This shows you the differences between two versions of the page.
Next revision | Previous revision Last revision Both sides next revision | ||
fileservices:samba_active_directory_integration_on_ubuntu [2013/03/15 10:32] 127.0.0.1 external edit |
fileservices:samba_active_directory_integration_on_ubuntu [2019/06/26 10:28] tschulz [/etc/krb5.conf] |
||
---|---|---|---|
Line 28: | Line 28: | ||
debug = false | debug = false | ||
ticket_lifetime = 36000</code> | ticket_lifetime = 36000</code> | ||
+ | |||
+ | ===== NEW krb5.conf ===== | ||
+ | <file> | ||
+ | [libdefaults] | ||
+ | default_realm = SAMDOM.EXAMPLE.COM | ||
+ | dns_lookup_realm = false | ||
+ | dns_lookup_kdc = true | ||
+ | </file> | ||
+ | |||
===== /etc/network/interfaces ===== | ===== /etc/network/interfaces ===== | ||
<code>iface eth0 inet static | <code>iface eth0 inet static | ||
Line 67: | Line 76: | ||
template shell = /bin/bash | template shell = /bin/bash | ||
</code> | </code> | ||
- | ===== commands ===== | + | ===== Join domain ===== |
<code>kdb5_util create | <code>kdb5_util create | ||
kdb5_util stash | kdb5_util stash | ||
Line 73: | Line 82: | ||
</code> | </code> | ||
+ | ===== (Dynamic Home Directory Creation) pam_mkhomedir ===== | ||
+ | install libpam-mkhomedir | ||
+ | <file> | ||
+ | apt-get install libpam-mkhomedir | ||
+ | </file> | ||
+ | add **session required pam_mkhomedir.so skel=/etc/skel/ umask=0077** to common-session* | ||
+ | <file pam /etc/pam.d/common-session> | ||
+ | ... | ||
+ | # here are the per-package modules (the "Primary" block) | ||
+ | session [default=1] pam_permit.so | ||
+ | # here's the fallback if no module succeeds | ||
+ | session requisite pam_deny.so | ||
+ | # prime the stack with a positive return value if there isn't one already; | ||
+ | # this avoids us returning an error just because nothing sets a success code | ||
+ | # since the modules above will each just jump around | ||
+ | session required pam_permit.so | ||
+ | |||
+ | session required pam_mkhomedir.so skel=/etc/skel/ umask=0077 | ||
+ | ... | ||
+ | </file> | ||
+ | |||
+ | <file pam /etc/pam.d/common-session-noninteractive> | ||
+ | ... | ||
+ | # here are the per-package modules (the "Primary" block) | ||
+ | session [default=1] pam_permit.so | ||
+ | # here's the fallback if no module succeeds | ||
+ | session requisite pam_deny.so | ||
+ | # prime the stack with a positive return value if there isn't one already; | ||
+ | # this avoids us returning an error just because nothing sets a success code | ||
+ | # since the modules above will each just jump around | ||
+ | session required pam_permit.so | ||
+ | |||
+ | session required pam_mkhomedir.so skel=/etc/skel/ umask=0077 | ||
+ | ... | ||
+ | </file> |