[linux] Winbind

[Jozo M.]

Ano musis sa pohrat aj s PAM.D. Tam musi byt modul pam_winbindd a
nss_winbindd. V zdrojakoch samby
je jeden pdf subor ktory to presne popisuje nemam to teraz poruke ale ide
to.

nss_winbindd.so - sluzi iba na pridanie uzivatelov z W2k
pam_winbindd.so - sluzi na overenie hesla.

cau.

J.

----- Original Message -----
From: "Kocur" <kocur na zsvak.sk>
To: <linux na lists.linux.sk>
Sent: Tuesday, January 28, 2003 2:25 PM
Subject: Re: [linux] Winbind


> no ...
> mam ponastavovane vsetky parametre co su aj tu..
> ale nebadam nic...
>
> treba sa hrat aj z pam.d  ...???
> alebo ani moc nie...
>
> podla toho co som sa docital v maualy
> by mi to malo zistit WNT/W2K-AD Userov  a Grupy
> a zapisat ich do passwd a group,
> teda by im malo vytvorit accounty na linuxe...
>
> a vraj by to malo aj spravit HOME_DIR
> z parametrom ' templatate homedir = /home/%D/%U '
>
> predpokladam ze v sambe treba mat zapnutu
> synchronizaciu SMBUserov zo SYSUsermy.... ( alebo nie...??:))
> subor smbpasswd mi existuje,ale stale su vnom
> len userovia,ktorych som tam pridal ja...
>
> stale mi pripada se to nic nerobi...
> aj ked do domeny som nalogoval v pohode...
>
>
> ----- Original Message -----
> From: "Dezider Gora" <gora na wittmann.sk>
> To: <linux na lists.linux.sk>
> Sent: Tuesday, January 28, 2003 1:24 PM
> Subject: Re: [linux] Winbind
>
>
> > Yeappp,
> > nie je nic katastrofalne.
> > Funkcny priklad:
> > [global]
> >     # Global workgroup options
> >     workgroup = (nazov domeny)
> >     netbios name = (nazov samby servra)
> >     server string = Tlacovy server (Samba %v)
> >
> >     # Network and browsing options
> >     # Leave the 127.0.0.1 entry there for diagnostics
> >     interfaces = eth0 127.0.0.1/24 (dalsie adresy klientov, ktory mozu
> > vyuzivat sluzby)
> >     # Even if a remote attacker decodes a password, he is still locked
> > out
> >     bind interfaces only = yes
> >     preferred master = No
> >     local master = No
> >     domain master = No
> >     browse list = Yes
> >     enhanced browsing = Yes
> >     dns proxy = No
> >     wins proxy = Yes
> >     wins server = (IP adresa domain controllera, ev. samba pdc)
> >     wins support = No
> >
> >     #Security options
> >     encrypt passwords = Yes
> >     security = domain
> >     password server = (NETBIOS meno dc, podla man by tam mala byt *, ale
> > to mi neslo)
> >     hide dot files = yes
> >
> >     # Winbind options - magic starts here
> >     winbind uid = 10000-20000
> >     winbind gid = 10000-20000
> >     winbind use default domain = Yes
> >     winbind enum users = Yes
> >     winbind enum groups = Yes
> >     winbind cache time = 120
> >
> > Kontrola funkcnosti:
> > spustit sambu. spustit winbindd.
> > Na win2k dc vytvorit computer account pre sambu.
> > smbpasswd -j -I (domena ) -U administrator%adminpass -r
> > (domaincontroller)
> > Vypise "Successfuly joined domain"
> > Skontrolovat, ci je vytvoreny smbpasswd, ak nie touch...
> > wbinfo -t
> > skontroluje, ci je 'secret' ok. ( Ak ano, vypise Secret is good )
> > wbinfo -u
> > da vypis vsetkych userov v domene.
> > Odporucam log level nastavit na 2 a sledovat winbind log, aby si videl
> > co robi...
> > hth,
> >     Gore.
> >
> > ti da zoznam prikazov.
> > Kocur wrote:
> >
> > > nazdar lidi... ma niekto z vas "funkce" nakonfigurovany winbindd,teda
> > > taq ze mu mapuje userov a groupy a zarovenmu ich aj zapisuje do
> > > /etc/passwd, group a pod..?? - = (teda to co to ma podla manualu
> > > robit) = - ja som to skusal nakonfigurovat podla manulau aj sato tvari
> > > ze to funguje, ale nevidim ze by to nieco robilo.. vie mi niekto
> > > helfnut..?? dik...
> >
> > _______________________________________________
> > http://lists.linux.sk/listinfo/linux
> > Prehladavanie archivu: http://search.lists.linux.sk
> > Meta FAQ: http://faq.lists.linux.sk
> _______________________________________________
> http://lists.linux.sk/listinfo/linux
> Prehladavanie archivu: http://search.lists.linux.sk
> Meta FAQ: http://faq.lists.linux.sk