Tema: Re: SAMBA authenticaten Windowa Activy Directory
Autorius: Edvinas Juozaitis
Data: 2009-11-26 22:47:06
kam to reikia?
////
net join -U V.Pavarde@XXX.LOCAL
////
kekvienam useriui kuris po patha?
///
path = /home/shares/P.Ponaitis
///
smb.conf'e irasyk
[homes]
comment = Home Directories
browseable = yes
Gero vakaro,
Edvinas
"paprastas" <paprastas@delfi.lt> wrote in message
news:hemmu6$9bn$1@trimpas.omnitel.net...
> krb5.conf
>
>
>
> [libdefaults]
>
> ticket_lifetime = 24000
>
> default_realm = XXX.LOCAL
>
> default_tgs_enctypes = des3-hmac-sha1
>
> default_tkt_enctypes = des3-hmac-sha1
>
> [realms]
>
> XXX.LOCAL = {
>
> kdc =
> XXX01.xxx.local
>
> admin_server =
> XXX01.xxx.local
>
> default_domain =
> XXX.LOCAL
>
> }
>
> [domain_realm]
>
> .xxx.local = XXX.LOCAL
>
> xxx.local = XXX.LOCAL
>
> [login]
>
> krb4_convert = true
>
> krb4_get_tickets = false
>
>
>
>
>
>
>
> smn.cof
>
>
>
> [global]
>
> security = ads
>
> realm = XXX.LOCAL
>
> password server = XXX01.xxx.local
>
> workgroup = XXX
>
> idmap uid = 500-10000000
>
> idmap gid = 500-10000000
>
> winbind separator = +
>
> winbind enum users = yes
>
> winbind enum groups = yes
>
> winbind use default domain = yes
>
> template homedir = /home/%D/%U
>
> template shell = /bin/bash
>
> client use spnego = yes
>
> domain master = no
>
>
>
>
>
>
>
> Hosts
>
> 127.0.0.1 localhost
>
> 127.0.1.1 servas.xxx.local servas
>
> 192.168.xx.01 XXX01.xxx.local XXX01
>
>
>
>
>
> nsswitch.conf
>
>
>
> passwd: compat winbind
>
> group: compat winbind
>
> shadow: compat
>
>
>
> hosts: files dns wins winbind
>
> networks: files
>
>
>
> protocols: db files
>
> services: db files
>
> ethers: db files
>
> rpc: db files
>
>
>
> netgroup: nis
>
>
>
>
>
>
>
>
>
> resolv.conf
>
> domain xxx.local
>
> search xxx.local
>
> nameserver 192.168.xx.01
>
>
>
>
>
> kinit Administrator - gerai
>
>
>
>
>
> net ads testjoin - gerai
>
>
>
>
>
> net ads join -U Adminitrator@xxx.local - kartais meta klaida, o kartais
> ne, kodel?
>
>
>
>
>
>
>
>
>
> libads/kerberos.c:ads_kinit_passwords(356)
>
>
>
>
>
> kerberos kinit_password SERVAS@XXX.LOCAL failed: Preauthentication failed
>
>
>
>
>
>
>
>
>
> o jeigu ads net join -U V.Pavarde@XXX.LOCAL - failed to set password for
> machine account (NT_STATUS-ACCESS_DENIED)
>
>
>
>
>
>
>
>
>
>
>
> wbinfo - u ir wbinfo -g rodo tiek userius tiek grupes Windows AD
>
>
>
>
>
> Esme tokia, jog norisi sukonfiguruoti SAMBA ir sukurti joje katologa, kur
> kiekvienas vartotojas, kuris yra prisijunges prie windows AD domeno,
>
>
>
> jungiantis prie sambos katalogo, ieitu i tam tikra kataloga, o i kito
> zmogaus kataloga negaletu ieiti, ta prasme autorizuotusi konkreciam
> katalogui
>
>
>
> konkretus zmogus (na tai pvz. path = /home/shares/J.Jonaitis valid users
> XXX\J.Jonaitis i ta kataloga ieis tik J.Jonaitis, o i
>
>
>
> path = /home/shares/P.Ponaitis valid users XXX\P.Ponaitis i ta kataloga
> ieis tik P.Ponaitis). Kas negerai gali buti konfiguose situose ar dar
> kazka as
>
>
>
> praleidziu, siaip buvau pasileides, bet visi konfigai dingo del tam tikru
> priezasciu, kas galetu pasidalinti mintimis. aciu.
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus
> signature database 4640 (20091126) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
__________ Information from ESET NOD32 Antivirus, version of virus signature database 4640 (20091126) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com