- 论坛徽章:
- 0
|
回复 #11 jerrywjl 的帖子
我要加入的域是ltqy.com,AD的IP是172.16.96.10/24,
首先验证各种组件的安装,
root@windbag:/usr/sbin# smbd -b | grep LDAP
HAVE_LDAP_H
HAVE_LDAP
HAVE_LDAP_DOMAIN2HOSTLIST
...
root@windbag:/usr/sbin# smbd -b | grep KRB
HAVE_KRB5_H
HAVE_ADDRTYPE_IN_KRB5_ADDRESS
HAVE_KRB5
...
root@windbag:/usr/sbin# smbd -b | grep ADS
WITH_ADS
WITH_ADS
root@windbag:/usr/sbin# smbd -b | grep WINBIND
接着是修改krb5
[libdefaults]
default_realm=LTQY.COM
[realms]
LTQY.COM={
default_domain=ltqy.com
kdc=172.16.96.10:88
admin_server=172.16.96.10:749
}
[domain_realms]
.ltqy.com=ltqy.com
然后用 kinit access@LTQY.COM来测试与AD的连接,输入密码后可正常连接,
之后修改/ect/nsswitch.conf 文件:
passwd: files winbind
shadow: files inwinbind
group: files winbind
最之后修改smb.conf文件:
[global]
idmap gid = 15000-20000
idmap uid = 15000-20000
domain master = no
winbind use default domain = yes
password server = 172.16.96.10:64
workgroup= LTQY
preferred master = no
winbind separator = /
domain logons = no
winbind enum groups =yes
winbind enum users =yes
domain logons = no
netbios name = linuxtest
server string = for linux test
security = domain
之后是尝试用net rpc join 来加入域,
[root@localhost samba]# net rpc join -S LTQY.COM -U administrator
/etc/host.conf\uff1a\u884c 1\uff1a\u9519\u8bef\u547d\u4ee4\u201cbind,order hosts\u201d
[2008/10/21 14:37:52, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256)
cli_nt_setup_creds: request challenge failed
Password:
[2008/10/21 14:37:58, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256)
cli_nt_setup_creds: request challenge failed
[2008/10/21 14:37:58, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(319)
Error domain join verification (reused connection): NT_STATUS_INVALID_COMPUTER_NAME
Unable to join domain LT-QY.
显示不能加入域,
[ 本帖最后由 qyzzjian 于 2008-10-21 14:38 编辑 ] |
|
免费注册
楼主: qyzzjian
发表于 2008-10-20 17:03
