohode...
>
>
> ----- Original Message -----
> From: "Dezider Gora" <gora na wittmann.sk>
> To: <linux na lists.linux.sk>
> Sent: Tuesday, January 28, 2003 1:24 PM
> Subject: Re: [linux] Winbind
>
>
> > Yeappp,
> > nie je nic katastrofalne.
> > Funkcny priklad:
> > [global]
> > # Global workgroup options
> > workgroup = (nazov domeny)
> > netbios name = (nazov samby servra)
> > server string = Tlacovy server (Samba %v)
> >
> > # Network and browsing options
> > # Leave the 127.0.0.1 entry there for diagnostics
> > interfaces = eth0 127.0.0.1/24 (dalsie adresy klientov, ktory mozu
> > vyuzivat sluzby)
> > # Even if a remote attacker decodes a password, he is still locked
> > out
> > bind interfaces only = yes
> > preferred master = No
> > local master = No
> > domain master = No
> > browse list = Yes
> > enhanced browsing = Yes
> > dns proxy = No
> > wins proxy = Yes
> > wins server = (IP adresa domain controllera, ev. samba pdc)
> > wins support = No
> >
> > #Security options
> > encrypt passwords = Yes
> > security = domain
> > password server = (NETBIOS meno dc, podla man by tam mala byt *, ale
> > to mi neslo)
> > hide dot files = yes
> >
> > # Winbind options - magic starts here
> > winbind uid = 10000-20000
> > winbind gid = 10000-20000
> > winbind use default domain = Yes
> > winbind enum users = Yes
> > winbind enum groups = Yes
> > winbind cache time = 120
> >
> > Kontrola funkcnosti:
> > spustit sambu. spustit winbindd.
> > Na win2k dc vytvorit computer account pre sambu.
> > smbpasswd -j -I (domena ) -U administrator%adminpass -r
> > (domaincontroller)
> > Vypise "Successfuly joined domain"
> > Skontrolovat, ci je vytvoreny smbpasswd, ak nie touch...
> > wbinfo -t
> > skontroluje, ci je 'secret' ok. ( Ak ano, vypise Secret is good )
> > wbinfo -u
> > da vypis vsetkych userov v domene.
> > Odporucam log level nastavit na 2 a sledovat winbind log, aby si videl
> > co robi...
> > hth,
> > Gore.
> >
> > ti da zoznam prikazov.
> > Kocur wrote:
> >
> > > nazdar lidi... ma niekto z vas "funkce" nakonfigurovany winbindd,teda
> > > taq ze mu mapuje userov a groupy a zarovenmu ich aj zapisuje do
> > > /etc/passwd, group a pod..?? - = (teda to co to ma podla manualu
> > > robit) = - ja som to skusal nakonfigurovat podla manulau aj sato tvari
> > > ze to funguje, ale nevidim ze by to nieco robilo.. vie mi niekto
> > > helfnut..?? dik...
> >
> > _______________________________________________
> > http://lists.linux.sk/listinfo/linux
> > Prehladavanie archivu: http://search.lists.linux.sk
> > Meta FAQ: http://faq.lists.linux.sk
> _______________________________________________
> http://lists.linux.sk/listinfo/linux
> Prehladavanie archivu: http://search.lists.linux.sk
> Meta FAQ: http://faq.lists.linux.sk
Další informace o konferenci linux