Quản trị hệ thống

How to intergrate SAMBAwind and Active Directory on Centos 6.9

1. Join in Windows Active Directory Domain with Samba Winbind.
Domain Server : Windows Server 2012 R2
Domain Name : FD3S01
Realm : SRV.WORLD
Hostname : fd3s.srv.world
yum -y install samba samba-winbind samba-winbind-clients pam_krb5 krb5-libs
vi /etc/sysconfig/network-scripts/ifcfg-eth0
2. Change to the DNS to AD’s one
DNS1= 10.0.0.100
[root@smb ~]# /etc/rc.d/init.d/network restart
[root@smb ~]# authconfig \
--enablekrb5 \
--krb5kdc=uv-svr04.usol-v.vn \
--krb5adminserver=uv-svr04.usol-v.vn \
--krb5realm=usol-v.vn \
--enablewinbind \
--enablewinbindauth \
--smbsecurity=ads \
--smbrealm=usol-v.vn \
--smbservers=uv-svr04.usol-v.vn \
--smbworkgroup=usol-v \
--winbindtemplatehomedir=/home/%U \
--winbindtemplateshell=/bin/bash \
--enablemkhomedir \
--enablewinbindusedefaultdomain \
--update
Starting Winbind services: [ OK ]

3. Join in Windows Active Directory Domain

net ads join -U Administrator 
/etc/rc.d/init.d/winbind start
chkconfig winbind on 
wbinfo -u

4. Cấu hình samba file

#======================= Global Settings =====================================

[global]
#--authconfig--start-line--

# Generated by authconfig on 2018/08/21 08:47:03
# DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)
# Any modification may be deleted or altered by authconfig in future

workgroup = usol-v
password server = uv-svr04.usol-v.vn
realm = USOL-V.VN
security = ads
idmap config * : range = 16777216-33554431
template homedir = /home/%U
template shell = /bin/bash
winbind use default domain = true
winbind offline logon = false


#============================ Share Definitions ==============================

[HR]
comment = HR Dept
path = /home/USOL-HR
writable = yes
read only = no
force create mode = 0660
create mask = 0770
directory mask = 0770
force directory mode = 0770
access based share enum = yes
hide unreadable = yes
valid users = @usol-v.hr
[ADMIN]
comment = Admin Dept
path = /home/USOL-ADMIN
writable = yes
read only = no
force create mode = 0660
create mask = 0770
directory mask = 0770
force directory mode = 0770
access based share enum = yes
hide unreadable = yes
valid users = @usol-v.admin

5. Cấu hình nsswitch file

vi /etc/nsswitch.conf

passwd: files winbind
shadow: files winbind
group: files winbind
0 0 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments