Configurazione SAMBA
Installare i pacchetti:
apt install samba krb5-config winbind libpam-winbind libnss-winbind -ySalvare i file iniziali:
mv /etc/krb5.conf /etc/krb5.conf.backup
mv /etc/nsswitch.conf /etc/nsswitch.conf.backup
mv /etc/samba/smb.conf /etc/samba/smb.conf.backupFile /etc/krb5.conf:
[libdefaults]
default_realm = EAGLE.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = trueFile /etc/nsswitch.conf:
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files systemd winbind compat
group: files systemd winbind compat
shadow: files systemd compat winbind
gshadow: files systemd
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nisFile /etc/samba/smb.conf:
[global]
kerberos method = secrets and keytab
realm = EAGLE.LOCAL
workgroup = EAGLE
security = ads
passdb backend = tdbsam
printing = cups
server role = member server
server string = %h server
printcap name = /dev/null
load printers = no
cups options = raw
domain master = no
local master = no
preferred master = no
template shell = /bin/bash
winbind enum groups = Yes
winbind enum users = Yes
idmap config * : rangesize = 1000000
idmap config * : range = 1000000-19999999
idmap config * : backend = tdb
vfs objects = acl_xattr
# Cestino di rete
vfs object = recycle
recycle:repository = /mnt/mycephfs/recycle/
recycle:touch = Yes
recycle:keeptree = Yes
recycle:versions = Yes
recycle:noversions = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP
recycle:exclude = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP
recycle:excludedir = /recycle,/tmp,/temp,/TMP,/TEMP
# Cluster
# clustering = yes
[ceph-ACLs]
path = /mnt/mycephfs/FS
public = yes
writable = yes
guest ok = no
inherit acls = yesMettendo tutto insieme:
echo "[libdefaults]" >> /etc/krb5.conf
echo " default_realm = EAGLE.LOCAL" >> /etc/krb5.conf
echo " dns_lookup_realm = false" >> /etc/krb5.conf
echo " dns_lookup_kdc = true" >> /etc/krb5.conf
echo "# Example configuration of GNU Name Service Switch functionality." >> /etc/nsswitch.conf
echo "# If you have the `glibc-doc-reference' and `info' packages installed, try:" >> /etc/nsswitch.conf
echo "# \`info libc \"Name Service Switch\"' for information about this file." >> /etc/nsswitch.conf
echo "" >> /etc/nsswitch.conf
echo "passwd: files systemd winbind compat" >> /etc/nsswitch.conf
echo "group: files systemd winbind compat" >> /etc/nsswitch.conf
echo "shadow: files systemd compat winbind" >> /etc/nsswitch.conf
echo "gshadow: files systemd" >> /etc/nsswitch.conf
echo "" >> /etc/nsswitch.conf
echo "hosts: files dns" >> /etc/nsswitch.conf
echo "networks: files" >> /etc/nsswitch.conf
echo "" >> /etc/nsswitch.conf
echo "protocols: db files" >> /etc/nsswitch.conf
echo "services: db files" >> /etc/nsswitch.conf
echo "ethers: db files" >> /etc/nsswitch.conf
echo "rpc: db files" >> /etc/nsswitch.conf
echo "" >> /etc/nsswitch.conf
echo "netgroup: nis" >> /etc/nsswitch.conf
echo "[global]" > /etc/samba/smb.conf
echo " kerberos method = secrets and keytab" >> /etc/samba/smb.conf
echo " realm = EAGLE.LOCAL" >> /etc/samba/smb.conf
echo " workgroup = EAGLE" >> /etc/samba/smb.conf
echo " security = ads" >> /etc/samba/smb.conf
echo " passdb backend = tdbsam" >> /etc/samba/smb.conf
echo " printing = cups" >> /etc/samba/smb.conf
echo " server role = member server" >> /etc/samba/smb.conf
echo " server string = %h server" >> /etc/samba/smb.conf
echo " printcap name = /dev/null" >> /etc/samba/smb.conf
echo " load printers = no" >> /etc/samba/smb.conf
echo " cups options = raw" >> /etc/samba/smb.conf
echo " domain master = no" >> /etc/samba/smb.conf
echo " local master = no" >> /etc/samba/smb.conf
echo " preferred master = no" >> /etc/samba/smb.conf
echo " template shell = /bin/bash" >> /etc/samba/smb.conf
echo " winbind enum groups = Yes" >> /etc/samba/smb.conf
echo " winbind enum users = Yes" >> /etc/samba/smb.conf
echo " idmap config * : rangesize = 1000000" >> /etc/samba/smb.conf
echo " idmap config * : range = 1000000-19999999" >> /etc/samba/smb.conf
echo " idmap config * : backend = tdb" >> /etc/samba/smb.conf
echo " vfs objects = acl_xattr" >> /etc/samba/smb.conf
echo " # Cestino di rete" >> /etc/samba/smb.conf
echo " vfs object = recycle" >> /etc/samba/smb.conf
echo " recycle:repository = /mnt/mycephfs/recycle/" >> /etc/samba/smb.conf
echo " recycle:touch = Yes" >> /etc/samba/smb.conf
echo " recycle:keeptree = Yes" >> /etc/samba/smb.conf
echo " recycle:versions = Yes" >> /etc/samba/smb.conf
echo " recycle:noversions = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP" >> /etc/samba/smb.conf
echo " recycle:exclude = *.tmp,*.temp,*.o,*.obj,*.TMP,*.TEMP" >> /etc/samba/smb.conf
echo " recycle:excludedir = /recycle,/tmp,/temp,/TMP,/TEMP" >> /etc/samba/smb.conf
echo " # Cluster" >> /etc/samba/smb.conf
echo " # clustering = yes" >> /etc/samba/smb.conf
echo "" >> /etc/samba/smb.conf
echo "[ceph-ACLs]" >> /etc/samba/smb.conf
echo " path = /mnt/mycephfs/FS" >> /etc/samba/smb.conf
echo " public = yes" >> /etc/samba/smb.conf
echo " writable = yes" >> /etc/samba/smb.conf
echo " guest ok = no" >> /etc/samba/smb.conf
echo " inherit acls = yes" >> /etc/samba/smb.confMettere a dominio:
net ads join -U administratorRiavviare i servizi:
systemctl restart smbd
systemctl restart nmbd
systemctl restart winbindControllare a dominio:
wbinfo -u
wbinfo -gCambiare i permessi delle cartelle condivise:
No Comments