samba 做简单域控

原創 jfchl 2019-02-23 13:35

samba做简单域控

看到论坛上有些人在讨论用samba做域控制器的问题,其实我个人认为真正做网路管理的话,AD是不二的选择

功能全而且强大,如想熟悉哈linux,自己玩哈还是可以的,将本次实验的过程贴出来,欢迎大家来踩!!

本实验的功能非常简单,只是将windows加入到了域中,管控功能没有,就连客户端关机的权利也没有,希望有高人指点!email:[email protected]

关闭iptables、selinux

  [root@mycentos ~]# rpm -qa |grep samba
samba-common-3.0.33-3.28.el5
samba-client-3.0.33-3.28.el5
samba-3.0.33-3.28.el5
[root@mycentos ~]#

smb.conf 配置如下


[global]
        workgroup = max.com       #域名
        server string = Samba Server Version %v
        netbios name = mycentos   #主机名
        interfaces = eth0
        hosts allow = 127. 192.168.12. 192.168.0.
# --------------------------- Logging Options -----------------------------
        # logs split per machine;
        log file = /var/log/samba/%m.log
        # max 50KB per log file, then rotate;
        max log size = 50
# ----------------------- Domain Controller Options ------------------------
        security = user

        passdb backend = tdbsam
        domain master = yes
        domain logons = yes
        logon script =startup.bat  #当client登陆时映射到本地的目录
# ----------------------- Browser Control Options ----------------------------
        local master = no
        os level = 200
        preferred master = yes
#============================ Share Definitions ==============================
[share]
        comment = share
        path = /home/samba
        browseable = yes
        public = yes
[homes]
        comment = Home Directories
        browseable = no
        writable = yes
;       valid users = %S
;       valid users = MYDOMAIN\%S
# Un-comment the following and create the netlogon directory for Domain Logons
        [netlogon]                                  #存放startup.bat 的文件夹
        comment = Network Logon Service
        path = /home/samba/netlogon
        guest ok = yes
        writable = no
        share modes = no
        follow symlinks=yes

 

  mkdir -p /home/samba/netlogon

  

   在netlogon中touch starup.bat文件

[root@mycentos ~]# cat /home/samba/netlogon/startup.bat
net time \\mycentos /set /yes
net use k: \\mycentos\share      #将share 挂载为client的k盘

[root@mycentos ~]# unix2dos /home/samba/netlogon/startup.bat    # 转换为windows格式

 

groupadd machine                                                              #创建机器组

useradd  -g machine -s /bain/false -d /dev/null jf1$     # 增加机器用户(jf1为计算机名)

smbpasswd -a -m jf1$                                                       #加机器用户t到samba密码中

smbpasswd -a root                                                             #并非liunx系统用户,是client加入域时需要

useradd -a zz                                                                        #真正的登陆用户

smbpasswd -a zz

 

 

启动samba服务:


  [root@mycentos ~]# tail /var/log/messages
Dec  4 20:50:31 mycentos nmbd[7529]:   Attempting to become domain master browser on workgroup MAX.COM on subnet 192.168.0.200
Dec  4 20:50:31 mycentos nmbd[7529]: [2010/12/04 20:50:31, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(303)
Dec  4 20:50:31 mycentos nmbd[7529]:   become_domain_master_browser_bcast: querying subnet 192.168.0.200 for domain master browser on workgroup MAX.COM

测试:

 

 

 

 

 

 

 
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

Linux基本操作命令

wbzjacky 2019-02-24 13:12:38

444句英语

wbzjacky 2019-02-24 13:12:37

真实的模拟***综合实验

wbzjacky 2019-02-24 13:12:37

三层交换机的HSRP、vlan、端口聚合

wbzjacky 2019-02-24 13:12:37

HSRP和二层交换机的端口聚合、vlan

wbzjacky 2019-02-24 13:12:37

路遇一个“乞讨者“

楊木藝 2019-02-24 14:19:35

如果同事暗中伤害你,应该怎么办?

這個饅頭有餡 2019-02-24 13:59:08

职场中,抱怨越多的员工,越被领导瞧不起!

這個饅頭有餡 2019-02-24 13:59:08

老程序员被裁,应届生却能月薪 1.3 万?这你能忍?

前端高達 2019-02-24 13:48:04

遇到到处蹭吃却从不请客吃饭的主怎么办?

樑軍年 2019-02-24 13:26:35

高标准机房综合配线安装

wbzjacky 2019-02-24 13:12:38

IPsec ***实验

wbzjacky 2019-02-24 13:12:37

网络系统集成

wbzjacky 2019-02-24 13:12:37

CISCO路由AAA的Easy ***

wbzjacky 2019-02-24 13:12:37

CISCO访问控制列表 企业网络管理的必杀技

wbzjacky 2019-02-24 13:12:37