Config files on CentOS: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
{{AdWords}} | |||
'''Please go [[Using Active Directory for CentOS |to this document]] For a working config.''' | '''Please go [[Using Active Directory for CentOS |to this document]] For a working config.''' | ||
Revision as of 13:08, 14 December 2007
Please go to this document For a working config.
/etc/krb5.conf
[logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = SWEETNAM.EU dns_lookup_realm = true dns_lookup_kdc = true [realms] SWEETNAM.EU = { kdc = 172.20.1.1:88 admin_server = 172.20.1.1:749 default_domain = sweetnam.eu kdc = 172.20.1.1 } [domain_realm] .sweetnam.eu = SWEETNAM.EU sweetnam.eu = SWEETNAM.EU [kdc] profile = /var/kerberos/krb5kdc/kdc.conf [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false }
/etc/samba/smb.conf
[global] idmap gid = 500-10000000 client use spnego = yes domain master = no winbind trusted domains only = yes winbind use default domain = yes realm = SWEETNAM.EU template shell = /bin/bash netbios name = CENTOS password server = 172.20.1.1 winbind enum users = no idmap uid = 500-10000000 template homedir = /home/%D/%U workgroup = SWEETNAM winbind enum groups = no security = ads winbind separator = +
/etc/nsswitch.conf
passwd: compat winbind files shadow: compat winbind files group: compat winbind files hosts: files dns bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files winbind rpc: files services: files winbind netgroup: files winbind publickey: nisplus automount: files winbind aliases: files nisplus
/etc/pam.d/system-auth
auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth sufficient /lib/security/$ISA/pam_krb5.so use_first_pass auth sufficient /lib/security/$ISA/pam_smb_auth.so use_first_pass nolocal auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass auth required /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so broken_shadow account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet account sufficient /lib/security/$ISA/pam_krb5.so account sufficient /lib/security/$ISA/pam_winbind.so account required /lib/security/$ISA/pam_permit.so password requisite /lib/security/$ISA/pam_cracklib.so retry=3 password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow password sufficient /lib/security/$ISA/pam_krb5.so use_authtok password sufficient /lib/security/$ISA/pam_winbind.so use_authtok password required /lib/security/$ISA/pam_deny.so session required /lib/security/$ISA/pam_limits.so session required /lib/security/$ISA/pam_unix.so session optional /lib/security/$ISA/pam_krb5.so