Winbind: Difference between revisions
From VVCWiki
Jump to navigationJump to search
(enable local accounts) |
(No difference)
|
Latest revision as of 12:48, 3 July 2009
Prerequisites
yum install ntp samba-winbind krb5-workstation authconfig
NTP
Make sure time is synchronized with the ADS controller.
authconfig
Run authconfig
# authconfig --updateall --enablewinbind --enablelocauthorize --enablewinbindauth --smbsecurity=ads --smbrealm=DOMAIN.LAN \ --smbidmapuid=10000-20000 --smbidmapgid=10000-20000 --winbindseparator=/ --winbindtemplatehomedir=/home/%U \ --winbindtemplateshell=/bin/bash --enablewinbindusedefaultdomain --winbindjoin=Administrator
Verify domain membership
# wbinfo -u administrator guest krbtgt mobile user tmpl user tmpl power user tmpl administrator tmpl ...
Tune /etc/samba/smb.conf
Add these parameters:
winbind cache time = 10 winbind enum users = Yes winbind enum groups = Yes winbind nested groups = Yes obey pam restrictions = yes
Restart winbind
service winbind restart
Verify integration
# getent passwd root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin ... administrator:*:10001:10000:Administrator:/home/administrator:/bin/bash guest:*:10002:10001:Guest:/home/guest:/bin/bash ...