SAMBA4 Instalação no Debian

1. SAMBA 4 - Tutorial de Instalacao no Debian
Instalandopacotes
# apt-getinstall linux-sourcelinux-headers-$(uname -r) build-essential sshvimopenvpn
libreadline-devgitbuild-essentiallibattr1-devlibblkid-devlibgnutls28-devautoconfpython-
dev python-dnspythonlibacl1-devgdbpkg-configlibpopt-devlibldap2-devdnsutilsacl attr
libbsd-devdocbook-xsl libcups2-devkrb5-user
SetandopermissõesespeciaisdoAD
$ sudovim/etc/fstab
/dev/sdb1 /home xfs user_xattr,acl,barrier=1 1 1
# mount-oremount,rw/home
Testandopermissoesespeciais
# touchtest.txt
# setfattr-nuser.test-vtesttest.txt
# setfattr-nsecurity.test-vtest2test.txt
# getfattr-dtest.txt
# getfattr-nsecurity.test-dtest.txt
Se estivertudocorreto,oscomandosacima retornaraoessasrespostas,respectivamente:
# file:test.txt
user.test="test"
# file:test.txt
security.test="test2"
Instalandoe sincronizandoserviçode timercomPUCPR
# apt-getinstall ntpdate
# ntpdate ntp.pucpr.br

2. Setandohostname
# vim/etc/hostname
samba4
Setandoresolvedores
# vim/etc/resolv.conf
domainshark.net
searchshark.net
nameserver192.168.0.250
nameserver189.4.0.157 189.4.0.152
Setandoip
# vim/etc/network/interfaces
# The primarynetworkinterface
iface eth0inetstatic
address192.168.0.250
netmask255.255.255.0
gateway192.168.0.1
dns-nameservers192.168.0.250 189.4.0.157
dns-searchshark.net
Configurandooarquivo/etc/hosts
# vim/etc/hosts
127.0.0.1 localhost
127.0.1.1 samba4.shark.net samba4
192.168.0.250 samba4.shark.net samba4

3. # The followinglinesare desirable forIPv6capable hosts
::1 localhostip6-localhostip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
# wgethttp://ftp.samba.org/pub/samba/samba-4.1.16.tar.gz
# tar xvzf samba-4.1.16.tar.gz
# cd samba-4.1.16
# ./configure --prefix=/opt/samba --enable-debug --enable-selftest
# make
# make install
Solucaotemporariaparaexportarpath’sdo SAMBA4 compiladono/opt/samba
# exportPATH=$PATH:/opt/samba/bin/
Solucaodefinitivaparaexportarpath’sdoSAMBA4 no/opt/samba
# vim/etc/profile ( cole aofinal doarquivo)
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/samba/bin:/opt/samba
/sbin"
# . /etc/profile
RebootdoSO
# init6
Subindooserviço
# /opt/samba/sbin/samba
Ou apenas
# samba( apósexportaras path’s)

4. # psaux | grepsamba
Criandoo DominioAD
# /opt/samba/bin/samba-tooldomainprovision
Ou apenas
# samba-tool domainprovision( aposexportaraspath’s )
# Exemplode configuracaopara/etc/krb5.conf
[logging]
default= FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server=FILE:/var/log/kadmind.log
[libdefaults]
default_realm=shark.net
dns_lookup_realm=false
dns_lookup_kdc= true
ticket_lifetime=24h
renew_lifetime =7d
forwardable =true
[realms]
SHARK.NET= {
kdc = samba4.shark.net # ( aqui pode sero ip doServidor)
admin_server= samba4.shark.net
}

5. [domain_realm]
.shark.net= samba4.shark.net
shark.net= samba4.shark.net
Sobe SAMBA 4
# samba
Testandoo smb.conf
# testparm
# /opt/samba/bin/smbclient//localhost/netlogon -UAdministrator%'SUA_SENHA'-c"ls"
Consultandoclient:
# /opt/samba/bin/smbclient –version
# /opt/samba/bin/smbclient -Llocalhost-U%
VerificandozonaprimariacriadapeloSAMBA 4
# samba-tool dnszonelist127.0.0.1 --auto-U Administrator--password=SUA_SENHA
Criandozonade DNSreverso
# samba-tool dnszonecreate 127.0.0.1 0.168.192.in-addr.arpa -U Administrator--
password=SUA_SENHA
Verificandoazonareversa
# samba-tool dnszonelist127.0.0.1 --reverse -UAdministrator --password=SUA_SENHA
# verificarusabilidade
#AdicionandooRoteadordarede ao DNS
# samba-tool dnsadd192.168.0.1 0.168.192.in-addr.arpa 1 PTR roteador.shark.net -U
Administrator--password=SUA_SENHA
Desabilitandoacomplexidade de senhas

6. # samba-tool domainpasswordsettingsshow
# samba-tool domainpasswordsettingsset --complexity=off --history-length=0--min-pwd-
length=0--min-pwd-age=0
Relendoconfiguracoes
# /opt/samba/bin/smbcontrol all reload-config
Revisandousuarios
# /opt/samba/bin/samba-tooluserlist
# /opt/samba/bin/samba-toolusersetpasswordEduardo.charquero
Testandotiket
# kinitAdministrator@shark.net
# klist
Testandoo dominiocomdig
# digshark.net
Consultandokerberose ldap:
# dig-t srv_kerberos._tcp.shark.net
# dig-t srv_ldap._tcp.shark.net
# host-t A rwindows8
SetandoSAMBA 4 na inicializaçãodoSO
# vim/etc/init.d/samba
#! /bin/bash
### BEGIN INIT INFO
# Provides: samba

7. # Required-Start: $network $local_fs$remote_fs
# Required-Stop: $network $local_fs$remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description:start Samba daemons
### END INIT INFO
#
# Start/stopsthe Samba daemon (samba).
# Adapted from the Samba 3 packages.
#
SAMBAPID=/opt/samba/var/run/samba.pid
# clear conflicting settingsfrom the environment
unset TMPDIR
# See if the daemon and the config file are there
test -x /opt/samba/sbin -a -r /opt/samba/etc/ || exit 0
. /lib/lsb/init-functions
case "$1" in
start)
log_daemon_msg "Starting Samba 4 daemon" "samba"
if ! start-stop-daemon --start --quiet --oknodo --exec /opt/samba/sbin/samba -- -D; then
log_end_msg 1
exit 1
fi
log_end_msg 0
;;
stop)
log_daemon_msg "Stopping Samba 4 daemon" "samba"

8. start-stop-daemon --stop --quiet --name samba $SAMBAPID
# Wait a little and remove stale PID file
sleep 1
if [ -f $SAMBAPID ] && ! ps h `cat $SAMBAPID` > /dev/null
then
# Stale PID file (samba was succesfully stopped),
# remove it (should be removed by samba itself IMHO.)
rm -f $SAMBAPID
fi
log_end_msg 0
;;
restart|force-reload)
$0 stop
sleep 1
$0 start
;;
*)
echo "Usage: /etc/init.d/samba {start|stop|restart|force-reload}"
exit 1
;;
esac
exit 0
Setandopermissão
# chmod+x /etc/init.d/samba
# update-rc.dsambadefaults
Criandoa pasta de perfismoveis
# mkdir/opt/samba/var/profiles

9. # chmod-R 1777 profiles
Criandoo Compartilhamento
# cd /home
# mkdir/Dados
# mkdir/Dados/Diretoria...Financeiro...Rh...Comercial...Publica...Tecnico...
Adicionandodiretóriosaosmb.conf
# vim/opt/samba/etc/smb.conf
# Global parameters
[global]
workgroup= shark
realm= samba4.shark.net
netbiosname = samba4
serverrole = active directorydomaincontroller
dns forwarder= 200.189.80.43
[netlogon]
path = /opt/samba/var/locks/sysvol/xirux.local/scripts
read only= No
[sysvol]
path = /opt/samba/var/locks/sysvol
read only= No
[profiles]
Path = /opt/samba/var/profiles

10. Readonly= no
[Dados]
path = /home/Dados
comment= CompartilhamentosdaRede
read only= No
[Diretoria]
path = /home/Dados/Diretoria
comment= Pasta Diretoria
read only= No
[Rh]
path = /home/Dados/Rh
comment= PastaRh
read only= No
[Financeiro]
path = /home/Dados/Financeiro
comment= PastaFinanceiro
read only= No
[Tecnico]
path = /home/Dados/Tecnico
comment= PastaTecnico
read only= No

11. [Comercial]
path = /home/Dados/Comercial
comment= PastaComercial
read only= No
[Publica]
path = /home/Dados/Publica
comment= PastaPublica
readonly= no
SetandopermissoesaosDiretorios
# chownroot:usersDados/ -R
# chmod770 /home/dados/ -R
# chownroot:users/opt/samba/var/profiles/ -R
# chmod770 /opt/samba/var/profiles
As demaisconfiguracoesrelativasacriacaode usuarios,gerenciamentode compartilhamentos
podeme devemserfeitospelasFerramentasde GerenciamentodoWindowsServer2008,
instaladosnoWindows7ou 8.
Os perfisMoveis;Basicamente,crieiumapastaem/opt/samba/profiles,apontei no
/opt/samba/etc/smb.conf e adicionei aoperfildousuárionoAD:
samba4profiles%USERNAME%
Eduardo Charquero
Tecnólogo em Redes de Computadores
Administrador de Sistemas Linux
Linux user & 529578
e-mail: eduardo.charquero@hotmail.com