标签:Samba winbind echo etc 为域 samba conf yes FreeBSD12
一、系统镜像下载地址
FreeBSD-12.2-RELEASE-amd64-dvd1.iso
二、配置静态IP地址
使用如下命令配置:
bsdconfig三、配置主机名
vim /etc/rc.conf
hostname="fb"四、配置DNS
vim /etc/resolv.conf
# Generated by resolvconf
search SVROS.COM //设置域控制器域名
# nameserver 192.168.253.2
nameserver 192.168.253.130 //设置域控制器IP地址
nameserver 114.114.114.114
nameserver 127.0.0.1
options edns0五、更新系统
freebsd-update fetch
freebsd-update install六、修改 /etc/sysctl.conf
echo "kern.maxfiles=25600" >> /etc/sysctl.conf
echo "kern.maxfilesperproc=16384" >> /etc/sysctl.conf
echo "net.inet.tcp.sendspace=65536" >> /etc/sysctl.conf
echo "net.inet.tcp.recvspace=65536" >> /etc/sysctl.conf七、安装“pkg”包管理器和更新仓库
pkg
pkg update八、如果您运行在VMware中,请安装open-vm-tools-nox11 包
pkg install open-vm-tools-nox11
echo "vmware_guest_vmblock_enable=YES" >> /etc/rc.conf
echo "vmware_guest_vmhgfs_enable=NO" >> /etc/rc.conf
echo "vmware_guest_vmmemctl_enable=YES" >> /etc/rc.conf
echo "vmware_guest_vmxnet_enable=YES" >> /etc/rc.conf
echo "vmware_guestd_enable=YES" >> /etc/rc.conf九、安装Samba 4.13
pkg install samba413十、创建/etc/krb5.conf
[libdefaults]
default_realm = SVROS.COM //设置域名
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = yes十一、修改/etc/nsswitch.conf
sed -i -e "s/^passwd:.*/passwd: files winbind/" /etc/nsswitch.conf
sed -i -e "s/^group:.*/group: files winbind/" /etc/nsswitch.conf十二、创建/usr/local/etc/smb4.conf
[global]
workgroup = SVROS
server string = Samba Server Version %v
security = ads
realm = SVROS.COM
domain master = no
local master = no
preferred master = no
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=131072 SO_SNDBUF=131072
use sendfile = true
idmap config * : backend = tdb
idmap config * : range = 100000-299999
idmap config SVROS : backend = rid
idmap config SVROS : range = 10000-99999
winbind separator = +
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
winbind nested groups = yes
winbind refresh tickets = yes
template homedir = /home/%D/%U
template shell = /bin/false
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
restrict anonymous = 2
log file = /var/log/samba4/log.%m
max log size = 50
#============================ Share Definitions ==============================
[testshare]
comment = Test share
path = /samba/testshare
read only = no
force group = "Domain Users"
directory mode = 0770
force directory mode = 0770
create mode = 0660
force create mode = 0660十三、将samba加入到域
net ads join --no-dns-updates -U administrator
net ads testjoin
# Should report "Join is OK"
# On your DC, open the DNS MMC and add an "A" entry for your BSD server so clients can find it十四、使 SAMBA启动并设置为开机自启动
echo "samba_server_enable=YES" >> /etc/rc.conf
echo "winbindd_enable=YES" >> /etc/rc.conf
service samba_server start十五、测试 Kerberos
kinit administrator
# Enter domain admin password, it should return to the prompt with no errors
klist
# Credentials cache: FILE:/tmp/krb5cc_0
# Principal: administrator@SVROS.COM
#
# Issued Expires Principal
# Dec 6 10:15:39 2021 Feb 4 20:15:39 2021 krbtgt十六、测试Winbind
wbinfo -u
# Should return domain users
wbinfo -g
# Should return domain groups
getent passwd
# Should return domain users at the end of the list with 10000+ UIDs
getent group
# Should return domain groups at the end of the list with 10000+ GIDs十七、如果wbinfo命令不能正常显示且报错,请允许一下命令
service samba_server restart十八、创建共享文件夹
mkdir -p /samba/testshare
chown "administrator":"domain users" /samba/testshare
chmod 0770 /samba/testshare十九、测试成功
标签:Samba,winbind,echo,etc,为域,samba,conf,yes,FreeBSD12 来源: https://blog.csdn.net/pyf987337461/article/details/116951995
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。