一、免密登陆设置
1.1、安装及启动服务
[root@localhost /]# yum install samba -y
[root@localhost /]# systemctl start smb
[root@localhost /]# systemctl enable smb
1.2、修改配置文件
[root@localhost /]# vim /etc/samba/smb.conf
[global]
workgroup = SAMBA
security = user
map to guest = bad user #新增,用于免密登陆
[samba]
comment = samba #目录名称
path = /home/samba #服务器端共享目录
public = yes
writable = yes #写入权限
browseable = yes #访问权限
guest ok = yes #允许guest账户访问
[root@localhost /]# mkdir /home/samba #创建共享目录
[root@localhost /]# chmod -R 777 /home/samba/ #提权
[root@localhost /]# systemctl restart smb #重启服务
二、密码登陆
2.1、安装及启动服务
[root@localhost /]# yum install samba -y
[root@localhost /]# systemctl start smb
[root@localhost /]# systemctl enable smb
2.2、修改配置文件
[root@localhost /]# vim /etc/samba/smb.conf
[global]
workgroup = SAMBA
security = user
[samba]
comment = samba #目录名称
path = /home/samba #服务器端共享目录
public = yes
writable = yes #写入权限
browseable = yes #访问权限
valid users = test
[root@localhost ~]# smbpasswd -a test
[root@localhost /]# mkdir /home/samba #创建共享目录
[root@localhost /]# chmod -R 777 /home/samba/ #提权
[root@localhost /]# systemctl restart smb #重启服务
三、SMB加入域控服务器
3.1、安装及启动服务
[root@localhost /]# yum install samba -y
[root@localhost /]# systemctl start smb
[root@localhost /]# systemctl enable smb
3.2、修改hosts
[root@localhost /]# vim /etc/hosts
192.168.1.1 TEST.COM.LOCAL #添加域服务器hosts
3.3、修改dns
[root@localhost /]# vim /etc/resolv.conf
nameserver 192.168.1.1 #域服务器IP
3.4、修改krb
[root@localhost /]# vim /etc/krb5.conf
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
default_realm = TEST.COM.LOCAL #去掉注释,修改成域名
default_ccache_name = KEYRING:persistent:%{uid}
[realms] #修改处
TEST.COM.LOCAL = {
default_domain = TEST.COM.LOCAL
admin_server = 192.168.1.1
kdc = 192.168.1.1
}
test.com.local = {
}
[domain_realm] #修改处
.test.com.local = TEST.COM.LOCAL
test.com.local = TEST.COM.LOCAL
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
3.5、修改nsswitch
[root@localhost /]# vim /etc/nsswitch.conf
passwd: files sss winbind
shadow: files sss winbind
group: files sss winbind
3.6、修改配置文件
[root@localhost /]# vim /etc/samba/smb.conf
workgroup = TEST
password server = 192.168.1.1
realm = TEST.COM.LOCAL
security = ads
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
winbind separator = /
template shell = /sbin/nologin
winbind use default domain = true
winbind offline logon = false
map to guest = bad user
guest account = nobody
unix charset = utf8
display charset = utf8
workgroup = TEST
realm = TEST.COM.LOCAL
server string = FILE-SERVER
bind interfaces only = Yes
security = ADS
password server = 192.168.1.1
server signing = auto
client use spnego = No
load printers = No
dns proxy = No
template shell = /sbin/nologin
winbind separator = /
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
winbind rpc only = Yes
idmap config * : range = 16777216-33554431
idmap config * : backend = tdb
[printer]
comment = smb
path = /home/samba
valid users = zhangsan #账号访问限制
write list = zhangsan #域账号
create mask = 0777
force create mode = 0777
directory mask = 0777
force directory mode = 0777
guest ok = Yes
3.7、加入域
[root@localhost /]# yum install -y krb-workstation
[root@localhost /]# net ads join -U admin@test.com #加入域
3.8、启动相关服务
[root@localhost /]# mkdir /home/samba
[root@localhost /]# chmod -R 777 /home/samba/
[root@localhost /]# systemctl start smb
[root@localhost /]# systemctl start nmb
[root@localhost /]# systemctl start winbind
扫一扫
557
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
