Difference between revisions of "Using Active Directory for CentOS"

From RSWiki
Jump to navigation Jump to search
Line 3: Line 3:
 
Also this guide is specific to Samba 3.
 
Also this guide is specific to Samba 3.
 
   
 
   
Step 1: Edit /etc/krb5.conf to look like the following, substituting EXAMPLE.DIRECTORY and example.directory with your active directory domain name. Where ever block capitals are used then make sure your own domain name is in block capitals also.
+
'''Step 1: Edit /etc/krb5.conf'''
 +
 
 +
Edit /etc/krb5.conf to look like the following, substituting EXAMPLE.DIRECTORY and example.directory with your active directory domain name. Where ever block capitals are used then make sure your own domain name is in block capitals also. The lins in the realms section kdc = 10.0.0.1 should be replaced with the hostname or the IP address of your active directory controller.
 
   
 
   
 
  [logging]
 
  [logging]
Line 37: Line 39:
 
       krb4_convert = false
 
       krb4_convert = false
 
  }
 
  }
 +
 +
 +
'''Step 2: Configure smb.conf'''
 +
 +
I found it easier to make a backup of the existing smb.conf and then replacing it with the basic one below. You can add shares later.
 +
 +
[global]
 +
security = ads
 +
netbios name = HOSTNAME
 +
realm = EXAMPLE.DIRECTORY
 +
password server = domainserver.example.directory
 +
workgroup = DOMAIN
 +
idmap uid = 500-10000000
 +
idmap gid = 500-10000000
 +
winbind separator = +
 +
winbind enum users = no
 +
winbind enum groups = no
 +
winbind use default domain = yes
 +
template homedir = /home/%D/%U
 +
template shell = /bin/bash
 +
client use spnego = yes
 +
domain master = no

Revision as of 14:20, 15 May 2006

I am using a default server installation of CentOS with X, KDE and Gnome added. Also i enabled the text editor option for VIM in the package selection section of the installer.

Also this guide is specific to Samba 3.

Step 1: Edit /etc/krb5.conf

Edit /etc/krb5.conf to look like the following, substituting EXAMPLE.DIRECTORY and example.directory with your active directory domain name. Where ever block capitals are used then make sure your own domain name is in block capitals also. The lins in the realms section kdc = 10.0.0.1 should be replaced with the hostname or the IP address of your active directory controller.

[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log 

[libdefaults]
ticket_lifetime = 24000
default_realm = EXAMPLE.DIRECTORY
dns_lookup_realm = false
dns_lookup_kdc = false 

[realms]
EXAMPLE.DIRECTORY = {
kdc = 10.0.0.1
default_domain = example.directory
}

[domain_realm]
.example.directory = EXAMPLE.DIRECTORY
example.directory = EXAMPLE.DIRECTORY

[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
pam = {
     debug = false
     ticket_lifetime = 36000
     renew_lifetime = 36000
     forwardable = true
     krb4_convert = false
}


Step 2: Configure smb.conf

I found it easier to make a backup of the existing smb.conf and then replacing it with the basic one below. You can add shares later.

[global]
security = ads
netbios name = HOSTNAME
realm = EXAMPLE.DIRECTORY
password server = domainserver.example.directory
workgroup = DOMAIN
idmap uid = 500-10000000
idmap gid = 500-10000000
winbind separator = +
winbind enum users = no
winbind enum groups = no
winbind use default domain = yes
template homedir = /home/%D/%U
template shell = /bin/bash
client use spnego = yes
domain master = no