Redhat 版本
Red Hat Enterprise Linux AS release 4(Nahant Update 8) 192.168.200.110
Dc
Windows2003
机器名domain.xmzq.com.cn 192.168.200.100
dc和dns 是同一台机器
step1、 安装一台redhat虚拟姐,版本为rl4
默认安装了所有软件包,这样在做是为了测试方便,实际上是可以定制安装的
step2、安装完成配置主机名
vi /etc/sysconfig/network ----修改hostname
如下:
NETWORKING=yes
HOSTNAME=redhatlinux
vi /etc/hosts ----修改host同时加入一条新纪录,dc的记录
如下:
# Do not remove the following line, or various programs
# that require network functionality will fail.
192.168.200.110 redhatlinux.xxxx.com.cn redhatlinux
192.168.200.100 XXXX.XXX.COM.CN
step3、检查软件是否安装
[root@redhatlinux home]# rpm -qa | grep samba
samba-3.0.33-0.17.el4
samba-client-3.0.33-0.17.el4
samba-common-3.0.33-0.17.el4
system-config-samba-1.2.21-1.el4.1
samba-swat-3.0.33-0.17.el4
[root@redhatlinux home]# rpm -qa | grep krb
pam_krb5-2.1.17-8.el4
krb5-server-1.3.4-62.el4
krb5-auth-dialog-0.2-1
krbafs-utils-1.2.2-6
krb5-libs-1.3.4-62.el4
krb5-workstation-1.3.4-62.el4
krbafs-devel-1.2.2-6
krb5-devel-1.3.4-62.el4
krbafs-1.2.2-6
step4、修改配置文件
/etc/samba/smb.conf
[global]
workgroup = XXXX
realm = XXXX.COM.CN
server string = Samba Server Version %v
security = ADS
password server = 192.168.200.100
passdb backend = tdbsam
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template homedir = /home/%U
template shell = /bin/bash
winbind separator = /
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
winbind offline logon = Yes
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
/etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = XXXX.COM.CN
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
EXAMPLE.COM = {
kdc = kerberos.example.com:88
admin_server = kerberos.example.com:749
default_domain = example.com
}
XXXX.COM.CN = {
kdc = 192.168.200.100:88
kdc = 192.168.200.100
kdc = 192.168.200.100
kdc = 192.168.200.100
}
XXXX.COM.CN = {
}
[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
/etc/nsswitch.conf
passwd: files winbind
shadow: files winbind
group: files winbind
step 5、重启smb服务和winbind
service smb restart
service winbind restart
并且加入自启动
chkconfig smb on
chkconfig winbind on
step 6、
连通性测试
kinin administrator@XXXX.COM.CN
这里域名必须大写
step7、
如果没问题
net ads join -S administrator@XXXX.COM.CN
转载于:https://blog.51cto.com/helloaben/1312695