Quote:
Originally Posted by Slax-Dude
No need for AD users to login into the linux box(es) at all.
|
**Remove slackware samba package
Code:
slackpkg remove samba
**Save these downloads to the Downloads dir
Kerberos
http://web.mit.edu/Kerberos/dist/ (i used this one
http://web.mit.edu/Kerberos/dist/krb...1.7-signed.tar)
Berkley DB (i used an old version that i know works with both versions of slackware i mentioned and tested)
http://www.bayour.com/kerberos/sleepycat_3.0.55.tar.gz
Openldap
http://www.openldap.org/software/download/ (I used this one
ftp://ftp.openldap.org/pub/OpenLDAP/...dap-2.4.19.tgz )
Samba
http://www.samba.org/samba/ftp/ (I used this one
http://www.samba.org/samba/ftp/samba-3.4.3.tar.gz )
**Start installing (Order does matter)
Kerberos
Code:
cd ~
* Extract source
o tar -xvf Downloads/krb5-1.7-signed.tar
o tar -xzvf krb5-1.7.tar.gz
* Configure source
o cd krb5-1.7/src
o ./configure --prefix=/usr --enable-shared --with-ccopts="-g -02 -D_REENTRANT" --localstatedir=/etc --mandir=/usr/share/man --without-tcl
* Compile and Install
o make all
o make install
o vi /etc/krb5.conf
Paste this and replace WHATEVER.COM with your domain and server.whatever.com with the fqdn of your domain controller
Code:
[libdefaults]
default_realm = WHATEVER.COM
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
forwardable = yes
clockskew = 300
[realms]
WHATEVER.COM = {
kdc = server.whatever.com:88
admin_server = server.whatever.com:749
default_domain = whatever.com
passwd_server = server.whatever.com
}
[domain_realm]
.whatever.com = WHATEVER.COM
whatever.com = WHATEVER.COM
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
Test installation (again replacing with your domain info (caps matter) and a valid user on AD
Code:
kinit aduser@WHATEVER.COM
kilst
Berkley DB
Code:
cd ~
* Extract source
o tar -xzvf Downloads/cyrus-sasl-2.1.23.tar.gz
* Configure source
o cd sleepycat-3.0.55.orig/
o cd build_unix/
o ../dist/configure
* Compile and Install
o make all
o make install
OpenLDAP
Code:
cd ~
* Extract source
o tar -xzvf Downloads/openldap-2.4.19.tgz
* Configure source
o cd openldap-2.4.19/
o CPPFLAGS="-I/usr/local/BerkeleyDB.3.0/include";LDFLAGS="-L/usr/local/BerkeleyDB.3.0/lib";./configure --prefix=/usr --sysconfdir=/etc/ldap --disable-debug --disable-ipv6 --with-tls --with-kerberos --with-cyrus-sasl --with-threads --enable-null --enable-kpasswd --enable-slapd --enable-crypt --enable-spasswd
* Compile and Install
o make depend
o make all
o make install
Samba
Code:
cd ~
* Extract source
o tar -xzvf Downloads/samba-3.4.3.tar.gz
* Configure source
o cd samba-3.4.3/source3/
o ./configure --prefix=/usr --sysconfdir=/etc/samba --with-privatedir=/etc/samba/private --with-ldap --with-ads --with-krb5=/usr --with-cifsmount --without-sys-quotas
* Compile and Install
o make all
o make install
o cd ..
o cp nsswitch/libnss_wins.so /lib/
o cp nsswitch/libnss_winbind.so /lib/
o cd /lib/
o ln -s libnss_wins.so libnss_wins.so.2
o ln -s libnss_winbind.so libnss_winbind.so.2
Configure rc.samba (if it doesn't exist create and make it executable /etc/rc.d/rc.samba)
Code:
#!/bin/sh
#
# /etc/rc.d/rc.samba
#
# Start/stop/restart the Samba SMB file/print server.
#
# To make Samba start automatically at boot, make this
# file executable: chmod 755 /etc/rc.d/rc.samba
#
samba_start() {
if [ -x /usr/sbin/smbd -a -x /usr/sbin/nmbd -a -r /usr/lib/smb.conf ]; then
echo "Starting Winbind /usr/sbin/winbindd -D"
/usr/sbin/winbindd -D
echo "Starting Samba: /usr/sbin/smbd -D"
/usr/sbin/smbd -D
echo " /usr/sbin/nmbd -D"
/usr/sbin/nmbd -D
fi
}
samba_stop() {
killall smbd nmbd winbindd
}
samba_restart() {
samba_stop
sleep 2
samba_start
}
case "$1" in
'start')
samba_start
;;
'stop')
samba_stop
;;
'restart')
samba_restart
;;
*)
# Default is "start", for backwards compatibility with previous
# Slackware versions. This may change to a 'usage' error someday.
samba_start
esac
Configure smb.conf (if it doesn't exist create it /usr/lib/smb.conf) **(Caps matter replace as before)
Code:
[global]
workgroup = WHATEVER
server string = Slackware Samba Server
netbios name = slackserv
security = ADS
load printers = yes
log file = /var/log/samba.%m
max log size = 50
realm = WHATEVER.COM
password server = SERVER.WHATEVER.COM
security = ADS
encrypt passwords = yes
map to guest = never
client use spnego = yes
# idmap backend = rid:WHATEVER=10000-20000
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind separator = +
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
template shell = /bin/bash
template homedir = /home/%D/%u
loglevel = 10
passdb backend = tdbsam
bind interfaces only = yes
dns proxy = no
[homes]
comment = Home Directories
browseable = no
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
Configure etc hosts (make sure server name is properly set against IP)
Code:
127.0.0.1 localhost
10.8.0.38 server.Whatever.com server
Test the install
Code:
grep nobody /etc/passwd (should list the user nobody)
ldd /usr/sbin/smbd |grep krb5 (should list krb5 modules)
Join the domain if those were successful
Code:
net ads join -U administrator
If successful start the services
Code:
/etc/rc.d/rc.samba start
Verify they are running
Code:
echo smbd processes;pgrep smbd;echo winbindd processes;pgrep winbindd;echo nmbd processes;pgrep nmbd
Test you can retrieve an AD user
Code:
getent passwd aduser
Verify Domain trusts
Test local shares
Code:
smbclient -L server -U%
And that's it if you need AD login there are more steps and the installation order changes a little for the missing packages
Keep me posted on how it works out