Notepad:Samba

From Amar
Jump to navigationJump to search

Samba Set up

Set up synchronized time

/etc/ntpd.conf
service ntpd stop
ntpdate time.nist.gov
service ntpd.start

Hostname must contain the proper domain

/etc/sysconfig/network
HOSTNAME=xxxxxxx.domain.tld

You can dynamically change it with

hostname xxxxxxx.domain.tld

CentOS 7

/etc/hostname contains name

hosts file MUST list the name different from localhost 127.0.0.1

/etc/hosts
127.0.0.1               localhost.localdomain localhost
192.168.10.xxx          xxxxxxxx.domain.tld
192.168.10.yyy           ad1.domain.tld

krb5 set up right

/etc/krb5.conf
[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = PRICECOMM.LOCAL
 dns_lookup_realm = false
 dns_lookup_kdc = false

[realms]
 PRICECOMM.LOCAL= {
 kdc = rad1.silvercash.com:88
 admin_server = rad1.silvercash.com:749
 default_domain = pricecomm.local
}

[domain_realm]
 .pricecomm.local = PRICECOMM.LOCAL
 pricecomm.local = PRICECOMM.LOCAL

[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
}

Run kinit

 kinit Administrator

Configure Samba

/etc/smb.conf
[global]

       workgroup = pricecomm
       server string = dev01.teenmodels.com
       netbios name = tm-dev01
       hosts allow = 192.168.10.

       encrypt passwords = yes
       guest ok = yes
       winbind enum users = yes
       winbind enum groups = yes
       winbind cache time = 10


       # logs split per machine
       log file = /var/log/samba/%m.log
       # max 50KB per log file, then rotate
       max log size = 50

       security = ads
       realm = PRICECOMM.LOCAL
       client use spnego = yes
       password server = rad1.silvercash.com

       local master = no
;       os level = 33
;       preferred master = yes

       wins server = rad1.silvercash.com
;       wins proxy = yes

;       dns proxy = yes

#============================ Share Definitions ==============================

  idmap uid = 16777216-33554431
  idmap gid = 16777216-33554431
  template shell = /bin/false
  winbind use default domain = no
  winbind separator = +

Join Domain

restart services to be sure

service winbind restart
service smb restart
service nmb restart

net ads join -U Administrator

Modify nsswitch

/etc/nsswitch.conf 
passwd:     files winbind
shadow:     files
group:      files winbind
protocols:  files winbind
rpc:        files winbind
services:   files winbind

Run Services

restart services to be sure

service winbind restart
service smb restart
service nmb restart

Test

wbinfo -u
wbinfo -g
getent passwd
getent group

Jacques Approved !!


← Back to Notepad



<insert>googlesearchwiki</insert> <insert>paypal</insert> <insert>analytics</insert>