PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : SAMBA und Winbindd



thonix
23.07.02, 16:32
Hallo Leute,

Ich hab da mal ein Problem.

Ich habe Winbindd wie folgt installiert:

First install the pam-devel packet !!!!

./configure --prefix=/usr/local/samba --bindir=/usr/local/bin --sbindir=/usr/local/sbin --mandir=/usr/local/man --with-piddir=/var/run --with-configdir=/etc --without-winbindd --with-logfilebase=/var/log/ --with-pam --with-pam_smbpass
make
make install

now you edit the /etc/nsswitch from sonething like this:

passwd: compat
group: compat

or

passwd: nisplus
group: nisplus

- somtime the parameter shadow is used too - change it with the others -
to:

passwd: winbind compat
group: winbind compat

and maybe with something like this:

shadow winbind compat

Now we will also add some lines in the /etc/pam.d/* ( this file is calling *) keep it in clean and sort the locations
at beginning the file looks somethiong like this:

#%PAM-1.0
auth required /lib/security/pam_unix.so nullok
account required /lib/security/pam_unix.so
password required /lib/security/pam_pwcheck.so nullok
password required /lib/security/pam_unix.so nullok use_first_pass use_authtok
session required /lib/security/pam_unix.so

now add the follow lines:
auth sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_winbind.so

after edit it looks:

#%PAM-1.0
auth required /lib/security/pam_unix.so nullok
auth sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_unix.so
account required /lib/security/pam_winbind.so
password required /lib/security/pam_pwcheck.so nullok
password required /lib/security/pam_unix.so nullok use_first_pass use_authtok
session required /lib/security/pam_unix.so

now search the pam_winbind.so and copy to /lib/security

an example:
find / -name "pam_winbind.so"
cp /usr/src/samba-2.2.5/source/nsswitch/pam_winbind.so /lib/security

OK now join the domain

make an entry for the domain pdc in your /etc/hosts

an example:

10.1.1.1 YOURPDC


now use the command ( if you get the error command not found search the command ( find / -name "smbpasswd" )
if you have an older Version ( I dont know exactly what version) < 2.2.5 you must add an machine account in the doamin.
after this use this command

smbpasswd -j YOURDOMAIN -r YOURPDC

If you have 2.2.5 or higer you must only use this command:

smbpasswd -j YOURDOMAIN -r YOURPDC -U administrator
( you can use instead the administrator account and user with rights to create a computer account)

After one of this commands You should see Joined YOURDOMAIN

Now we must add some lins to the smb.conf

winbind separator = + (you can use "/" if you want but it can cause
problems)
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
netbios name = whatevenameyouwant
encrypt passwords = yes
preferred master = no (Important!!! can cause a lot of trouble if set
incorrectly
template shell = /bin/false (if users will be using telnet you must set /bin/bash)
workgroup = yourdomain
security = domain
password server = *

!!!! remove the () tags - and check the parameters - maybe you have double entries !!!!

Now start the smb and nmd deamon, you need then to start the winbindd ( and yes it has 2 d)

/usr/local/sbin/smbd
/usr/local/sbin/nmbd
/usr/local/sbin/winbindd

now you can use the command wbinfo -u so display all users in your domain or use the command wbinfo -g
to display the groups.

OK - mit wbinfo -u bekomme ich die use meiner Domäne angezeigt - jedoch geht hab ich keine gruppen auf meiner maschine.
-> wenn ich getent passwd mache sehe ich ledeglich meine Normale passwd.

Was habe ich vergessen ????

RS1
23.07.02, 19:29
Hallo, welche Version von Linux benutzt Du? Ich könnte dir eine Anleitung zusende die ich für mich erstellt habe für den Fall das ich es nochmals durchführen muss, und der Kopf ist doch so klein. Ich habe es mit Ver.7.3 und Samba 2.2.3 durchgeführt.

nullvolt
24.07.02, 14:45
ahoi,

was sagt denn "wbinfo -t" ?
good oder bad ?