User Tools
fileservices:samba_active_directory_integration_on_ubuntu
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
fileservices:samba_active_directory_integration_on_ubuntu [2013/03/15 10:32] 127.0.0.1 external edit |
fileservices:samba_active_directory_integration_on_ubuntu [2021/05/21 13:59] (current) tschulz [Install] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Samba Active Directory Integration on Ubuntu ====== | ====== Samba Active Directory Integration on Ubuntu ====== | ||
| ===== Install ===== | ===== Install ===== | ||
| - | <code>apt-get install samba winbind ntp krb5-kdc krb5-admin-server rng-tools</code> | + | <code>apt-get install samba winbind ntp krb5-kdc krb5-admin-server rng-tools libnss-winbind libpam-winbind</code> |
| ===== /etc/krb5.conf ===== | ===== /etc/krb5.conf ===== | ||
| <code>[logging] | <code>[logging] | ||
| Line 28: | Line 28: | ||
| debug = false | debug = false | ||
| ticket_lifetime = 36000</code> | ticket_lifetime = 36000</code> | ||
| + | |||
| + | ===== NEW krb5.conf ===== | ||
| + | <file> | ||
| + | [libdefaults] | ||
| + | default_realm = SAMDOM.EXAMPLE.COM | ||
| + | dns_lookup_realm = false | ||
| + | dns_lookup_kdc = true | ||
| + | </file> | ||
| + | |||
| ===== /etc/network/interfaces ===== | ===== /etc/network/interfaces ===== | ||
| <code>iface eth0 inet static | <code>iface eth0 inet static | ||
| Line 67: | Line 76: | ||
| template shell = /bin/bash | template shell = /bin/bash | ||
| </code> | </code> | ||
| - | ===== commands ===== | + | ===== Join domain ===== |
| <code>kdb5_util create | <code>kdb5_util create | ||
| kdb5_util stash | kdb5_util stash | ||
| Line 73: | Line 82: | ||
| </code> | </code> | ||
| + | ===== (Dynamic Home Directory Creation) pam_mkhomedir ===== | ||
| + | install libpam-mkhomedir | ||
| + | <file> | ||
| + | apt-get install libpam-mkhomedir | ||
| + | </file> | ||
| + | add **session required pam_mkhomedir.so skel=/etc/skel/ umask=0077** to common-session* | ||
| + | <file pam /etc/pam.d/common-session> | ||
| + | ... | ||
| + | # here are the per-package modules (the "Primary" block) | ||
| + | session [default=1] pam_permit.so | ||
| + | # here's the fallback if no module succeeds | ||
| + | session requisite pam_deny.so | ||
| + | # prime the stack with a positive return value if there isn't one already; | ||
| + | # this avoids us returning an error just because nothing sets a success code | ||
| + | # since the modules above will each just jump around | ||
| + | session required pam_permit.so | ||
| + | |||
| + | session required pam_mkhomedir.so skel=/etc/skel/ umask=0077 | ||
| + | ... | ||
| + | </file> | ||
| + | |||
| + | <file pam /etc/pam.d/common-session-noninteractive> | ||
| + | ... | ||
| + | # here are the per-package modules (the "Primary" block) | ||
| + | session [default=1] pam_permit.so | ||
| + | # here's the fallback if no module succeeds | ||
| + | session requisite pam_deny.so | ||
| + | # prime the stack with a positive return value if there isn't one already; | ||
| + | # this avoids us returning an error just because nothing sets a success code | ||
| + | # since the modules above will each just jump around | ||
| + | session required pam_permit.so | ||
| + | |||
| + | session required pam_mkhomedir.so skel=/etc/skel/ umask=0077 | ||
| + | ... | ||
| + | </file> | ||
fileservices/samba_active_directory_integration_on_ubuntu.1363361578.txt.gz · Last modified: 2014/02/05 13:51 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
