標籤:samba ad
軟體需求:
krb5-workstation-1.9-33.el6_3.2.x86_64
krb5-libs-1.9-33.el6_3.2.x86_64
krb5-devel-1.9-33.el6_3.2.x86_64
pam_krb5-2.3.11-9.el6.x86_64
samba-3.5.10-125.el6.x86_64
samba-client-3.5.10-125.el6.x86_64
samba-winbind-clients-3.5.10-125.el6.x86_64
samba-winbind-3.5.10-125.el6.x86_64
samba-common-3.5.10-125.el6.x86_64
測試環境關閉iptables 和selinux
service iptables stop
setenforce 0
yum -y install統一安裝
下邊以test.com為網域名稱主域ip 192.168.10.10安裝
編輯/etc/krb5.conf
-----------/etc/krb5.conf-----------
[libdefaults]
default_realm = TEST.COM()
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
[realms]
EXAMPLE.COM = {
kdc = 192.168.10.10:88
admin_server = 192.168.10.10:749
default_domain = TEST.COM
}
[domain_realm]
.test.com = TEST.COM
test.com = TEST.COM
----------------------------------------
編輯/etc/nsswitch.conf
passwd: files winbind
shadow: files winbind
group: files winbind
編輯/etc/resolve.conf
加入行: nameserver 192.168.10.10
編輯/etc/samba/smb.conf
----------/etc/samba/smb.conf----------
workgroup = EXAMPLE
server string = Samba Server Version %v
netbios name = hostname
# ----------------------- Domain Members Options ------------------------
security = ads
passdb backend = tdbsam
realm = example.com
password server = 192.168.10.10
encrypt passwords = yes
idmap uid = 16777216-33554431
idmap gid = 18777216-33554431
template shell = /bin/bash
template homedir = /home/%U
winbind use default domain = true
winbind offline logon = true
-----------------------------------------------------------------------
#nepdate 192.168.10.10 同步網域服務器時間
#net ads join -U administrator 後再輸入administrator密碼加入域
#net ads leave -U administrator 退域
wbinfo -t 查看域連結狀態
wbinfo -u 查看域使用者
wbinfo -g 查看域組
------------------------設定samba查看使用者動作記錄 刪改上傳檔案等---------------------
/etc/samba/smb.conf
vfs_object = full_audit
full_audit:prefix = %u|%I|%m|%S
full_audit:success = mkdir rename unlink rmdir write chmod chown
full_audit:failure = none
full_audit:facility = LOCAL5
full_audit:priority = NOTICE
設定好就可以在/etc/rsyslog.conf下設定日誌存放路徑。
local5.* /var/log/samba/samba.log
----------------------------------------------------------------------------------
可以用 loganalyzer 通過lamp訪問查看
yum -y install rsyslog-mysql
會內建一個建立資料庫指令碼 /usr/shart/doc/rsyslog-mysql-**/createDB.sql
建立mysql使用者,並建立資料庫
mysql>grant all on Syslog to ‘log‘@‘localhost‘ identified by ‘logpass‘
#mysql -ulog -p < /usr/shart/doc/rsyslog-mysql-**/createDB.sql
--------------/etc/rsyslog.conf------------------
$ModLoad ommysql 載入mysql模組
local5.* :ommysql:localhost,Syslog,log,logpass
----------------------------------------------------
下載loganalyzer wget http://download.adiscon.com/loganalyzer/loganalyzer-3.6.5.tar.gz
解壓
#cd loganalyzer***
#cp scr /var/www/html/log
#cp contrib/* /var/www/html/log/
#cd /var/www/html/log
#bash ./configure.sh
本文出自 “12012100” 部落格,請務必保留此出處http://12022100.blog.51cto.com/12012100/1954270
linux samba共用加入windows server 域
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
