Installazione Primary Domain Controller: Difference between revisions

From RVM Wiki
Jump to navigation Jump to search
Newer edit →
VisualWikitext
mNo edit summary
 
mNo edit summary
Line 24: Line 24:


/dev/md0 on / type ext3 (rw,errors=remount-ro,acl)
/dev/md0 on / type ext3 (rw,errors=remount-ro,acl)
== Configurazione di base ==
Impostare i seguenti parametri:
<pre>
export DOMAIN_NAME=GSSPA
export SERVER_NAME=GSSERVER
</pre>
Modificare i seguenti parametri in /etc/samba/samba.conf:
<pre>
cd /etc/samba
mv smb.conf smb.conf.ori
cat > smb.conf <<EOFile
[global]
        # user and group  management
                add group script = /usr/sbin/groupadd %g
                delete group script = /usr/bin/net groupmap delete ntgroup="%g" ; /usr/sbin/groupdel "%g"
                add user to group script = /usr/bin/gpasswd -a %u %g
                delete user from group script = /usr/bin/gpasswd -d %u %g
                #
                add user script = /usr/sbin/useradd -m %u
                delete user script = /usr/sbin/userdel -r %u
                add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u
                username map = /etc/samba/user.map
                #
                passdb backend = tdbsam
                unix password sync = yes
                passwd program = /usr/bin/passwd %u
                passwd chat = "*Enter new UNIX password*" %n\n "*Retype new UNIX password*" %n\n "*password updated
successfully*" .
        # Network role parameter
                netbios name = $SERVER_NAME
                workgroup = $DOMAIN_NAME
                domain master = yes
                domain logons = yes
                security = user
                local master = yes
                os level = 99
                time server = yes
                encrypt passwords = true
                logon home = \\%L\%U
                logon script = user.cmd
                logon path = \\%L\Profiles\%U
                logon drive = P:
        # Administrators users
                admin users = administrator
                printer admin = administrator
# Logging settings
        syslog = 0
        syslog only = no
        log file = /var/log/samba/smbd
#      log level = 3
#      debug timestamp = yes
[homes]
        comment = Home Directories
        valid users = %S
        read only = no
        browseable = no
        path = /files/homes/%S
[homes$]
        comment = Home Directories
        admin users = root, administrator, @domainadmins
        read only = no
        browseable = no
        path = /files/homes
[netlogon]
        comment = Domain Logon Service
        path = /files/netlogon
        admin users = administrator, @domainadmins
        write list = administrator, @domainadmins
        guest ok = yes
        browsable = no
[Profiles]
        comment = Roaming Profile Share
        path = /files/profiles
        read only = No
        profile acls = Yes
[Dati]
        writeable = yes
        path = /files/dati
        admin users = root, administrator, @domainadmins
        inherit permissions = yes
        inherit acls = yes
[Install]
        writeable = yes
        create mode = 775
        path = /files/install
        directory mode = 775
EOFile
</pre>
== Creare le directory per le condivisioni ==
<pre>
mkdir -p /files/install /files/dati /files/profiles /files/netlogon /files/homes</pre>

Revision as of 14:58, 15 December 2005

Installazione Pacchetti

Installare secondo le opzioni standard: 

apt-get install samba samba-client acl

Abilitazione ACL

Per poter utilizare i diritti sui files, è necessario abilitare le ACL sui filesystem utilizzati per lo storage dei dati samba.

Supponendo do usare una sola partizione, aggiungere l'opzione acl alla partizione: 

vi /etc/fstab

/dev/md0        /               ext3    defaults,errors=remount-ro,acl 0       1

Rimontare il filesystem: 

mount / -o remount

Verificare che sia attivo il paramtero acl 

mount

/dev/md0 on / type ext3 (rw,errors=remount-ro,acl)

Configurazione di base

Impostare i seguenti parametri: 

export DOMAIN_NAME=GSSPA
export SERVER_NAME=GSSERVER

Modificare i seguenti parametri in /etc/samba/samba.conf: 

cd /etc/samba
mv smb.conf smb.conf.ori
cat > smb.conf <<EOFile
[global]
        # user and group  management
                add group script = /usr/sbin/groupadd %g
                delete group script = /usr/bin/net groupmap delete ntgroup="%g" ; /usr/sbin/groupdel "%g"
                add user to group script = /usr/bin/gpasswd -a %u %g
                delete user from group script = /usr/bin/gpasswd -d %u %g
                #
                add user script = /usr/sbin/useradd -m %u
                delete user script = /usr/sbin/userdel -r %u
                add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u
                username map = /etc/samba/user.map
                #
                passdb backend = tdbsam
                unix password sync = yes
                passwd program = /usr/bin/passwd %u
                passwd chat = "*Enter new UNIX password*" %n\n "*Retype new UNIX password*" %n\n "*password updated
 successfully*" .

        # Network role parameter
                netbios name = $SERVER_NAME
                workgroup = $DOMAIN_NAME
                domain master = yes
                domain logons = yes
                security = user
                local master = yes
                os level = 99
                time server = yes
                encrypt passwords = true
                logon home = \\%L\%U
                logon script = user.cmd
                logon path = \\%L\Profiles\%U
                logon drive = P:
        # Administrators users
                admin users = administrator
                printer admin = administrator
# Logging settings
        syslog = 0
        syslog only = no
        log file = /var/log/samba/smbd
#       log level = 3
#       debug timestamp = yes

[homes]
        comment = Home Directories
        valid users = %S
        read only = no
        browseable = no
        path = /files/homes/%S

[homes$]
        comment = Home Directories
        admin users = root, administrator, @domainadmins
        read only = no
        browseable = no
        path = /files/homes

[netlogon]
        comment = Domain Logon Service
        path = /files/netlogon
        admin users = administrator, @domainadmins
        write list = administrator, @domainadmins
        guest ok = yes
        browsable = no

[Profiles]
        comment = Roaming Profile Share
        path = /files/profiles
        read only = No
        profile acls = Yes

[Dati]
        writeable = yes
        path = /files/dati
        admin users = root, administrator, @domainadmins
        inherit permissions = yes
        inherit acls = yes

[Install]
        writeable = yes
        create mode = 775
        path = /files/install
        directory mode = 775
EOFile

Creare le directory per le condivisioni


mkdir -p /files/install /files/dati /files/profiles /files/netlogon /files/homes
Retrieved from "https://kb.rvmgroup.it/index.php?title=Installazione_Primary_Domain_Controller&oldid=1401"