Linux加入Windows域的操作步骤
2010-07-23 08:20:50 来源:WEB开发网核心提示: OK,用图形的好处就是方便快捷,但是这样只适合rh系统,Linux加入Windows域的操作步骤(3),别的linux系统咋办呢?别急,这个工具其实就是编辑以下三个配置文件:/etc/nsswitch.conf passwd:files winbind(就是先读files 然后再通过winbind认证) shad
OK,用图形的好处就是方便快捷,但是这样只适合rh系统。别的linux系统咋办呢?别急。这个工具其实就是编辑以下三个配置文件:
/etc/nsswitch.conf passwd:files winbind(就是先读files 然后再通过winbind认证) shadow:files winbind group:files winbind /etc/krb5.conf [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = RAINBIRD.NET(默认的域名) dns_lookup_realm = false dns_lookup_kdc = false ticket_lifetime = 24h forwardable = yes [realms] EXAMPLE.COM = { kdc = kerberos.example.com:88 admin_server = kerberos.example.com:749 default_domain = example.com } RAINBIRD.NET = { kdc = 192.168.1.241:88(域服务器) kdc = 192.168.1.241 } [domain_realm] .example.com = EXAMPLE.COM example.com = EXAMPLE.COM rainbird.net = RAINBIRD.NET .rainbird.net = RAINBIRD.NET [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } /etc/samba/smb.conf workgroup = RAINBIRD//域名 password server = 192.168.1.241//域服务器 realm = RAINBIRD.NET security = ads//必须启用 idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/bash winbind use default domain = false (改成true) winbind offline logon = false(改成true) template homedir = /home/%U winbind separator = / winbind enum users = Yes winbind enum groups = Yes红色部分就是工具自动修改的了,但是smb.conf修改的不彻底,还不能满足我们的要求,怎么办呢?手动把蓝色部分加上,并把那两个false改成ture,然后设置samba的开机自动启动chkconfig smb on,service smb on启动服务,然后就是手工把linux加入到windows了。
OK,重启linux,这时候用一个域用户登陆linux如果提示用户或密码验证失败,说明你重启之前的东西没配置对。仔细检查一下哪里不对呢?
如果提示如下,那么恭喜你,可以继续下一个话题了。
更多精彩
赞助商链接