Winbind

Prerequisites

yum install ntp samba-winbind krb5-workstation authconfig

NTP

Make sure time is synchronized with the ADS controller.

authconfig

Run authconfig

# authconfig --updateall --enablewinbind --enablelocauthorize --enablewinbindauth --smbsecurity=ads --smbrealm=DOMAIN.LAN \
--smbidmapuid=10000-20000 --smbidmapgid=10000-20000 --winbindseparator=/ --winbindtemplatehomedir=/home/%U \
--winbindtemplateshell=/bin/bash --enablewinbindusedefaultdomain --winbindjoin=Administrator

Verify domain membership

# wbinfo -u
administrator
guest
krbtgt
mobile user tmpl
user tmpl
power user tmpl
administrator tmpl
...

Tune /etc/samba/smb.conf

Add these parameters:

   winbind cache time = 10
   winbind enum users = Yes
   winbind enum groups = Yes
   winbind nested groups = Yes
   obey pam restrictions = yes

Restart winbind

service winbind restart

Verify integration

# getent passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
...
administrator:*:10001:10000:Administrator:/home/administrator:/bin/bash
guest:*:10002:10001:Guest:/home/guest:/bin/bash
...

Winbind

Prerequisites

NTP

authconfig

Verify domain membership

Tune /etc/samba/smb.conf

Verify integration

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Tools