Вот еще вопрос
вот поднял еще один файловый сервак для эксперементов токо вот на запрос
id popov
id: popov: no such user
Вот конфы керберос и самбы
Код: Выделить всё
[libdefaults]
default_realm = DOMAIN.LOCAL
[realms]
DOMAIN.LOCAL = {
kdc = DOMAIN.LOCAL
admin_server = DOMAIN.LOCAL
}
[domain_realm]
.domain.local = DOMAIN.LOCAL
[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log
Код: Выделить всё
[global]
workgroup = DOMAIN
security = ADS
password server = DOMAIN.LOCAL
realm = DOMAIN.LOCAL
netbios name = files2
server string = SAMBA shares server
log file = /var/log/samba/%m.%U.log
max log size = 50000
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind use default domain = yes
display charset = koi8-r
unix charset = koi8-r
dos charset = 866
template homedir = /shares/mail/%U
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
# browseable = No
use client driver = yes
public = yes
#[data]
# comment = Shares for Documents
# path = /shares/data
# read list = "DOMAIN\Domain Users"
# write list = "@DOMAIN\Domain Users"
# admin users = "@DOMAIN\Admin Users", DOMAIN\l
# read only = No
# create mask = 0660
# directory mask = 0770
# inherit owner = yes
# inherit acls = yes
# inherit permissions = yes
# map acl inherit = yes
# locking = no
Шары пока не делал
вот /etc/nsswitch.conf
Код: Выделить всё
group: files winbind
group_compat: nis
hosts: files dns
networks: files
passwd: files winbind
passwd_compat: nis
shells: files
/etc/hosts
Код: Выделить всё
::1 localhost.domain.local localhost
127.0.0.1 localhost.domain.local localhost
192.168.100.125 files2.domain.local files2
192.168.100.125 files2.domain.local.
192.168.100.2 server2.domainlocal server2
files2$ kinit afanasiev
afanasiev@DOMAIN.LOCAL's Password:
kinit: NOTICE: ticket renewable lifetime is 1 week
files2$
получил билет
далее
files2$ net join -U afanasiev
afanasiev's password:
Using short domain name -- DOMAIN
Joined 'FILES2 to realm 'DOMAIN.LOCAL'
files2$
потом id popov
id: popov: no such user