Samba-clen domeny windows, problem s "getent"
rathousky na centrum.cz
rathousky na centrum.cz
Středa Květen 3 11:42:43 CEST 2006
Zdravim,
potreboval bych udelat fileserver ktery bude overovat uzivatele oproti
domenovemu radici.
S pomoci mnoha clanku, manualu a DOCek jsem vytlacil priblizne toto:
smb.conf:
[global]
unix charset = LOCALE
workgroup = office
realm = OFFICE.BLA.CZ
server string = Gamma
security = ADS
allow trusted domains = no
username map = /etc/samba/smbusers
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
printcap name = CUPS
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
template primary group = "Domain Users"
template shell = /bin/false
winbind separator = +
printing = cups
[public]
path = /mnt/raid/
writeable = yes
browseable = yes
valid users = @"domain users"
/etc/krb5.conf:
[libdefaults]
clockskew = 600
default_realm = OFFICE.BLA.CZ
[realms]
OFFICE.BLA.CZ = {
kdc = alpha.office.bla.cz
default_domain = OFFICE.BLA.CZ
kpasswd_server = alpha.office.bla.cz
}
[domain_realm]
.OFFICE.BLA.CZ = OFFICE.BLA.CZ
[logging]
default = SYSLOG:NOTICE:DAEMON
kdc = FILE:/var/log/kdc.log
kadmind = FILE:/var/log/kadmind.log
[appdefaults]
pam = {
ticket_lifetime = 1d
renew_lifetime = 1d
forwardable = true
proxiable = false
retain_after_close = false
minimum_uid = 0
debug = false
}
kdyz zkusim wbinfo -u tak mi to vypise vsechny uzivatele z domenoveho
radice, wbinfo -g vsechny grupy, ale kdyz zkusim "getent passwd" tak mi to
vrati jen seznam z /etc/passwd bez uzivatelu z domeny (kteri by tam podle
vsehy byt meli).
Poradi mi nekdo?
Nebo delam neco spatne?
Další informace o konferenci Linux