Linux Samba и AD :: В помощь системному администратору

Собрал из старых компов тестовую сеть

Домен - MYDOMAIN.LOCAL
Контроллер домена Server 2003 SP2 - pdk.mydomain.local 192.168.17.1
Клиент домена Windows 2000 SP4 - anatol.mydomain.local 192.168.17.2
Линуксовая машина CentOS 5.1 - cent.mydomain.local 192.168.17.200

Для чистоты эксперимента сделал :
a. Чистая установка домена Server 2003 SP2 - pdk.mydomain.local 192.168.17.1
При поднятии домена выбрал "Разрешения, совместимые с серверами пред-Windows 2000"
b. Установка и подключение клиента домена Windows 2000 SP4 - anatol.mydomain.local 192.168.17.2
c. Базовая установка линукс CentOS 5.1 - cent.mydomain.local 192.168.17.200
d. Настройка Линуксовой машины :
1. Команда setup и отключаем SELinux(на время первичной настройки)
service iptables stop

2. Настроил сетевые интерфейсы

3. /etc/resolv.conf
search mydomain.local
domain mydomain.local
nameserver 192.168.17.1

4. /etc/sysconfig/netvork
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=cent

5. /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.17.1 pdk.mydomain.local pdk
192.168.17.200 cent.mydomain.local cent

6. /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

[libdefaults]
default_realm = MYDOMAIN.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
forwardable = yes

[realms]
MYDOMAIN.LOCAL = {
kdc = pdk.mydomain.local:88
admin_server = pdk.mydomain.local:749
default_domain = mydomain.local
}

[domain_realm]
.mydomain.local = MYDOMAIN.LOCAL
mydomain.local = MYDOMAIN.LOCAL

[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}

7. Установил SAMBA Server
rpm -ihv /media/CentOS/samba-common-3.0.23c-2.i386.rpm
rpm -ihv /media/CentOS/samba-3.0.23c-2.i386.rpm
rpm -ihv /media/CentOS/xinetd-2.3.14-10.el5.i386.rpm ?

8. Синхронизировал время на Linux с pdk Windows.
net time set -S pdk.mydomain.local

9. Получил билет Kerberos
kinit Admin@MYDOMAIN.COM
Admin@MYDOMAIN.COM 's Password:

10. /etc/samba/smb.conf
#======================= Global Settings =====================================
[global]
workgroup = MYDOMAIN
server string = cent
netbios name = CENT
interfaces = eth1 192.168.17.200/24
hosts allow = 127. 192.168.17.
dos charset = cp866
unix charset = UTF8
encrypt passwords = yes
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind use default domain = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

# --------------------------- Logging Options -----------------------------
log file = /var/log/samba/%m.log
max log size = 50
# ----------------------- Standalone Server Options ------------------------
security = ads
passdb backend = tdbsam
# ----------------------- Domain Members Options ------------------------
security = ads
passdb backend = tdbsam
realm = MYDOMAIN.LOCAL
password server = pdk.mydomain.local
# --------------------------- Printing Options -----------------------------
load printers = yes
cups options = raw
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = no
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
[public]
path = /home/public
public = yes
only guest = no
writable = yes
printable = no
browseable = no

11. mkdir /home/public
cd /home/
chmod o+rwx public

12. Подсоединяемся к домену
net ads join -U admin
admin's password:
Using short domain name -- MYDOMAIN
Joined 'CENT' to realm 'MYDOMAIN.LOCAL'

А дальше начались проблемы :

#wbinfo -u
Error looking up domain users

#wbinfo -p
Ping to winbind failed on fd -1
could not ping winbindd!

Подскажите куда копать? Чего ему может не хватать ?

Модерирует : lynx, Crash_Master, dg, emx, ShriEkeR
Версия для печати • Подписаться • Добавить в закладки