CINXE.COM

JohnJacob - Debian Wiki

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=Edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="shortcut icon" href="/htdocs/favicon.ico"> <script type="text/javascript" src="/htdocs/bugstatus.js"></script> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"> <meta name="robots" content="index,nofollow"> <title>JohnJacob - Debian Wiki</title> <script type="text/javascript" src="/htdocs/common/js/common.js"></script> <script type="text/javascript"> <!-- var search_hint = "Search"; //--> </script> <link rel="stylesheet" type="text/css" charset="utf-8" media="all" href="/htdocs/debwiki/css/common.css"> <link rel="stylesheet" type="text/css" charset="utf-8" media="screen" href="/htdocs/debwiki/css/screen.css"> <link rel="stylesheet" type="text/css" charset="utf-8" media="print" href="/htdocs/debwiki/css/print.css"> <link rel="stylesheet" type="text/css" charset="utf-8" media="projection" href="/htdocs/debwiki/css/projection.css"> <link rel="stylesheet" type="text/css" charset="utf-8" media="all" href="/htdocs/debian-wiki-1.0.css"> <!-- css only for MS IE6/IE7 browsers --> <!--[if lt IE 8]> <link rel="stylesheet" type="text/css" charset="utf-8" media="all" href="/htdocs/debwiki/css/msie.css"> <![endif]--> <link rel="alternate" title="Debian Wiki: JohnJacob" href="/JohnJacob?diffs=1&amp;show_att=1&amp;action=rss_rc&amp;unique=0&amp;page=JohnJacob&amp;ddiffs=1" type="application/rss+xml"> <link rel="Start" href="/FrontPage"> <link rel="Alternate" title="Wiki Markup" href="/JohnJacob?action=raw"> <link rel="Alternate" media="print" title="Print View" href="/JohnJacob?action=print"> <link rel="Search" href="/FindPage"> <link rel="Index" href="/TitleIndex"> <link rel="Glossary" href="/WordIndex"> <link rel="Help" href="/HelpOnFormatting"> </head> <body lang="en" dir="ltr"> <div id="logo"><a href="https://www.debian.org" title="Debian Homepage"><img src="https://www.debian.org/Pics/openlogo-50.png" alt="Debian" width="50" height="61"></a></div> <div id="header"> <div id="wikisection"> <p class="section"><a href="/FrontPage" title="Debian Wiki Homepage">Wiki</a></p> <div id="username"><a href="/JohnJacob?action=login" id="login" rel="nofollow">Login</a></div> </div> <div id="navbar"> <ul id="navibar"> <li class="wikilink"><a href="/FrontPage">FrontPage</a></li><li class="wikilink"><a href="/RecentChanges">RecentChanges</a></li><li class="wikilink"><a href="/FindPage">FindPage</a></li><li class="wikilink"><a href="/HelpContents">HelpContents</a></li><li class="current"><a href="/JohnJacob">JohnJacob</a></li> </ul> </div> <form id="searchform" method="get" action="/JohnJacob"> <div> <input type="hidden" name="action" value="fullsearch"> <input type="hidden" name="context" value="180"> <label for="searchinput">Search:</label> <input id="searchinput" type="text" name="value" value="" size="20" onfocus="searchFocus(this)" onblur="searchBlur(this)" onkeyup="searchChange(this)" onchange="searchChange(this)" alt="Search"> <input id="titlesearch" name="titlesearch" type="submit" value="Titles" alt="Search Titles"> <input id="fullsearch" name="fullsearch" type="submit" value="Text" alt="Search Full Text"> </div> </form> <script type="text/javascript"> <!--// Initialize search form var f = document.getElementById('searchform'); f.getElementsByTagName('label')[0].style.display = 'none'; var e = document.getElementById('searchinput'); searchChange(e); searchBlur(e); //--> </script> <div id="logo"><a href="https://www.debian.org" title="Debian Homepage"><img src="https://www.debian.org/Pics/openlogo-50.png" alt="Debian" width="50" height="61"></a></div> <div id="breadcrumbs"><a href="/FrontPage" title="Debian Wiki Homepage">Wiki</a><span class="sep">/</span> </div> <ul class="editbar"><li><a href="/JohnJacob?action=login" id="login-1" rel="nofollow">Login</a></li><li class="toggleCommentsButton" style="display:none;"><a href="#" class="nbcomment" onClick="toggleComments();return false;">Comments</a></li><li><a class="nbinfo" href="/JohnJacob?action=info" rel="nofollow">Info</a></li><li><a class="nbattachments" href="/JohnJacob?action=AttachFile" rel="nofollow">Attachments</a></li><li> <form class="actionsmenu" method="GET" action="/JohnJacob"> <div> <label>More Actions:</label> <select name="action" onchange="if ((this.selectedIndex != 0) && (this.options[this.selectedIndex].disabled == false)) { this.form.submit(); } this.selectedIndex = 0;"> <option value="raw">Raw Text</option> <option value="print">Print View</option> <option value="RenderAsDocbook">Render as Docbook</option> <option value="refresh">Delete Cache</option> <option value="show" disabled class="disabled">------------------------</option> <option value="SpellCheck">Check Spelling</option> <option value="LikePages">Like Pages</option> <option value="LocalSiteMap">Local Site Map</option> <option value="show" disabled class="disabled">------------------------</option> <option value="RenamePage" disabled class="disabled">Rename Page</option> <option value="DeletePage" disabled class="disabled">Delete Page</option> <option value="show" disabled class="disabled">------------------------</option> <option value="show" disabled class="disabled">Subscribe User</option> <option value="show" disabled class="disabled">------------------------</option> <option value="show" disabled class="disabled">Remove Spam</option> <option value="show" disabled class="disabled">Revert to this revision</option> <option value="PackagePages">Package Pages</option> <option value="show" disabled class="disabled">------------------------</option> <option value="Load">Load</option> <option value="Save">Save</option> <option value="SlideShow">SlideShow</option> </select> <input type="submit" value="Do"> </div> <script type="text/javascript"> <!--// Init menu actionsMenuInit('More Actions:'); //--> </script> </form> </li></ul> <h1 id="locationline"> <ul id="pagelocation"> <li><a href="/JohnJacob">JohnJacob</a></li> </ul> </h1> </div> <div id="page" lang="en" dir="ltr"> <div dir="ltr" id="content" lang="en"><span class="anchor" id="top"></span> <span class="anchor" id="line-1"></span><p class="line867"><em><strong>Linux Samba Configuration</strong></em>: <span class="anchor" id="line-2"></span><span class="anchor" id="line-3"></span><span class="anchor" id="line-4"></span><p class="line867"><strong>Debian Samba server connecting to Active directory</strong> <span class="anchor" id="line-5"></span><span class="anchor" id="line-6"></span><p class="line874">1. Installing software <span class="anchor" id="line-7"></span><span class="anchor" id="line-8"></span><p class="line874">The first thing that you need to do is to install the required packages. <span class="anchor" id="line-9"></span><span class="anchor" id="line-10"></span><p class="line867"><span class="anchor" id="line-11"></span><span class="anchor" id="line-12"></span><span class="anchor" id="line-13"></span><span class="anchor" id="line-14"></span><pre><span class="anchor" id="line-1"></span> #aptitude update <span class="anchor" id="line-2"></span> #aptitude upgrade <span class="anchor" id="line-3"></span> #aptitude install samba smbclient winbind krb5-doc krb5-user krb5-config</pre><span class="anchor" id="line-15"></span><span class="anchor" id="line-16"></span><p class="line867"><strong>Windows server information</strong> <span class="anchor" id="line-17"></span><span class="anchor" id="line-18"></span><p class="line874">In this configuration I used the following windows info. <span class="anchor" id="line-19"></span><span class="anchor" id="line-20"></span><p class="line874">Domain name: is414 <span class="anchor" id="line-21"></span><span class="anchor" id="line-22"></span><p class="line874">Fully qualified domain name: is414.com <span class="anchor" id="line-23"></span><span class="anchor" id="line-24"></span><p class="line874">Window domain controller: rkb-server <span class="anchor" id="line-25"></span><span class="anchor" id="line-26"></span><p class="line867"><strong>Kerberos setup</strong> <span class="anchor" id="line-27"></span><span class="anchor" id="line-28"></span><p class="line874">Open /etc/krb5.conf <span class="anchor" id="line-29"></span><span class="anchor" id="line-30"></span><p class="line874">add the following lines to the krb.conf file. <span class="anchor" id="line-31"></span><span class="anchor" id="line-32"></span><ul><li style="list-style-type:none">[libdeffaults] <span class="anchor" id="line-33"></span><ul><li style="list-style-type:none">default_realm = IS414 <span class="anchor" id="line-34"></span><span class="anchor" id="line-35"></span></li></ul>[realms] <span class="anchor" id="line-36"></span><ul><li style="list-style-type:none">IS414.COM = { <span class="anchor" id="line-37"></span><ul><li style="list-style-type:none">kdc – rkb-server.is414.com <span class="anchor" id="line-38"></span>admin_server – rkb-server.is414.com <span class="anchor" id="line-39"></span></li></ul>} <span class="anchor" id="line-40"></span><span class="anchor" id="line-41"></span></li></ul>[domain_realm] <span class="anchor" id="line-42"></span><ul><li style="list-style-type:none">kerberos.server = IS414.COM <span class="anchor" id="line-43"></span><span class="anchor" id="line-44"></span></li></ul></li></ul><p class="line874">After that has been completed do the following: <span class="anchor" id="line-45"></span><span class="anchor" id="line-46"></span><p class="line867"><span class="anchor" id="line-47"></span><span class="anchor" id="line-48"></span><pre><span class="anchor" id="line-1-1"></span> #kinit administrator@IS414.COM</pre><span class="anchor" id="line-49"></span><span class="anchor" id="line-50"></span><p class="line874">Verify that it worked by using the following command: <span class="anchor" id="line-51"></span><span class="anchor" id="line-52"></span><p class="line867"><span class="anchor" id="line-53"></span><span class="anchor" id="line-54"></span><pre><span class="anchor" id="line-1-2"></span> #klist</pre><span class="anchor" id="line-55"></span><span class="anchor" id="line-56"></span><p class="line867"><strong>Samba Setup</strong> <span class="anchor" id="line-57"></span><span class="anchor" id="line-58"></span><p class="line874">Open the samba configuration file /etc/samba/smb.conf and add the following: <span class="anchor" id="line-59"></span><span class="anchor" id="line-60"></span><ul><li style="list-style-type:none">[global] <span class="anchor" id="line-61"></span><ul><li style="list-style-type:none">security = ADS <span class="anchor" id="line-62"></span>password server = rkb-server <span class="anchor" id="line-63"></span>encrypt passwords = yes <span class="anchor" id="line-64"></span>workgroup = IS414 <span class="anchor" id="line-65"></span>realm = IS414.COM <span class="anchor" id="line-66"></span>idmap uid = 10000-20000 <span class="anchor" id="line-67"></span>idmap gid = 10000-20000 <span class="anchor" id="line-68"></span>winbind enum users = yes <span class="anchor" id="line-69"></span>winbind enum groups = yes <span class="anchor" id="line-70"></span>winbind use default domain = yes <span class="anchor" id="line-71"></span>winbind separator = + <span class="anchor" id="line-72"></span><span class="anchor" id="line-73"></span></li></ul></li></ul><p class="line862">Creating a share in /etc/samba/smb.conf. Replace <a class="nonexistent" href="/WindowsShare">?</a>WindowsShare with any name you want. <span class="anchor" id="line-74"></span>first create the folder: <span class="anchor" id="line-75"></span><span class="anchor" id="line-76"></span><p class="line867"><span class="anchor" id="line-77"></span><span class="anchor" id="line-78"></span><span class="anchor" id="line-79"></span><pre><span class="anchor" id="line-1-3"></span> #mkdir /home/WindowsShare <span class="anchor" id="line-2-1"></span> #chmod 777 /home/WindowsShare</pre><span class="anchor" id="line-80"></span><span class="anchor" id="line-81"></span><p class="line874">Add the following in the /etc/samba/smb.conf <span class="anchor" id="line-82"></span><span class="anchor" id="line-83"></span><ul><li style="list-style-type:none"><p class="line862">[<a class="nonexistent" href="/WindowsShare">?</a>WindowsShare] <span class="anchor" id="line-84"></span><ul><li style="list-style-type:none">comment = Windows Share <span class="anchor" id="line-85"></span>path = /home/WindowsShare <span class="anchor" id="line-86"></span>read only = no <span class="anchor" id="line-87"></span>create mask = 0775 <span class="anchor" id="line-88"></span>directory mask = 0775 <span class="anchor" id="line-89"></span>browsable = yes <span class="anchor" id="line-90"></span>public = yes <span class="anchor" id="line-91"></span>writeable = yes <span class="anchor" id="line-92"></span>force create mode = 0775 <span class="anchor" id="line-93"></span>force directory mode = 0775 <span class="anchor" id="line-94"></span>force security mode = 0775 <span class="anchor" id="line-95"></span>guest ok = no <span class="anchor" id="line-96"></span>inherit permissions = yes <span class="anchor" id="line-97"></span>nt acl support = yes <span class="anchor" id="line-98"></span><span class="anchor" id="line-99"></span></li></ul></li></ul><p class="line874">Test your configuration with the following command: <span class="anchor" id="line-100"></span><span class="anchor" id="line-101"></span><p class="line867"><span class="anchor" id="line-102"></span><span class="anchor" id="line-103"></span><pre><span class="anchor" id="line-1-4"></span> #testparm -v</pre><span class="anchor" id="line-104"></span><span class="anchor" id="line-105"></span><p class="line874">Now you must restart the samba deamon. <span class="anchor" id="line-106"></span><span class="anchor" id="line-107"></span><p class="line867"><span class="anchor" id="line-108"></span><span class="anchor" id="line-109"></span><pre><span class="anchor" id="line-1-5"></span> # /etc/init.d/samba stop</pre><span class="anchor" id="line-110"></span><span class="anchor" id="line-111"></span><p class="line867"><strong>Winbind configuration</strong> <span class="anchor" id="line-112"></span><span class="anchor" id="line-113"></span><p class="line874">Stop the winbind deamon. <span class="anchor" id="line-114"></span><span class="anchor" id="line-115"></span><p class="line867"><span class="anchor" id="line-116"></span><span class="anchor" id="line-117"></span><pre><span class="anchor" id="line-1-6"></span> #/etc/init.d/winbind stop</pre><span class="anchor" id="line-118"></span><span class="anchor" id="line-119"></span><p class="line874">edit the couple of lines of the /etc/nsswitch.conf file. <span class="anchor" id="line-120"></span><span class="anchor" id="line-121"></span><ul><li style="list-style-type:none">passwd: compat winbind <span class="anchor" id="line-122"></span>group: compat winbind <span class="anchor" id="line-123"></span><span class="anchor" id="line-124"></span></li></ul><p class="line867"><strong>Joining the Domain</strong> <span class="anchor" id="line-125"></span><span class="anchor" id="line-126"></span><p class="line874">start the samba and winbind deamons <span class="anchor" id="line-127"></span><span class="anchor" id="line-128"></span><p class="line867"><span class="anchor" id="line-129"></span><span class="anchor" id="line-130"></span><span class="anchor" id="line-131"></span><pre><span class="anchor" id="line-1-7"></span> #/etc/init.d/samba start <span class="anchor" id="line-2-2"></span> #/etc/init.d/winbind start</pre><span class="anchor" id="line-132"></span><span class="anchor" id="line-133"></span><p class="line874">Join the domain with the following command <span class="anchor" id="line-134"></span><span class="anchor" id="line-135"></span><p class="line867"><span class="anchor" id="line-136"></span><span class="anchor" id="line-137"></span><pre><span class="anchor" id="line-1-8"></span> #net ads join -U administrator</pre><span class="anchor" id="line-138"></span><span class="anchor" id="line-139"></span><p class="line874">Test winbind with the following commands <span class="anchor" id="line-140"></span><span class="anchor" id="line-141"></span><p class="line867"><span class="anchor" id="line-142"></span><span class="anchor" id="line-143"></span><pre><span class="anchor" id="line-1-9"></span> #wbinfo -u</pre><span class="anchor" id="line-144"></span><span class="anchor" id="line-145"></span><p class="line874">The wbinfo – u should list the AD users <span class="anchor" id="line-146"></span><span class="anchor" id="line-147"></span><p class="line867"><span class="anchor" id="line-148"></span><span class="anchor" id="line-149"></span><pre><span class="anchor" id="line-1-10"></span> #wbinfo – g </pre><span class="anchor" id="line-150"></span><span class="anchor" id="line-151"></span><p class="line874">The wbinfo – g should list the AD groups <span class="anchor" id="line-152"></span><span class="anchor" id="line-153"></span><p class="line874">All that is left is to test the connection from the server to verify that the share is working. <span class="anchor" id="line-154"></span><span class="anchor" id="bottom"></span></div><div id="pagebottom"></div> </div> <div id="footer"> <p id="pageinfo" class="info" lang="en" dir="ltr">JohnJacob (<a class="nbinfo" href="/JohnJacob?action=info" rel="nofollow">last modified 2009-03-16 03:29:58</a>)</p> <ul id="credits"> <li>Debian <a href="https://www.debian.org/legal/privacy">privacy policy</a>, Wiki <a href="/Teams/DebianWiki">team</a>, <a href="https://bugs.debian.org/wiki.debian.org">bugs</a> and <a href="https://salsa.debian.org/debian/wiki.debian.org">config</a>.</li><li>Powered by <a href="https://moinmo.in/" title="This site uses the MoinMoin Wiki software.">MoinMoin</a> and <a href="https://moinmo.in/Python" title="MoinMoin is written in Python.">Python</a>, with hosting provided by <a href="https://www.man-da.de/">Metropolitan Area Network Darmstadt</a>.</li> </ul> </div> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10