首先,重置虛擬機,使其主機名爲server5
ip爲172.25.5.10/11
配置yum源 http://172.25.5.254/content/rhel7
這個地址是可以在火狐中找到yum源的
然後yum clean all
如果出現一串串(看截屏pid)要執行 kill -9 pid編號
然後再yum clean all
之後建立腳本,然後執行(或者先下載sssd和krb5用authconfig-tui手動選擇配置)
注:密碼是kerboros
[root@server5 ~]# cat /bin/vm_authconfig.sh
#!/bin/bash
echo "install packages..."
yum install sssd krb5-workstation -y &>/dev/null
echo "config authconfig..."
authconfig \
--enableldap \
--enablekrb5 \
--disableldapauth \
--enableldaptls \
--ldapserver="classroom.example.com" \
--ldapbasedn="dc=example,dc=com" \
--ldaploadcacert=http://172.25.254.254/pub/example-ca.crt \
--krb5kdc="classroom.example.com" \
--krb5adminserver="classroom.example.com" \
--update
echo "ok !!"
##此時可以切換,但是沒有家目錄
完善腳本;
[root@server5 ~]# vim /bin/vm_authconfig.sh
[root@server5 ~]# vm_authconfig.sh
install packages...
config authconfig...
config autofs...
ok !!
[root@server5 ~]# cat /bin/vm_authconfig.sh
#!/bin/bash
echo "install packages..."
yum install sssd krb5-workstation autofs -y &>/dev/null
echo "config authconfig..."
authconfig \
--enableldap \
--enablekrb5 \
--disableldapauth \
--enableldaptls \
--ldapserver="classroom.example.com" \
--ldapbasedn="dc=example,dc=com" \
--ldaploadcacert=http://172.25.254.254/pub/example-ca.crt \
--krb5realm="EXAMPLE.COM" \
--krb5kdc="classroom.example.com" \
--krb5adminserver="classroom.example.com" \
--update
echo "config autofs..."
echo "/home/guests /etc/auto.ldap" >>/etc/auto.master
echo "* 172.25.254.254:/home/guests/&" >>/etc/auto.ldap
systemctl restart autofs
echo "ok !!"
[root@server5 ~]# su - ldapuser1
Last login: Sun Apr 30 04:22:37 EDT 2017 on pts/1
[ldapuser1@server5 ~]$ touch file{1..8}
[ldapuser1@server5 ~]$ ls
1 3 5 file1 file3 file5 file7 ldapuser1
2 4 Desktop file2 file4 file6 file8
[ldapuser1@server5 ~]$ exit
logout
[root@server5 ~]#
之後可以在server用ldapuser1登陸,密碼爲kerberos。可以看到剛纔建立的文件
手動方式:
先下載sssd和krb5用authconfig-tui手動選擇配置
設置自動掛載
文件內容: