Documento final samba 4
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
825
On Slideshare
825
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
5
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. SAMBA4 EN UBUNTU 13.10. # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 #iface eth0 inet dhcp iface eth0 inet static address 192.168.0.100 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 gateway 192.168.1.1 dns-nameservers 192.168.0.100 8.8.8.8 dns-search fran.local 1) Instalamos dependencias de Samba4 $ sudo apt-get install build-essential libacl1-dev libattr1dev libblkid-dev libgnutls-dev libreadline-dev pythondev python-dnspython gdb pkg-config libpopt-dev libldap2dev dnsutils libbsd-dev attr krb5-user docbook-xsl libcups2dev acl git. 2) krb5-user. Default Realm: FRAN.LOCAL Default Realm: 127.0.0.1 Administrative Server: 127.0.0.1
  • 2. 3) FSTAB 1) 2) 3) $ nano /etc/fstab UUID=db6f8346-60ca-47b4-8ab2-046337abd834 / ext4 user_xattr,acl,barrier=1,errors=remount -ro 0 1 $ mount -a 4) Descargamos Samba4 $ git clone git://git.samba.org/samba.git samba-master $ git pull Compilamos e Instalamos Samba4 $ cd samba-master $ sudo ./configure $ sudo make $ sudo make install 5) Provisionamos DC sudo /usr/local/samba/bin/samba-tool domain provision --use-rfc2307 --interactive --use-ntvfs Realm [test.local]: FRAN.LOCAL Domain [S4]: FRAN Server Role (dc, member, standalone) [dc]: dc DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]:SAMBA_INTERNAL DNS forwarder IP address( ‘none’)
  • 3. [192.168.0.100]:192.168.0.100 Administrator password:123abc. Retype password:123abc. 6) Modificamos resolv.conf 1) nano /etc/resolv.conf 2) domain fran.local nameserver 192.168.0.100 3) Poñemos resolv de solo lectura chattr +i /etc/resolv.conf 7) Modificamos kerberos. mv /etc/krb5.conf /etc/krb5.conf.bak cp /usr/local/samba/private/krb5.conf /etc/krb5.conf nano /etc/krb5.conf [libdefaults] default_realm = FRAN.LOCAL default_keytab_name = FILE:/var/db/samba4/private/dns.keytab dns_lookup_realm = false dns_lookup_kdc = true [realms] FRAN.LOCAL = { kdc = 192.168.0.100 admin_server = 192.168.0.100
  • 4. } [domain_realm] .fran.local = FRAN.LOCAL Start Samba sudo ./usr/local/samba/sbin/samba Modificamos smb.conf # Global parameters [global] workgroup = FRAN realm = FRAN.LOCAL netbios name = UBUNTU server role = active directory domain controller dns forwarder = 192.168.0.100 server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind, ntp_signd, kcc, dnsupdate, dns, smb dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver, winreg, srvsvc idmap_ldb:use rfc2307 = yes [netlogon] path = /usr/local/samba/var/locks/sysvol/fran.local/scripts read only = No
  • 5. [sysvol] path = /usr/local/samba/var/locks/sysvol read only = No Añadimos Directorios o PATH sudo nano ~/.bashrc PATH=$PATH:/usr/local/samba/sbin PATH=$PATH:/usr/local/samba/bin Start Samba sudo ./usr/local/samba/sbin/samba Probamos conexion cun cliente. usr/local/samba/bin/smbclient -L localhost -U% /usr/local/samba/bin/smbclient //localhost/netlogon -UAdministrator%"your_password" -c 'ls' Testeamos DNS host -t SRV _ldap._tcp.fran.local.
  • 6. host -t SRV _kerberos._udp.fran.local. host -t A fran.local. Testeamos krb5 kinit administrator@FRAN.LOCAL klist Añadimos carpetas mkdir -m 770 /Users chmod g+s /Users chown root:users /Users /usr/local/samba/etc/smb.conf [Users] directory_mode: parameter = 0700 read only = no path = /Users csc policy = documents Para que non expire a clave do administrador en 42. /usr/local/samba/bin/samba-tool user setexpiry administrator --noexpiry
  • 7. host -t SRV _kerberos._udp.fran.local. host -t A fran.local. Testeamos krb5 kinit administrator@FRAN.LOCAL klist Añadimos carpetas mkdir -m 770 /Users chmod g+s /Users chown root:users /Users /usr/local/samba/etc/smb.conf [Users] directory_mode: parameter = 0700 read only = no path = /Users csc policy = documents Para que non expire a clave do administrador en 42. /usr/local/samba/bin/samba-tool user setexpiry administrator --noexpiry