Tema: Re: SAMBA authenticaten Windowa Activy Directory
Autorius: Edvinas Juozaitis
Data: 2009-11-27 20:13:30
labai puikiai leidzia, tik, kad nepagooglinai turbut ir nebandei vietoje \
rasyti \\
"paprastas" <paprastas@delfi.lt> wrote in message
news:heope4$aov$1@trimpas.omnitel.net...
> na mato tuos userius, ok, o kai bandau is windows jungtis, tipo meta
> klaida, kad neturiu teisiu( nors juk valid user = XXX\V.Pavarde kaip ir
> yra) ir kodel neleidzia " winbind separator = \ "??
>
>
> "Edvinas Juozaitis" <edvinas@nfq.lt> wrote in message
> news:hempga$bsu$1@trimpas.omnitel.net...
>> kam to reikia?
>> ////
>> net join -U V.Pavarde@XXX.LOCAL
>> ////
>>
>> kekvienam useriui kuris po patha?
>> ///
>> path = /home/shares/P.Ponaitis
>> ///
>> smb.conf'e irasyk
>>
>> [homes]
>> comment = Home Directories
>> browseable = yes
>>
>>
>> Gero vakaro,
>> Edvinas
>>
>>
>> "paprastas" <paprastas@delfi.lt> wrote in message
>> news:hemmu6$9bn$1@trimpas.omnitel.net...
>>> krb5.conf
>>>
>>>
>>>
>>> [libdefaults]
>>>
>>> ticket_lifetime = 24000
>>>
>>> default_realm = XXX.LOCAL
>>>
>>> default_tgs_enctypes = des3-hmac-sha1
>>>
>>> default_tkt_enctypes = des3-hmac-sha1
>>>
>>> [realms]
>>>
>>> XXX.LOCAL = {
>>>
>>> kdc =
>>> XXX01.xxx.local
>>>
>>> admin_server =
>>> XXX01.xxx.local
>>>
>>> default_domain =
>>> XXX.LOCAL
>>>
>>> }
>>>
>>> [domain_realm]
>>>
>>> .xxx.local = XXX.LOCAL
>>>
>>> xxx.local = XXX.LOCAL
>>>
>>> [login]
>>>
>>> krb4_convert = true
>>>
>>> krb4_get_tickets = false
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> smn.cof
>>>
>>>
>>>
>>> [global]
>>>
>>> security = ads
>>>
>>> realm = XXX.LOCAL
>>>
>>> password server = XXX01.xxx.local
>>>
>>> workgroup = XXX
>>>
>>> idmap uid = 500-10000000
>>>
>>> idmap gid = 500-10000000
>>>
>>> winbind separator = +
>>>
>>> winbind enum users = yes
>>>
>>> winbind enum groups = yes
>>>
>>> winbind use default domain = yes
>>>
>>> template homedir = /home/%D/%U
>>>
>>> template shell = /bin/bash
>>>
>>> client use spnego = yes
>>>
>>> domain master = no
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> Hosts
>>>
>>> 127.0.0.1 localhost
>>>
>>> 127.0.1.1 servas.xxx.local servas
>>>
>>> 192.168.xx.01 XXX01.xxx.local XXX01
>>>
>>>
>>>
>>>
>>>
>>> nsswitch.conf
>>>
>>>
>>>
>>> passwd: compat winbind
>>>
>>> group: compat winbind
>>>
>>> shadow: compat
>>>
>>>
>>>
>>> hosts: files dns wins winbind
>>>
>>> networks: files
>>>
>>>
>>>
>>> protocols: db files
>>>
>>> services: db files
>>>
>>> ethers: db files
>>>
>>> rpc: db files
>>>
>>>
>>>
>>> netgroup: nis
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> resolv.conf
>>>
>>> domain xxx.local
>>>
>>> search xxx.local
>>>
>>> nameserver 192.168.xx.01
>>>
>>>
>>>
>>>
>>>
>>> kinit Administrator - gerai
>>>
>>>
>>>
>>>
>>>
>>> net ads testjoin - gerai
>>>
>>>
>>>
>>>
>>>
>>> net ads join -U Adminitrator@xxx.local - kartais meta klaida, o kartais
>>> ne, kodel?
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> libads/kerberos.c:ads_kinit_passwords(356)
>>>
>>>
>>>
>>>
>>>
>>> kerberos kinit_password SERVAS@XXX.LOCAL failed: Preauthentication
>>> failed
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> o jeigu ads net join -U V.Pavarde@XXX.LOCAL - failed to set password for
>>> machine account (NT_STATUS-ACCESS_DENIED)
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> wbinfo - u ir wbinfo -g rodo tiek userius tiek grupes Windows AD
>>>
>>>
>>>
>>>
>>>
>>> Esme tokia, jog norisi sukonfiguruoti SAMBA ir sukurti joje katologa,
>>> kur kiekvienas vartotojas, kuris yra prisijunges prie windows AD domeno,
>>>
>>>
>>>
>>> jungiantis prie sambos katalogo, ieitu i tam tikra kataloga, o i kito
>>> zmogaus kataloga negaletu ieiti, ta prasme autorizuotusi konkreciam
>>> katalogui
>>>
>>>
>>>
>>> konkretus zmogus (na tai pvz. path = /home/shares/J.Jonaitis valid users
>>> XXX\J.Jonaitis i ta kataloga ieis tik J.Jonaitis, o i
>>>
>>>
>>>
>>> path = /home/shares/P.Ponaitis valid users XXX\P.Ponaitis i ta kataloga
>>> ieis tik P.Ponaitis). Kas negerai gali buti konfiguose situose ar dar
>>> kazka as
>>>
>>>
>>>
>>> praleidziu, siaip buvau pasileides, bet visi konfigai dingo del tam
>>> tikru priezasciu, kas galetu pasidalinti mintimis. aciu.
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> __________ Information from ESET NOD32 Antivirus, version of virus
>>> signature database 4640 (20091126) __________
>>>
>>> The message was checked by ESET NOD32 Antivirus.
>>>
>>> http://www.eset.com
>>>
>>>
>>>
>>
>>
>>
>> __________ Information from ESET NOD32 Antivirus, version of virus
>> signature database 4640 (20091126) __________
>>
>> The message was checked by ESET NOD32 Antivirus.
>>
>> http://www.eset.com
>>
>>
>>
>>
>
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus
> signature database 4642 (20091127) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
__________ Information from ESET NOD32 Antivirus, version of virus signature database 4642 (20091127) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com