- 论坛徽章:
- 0
|
“Winbind+Samba+Postfix+Dovecot”
Solution
Part
I
Preparing
Environment
Installing
he
OS,
including
Windows
xp,
Centos
5.6,Windows
Server
Enterprise
2003
Notice:
For
Centos(All
linux),the
server
must
have
a
full
domain--‐name,
in
this
example
I
use
openldap.foxmail.com.
So
the
configure
is
like
that
#cat
/etc/hosts
192.168.20.253
openldap.foxmail.com
opendap
……
Part
II
Preparing
the
IP
addresses
Windows
Server
Enterprise
2003:192.168.20.254/24
Windows
XP:192.168.20.252/24
CentOS:192.168.20.253/24
For
all
the
machines’
DNS
is
192.168.20.254
Part
III
Details
for
all
the
Machines
Windows
XP:
I
Install
windows
operating
system
normally
II
Update
the
network
information
for
xp,
it
is
192.168.20.252/24,DNS
is
192.168.20.254,computer’s
name
is
client.foxmail.com
III
Join
the
domain
Windows
Server
Enterprise
2003
I
Install
windows
operating
system
normally
II
Update
the
network
information
for
2003,it
is
192.168.20.254/24,DNS
is
192.168.20.254/24,computer’s
full
name
is
dc.foxmail.com
III
Preparing
the
AD
environment,
domain
level
windows
2003.
IIII
Create
some
users
for
this
test,
they
are
foxuser1
and
foxuser2.
CentOS
I
Install
Operating
System
normally
II
Update
the
network
information
for
Linux,
it
is
192.168.20.253/24,DNS
is
192.168.20.254,computer’s
full
name
is
openldap.foxmail.com
III
Install
some
necessary
packages
for
this
test,
including
samba,dovecot,postfix
#yum
install
samba
–y
#yum
install
dovecot
–y
#yum
install
postfix
–y
IIII
Modify
the
configure
files,
including
smb.conf,
krb5.conf,
nsswitch.conf,
dovecot.conf,
main.cf
The
details
for
smb.conf,
krb5.conf,
nsswitch.conf,
dovecot.conf,
main.cf
#cat
/etc/samba/smb.conf
--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐Start--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐----‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐
[global]
workgroup
=
FOXMAIL
realm
=
ZJGM.COM
server
string
=
File
Server
security
=
ADS
password
server
=
dc.foxmail.com
log
level
=
100
log
file
=
/etc/samba/%m.log
max
log
size
=
50
socket
options
=
TCP_NODELAY
SO_RCVBUF=8129
SO_SNDBUF=8129
printcap
name
=
/etc/printcap
dns
proxy
=
No
idmap
uid
=
1000000--‐2000000
idmap
gid
=
1000000--‐2000000
winbind
separator
=
/
winbind
enum
users
=
Yes
winbind
enum
groups
=
Yes
winbind
use
default
domain
=
Yes
cups
options
=
raw
deadtime
=
15
[Home
Folder]
comment
=
Home
Folder
for
all
users
path
=
/sharepoint
writable
=
yes
browseable
=
yes
guest
ok
=
no
create
mask
=
0777
directory
mask
=
0777
directory
security
mask
=
0777
valid
user
=
FOXMAIL\foxuser
--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐END--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐-‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐
#cat
/etc/krb5.conf
--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐Start--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐----‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐
[logging]
default
=
FILE:/var/log/krb5libs.log
kdc
=
FILE:/var/log/krb5kdc.log
admin_server
=
FILE:/var/log/kadmind.log
[libdefaults]
default_realm
=
FOXMAIL.COM
dns_lookup_realm
=
false
dns_lookup_kdc
=
false
ticket_lifetime
=
24h
forwardable
=
yes
[realms]
FOXMAIL.COM
=
{
kdc
=
dc.foxmail.com:88
admin_server
=
dc.foxmail.com:749
default_domain
=
foxmail.com
kdc
=
dc.foxmail.com
}
FOXMAIL.COM
=
{
kdc
=
dc.foxmail.com
}
[domain_realm]
.foxmail.com
=
FOXMAIL.COM
foxmail.com
=
FOXMAIL.COM
[appdefaults]
pam
=
{
debug
=
false
ticket_lifetime
=
36000
renew_lifetime
=
36000
forwardable
=
true
krb4_convert
=
false
}
--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐The
End--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐-‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐
#cat
/etc/nsswitch.conf
--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐Start--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐----‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐
#
#
/etc/nsswitch.conf
#
#
An
example
Name
Service
Switch
config
file.
This
file
should
be
#
sorted
with
the
most--‐used
services
at
the
beginning.
#
#
The
entry
'[NOTFOUND=return]'
means
that
the
search
for
an
#
entry
should
stop
if
the
search
in
the
previous
entry
turned
#
up
nothing.
Note
that
if
the
search
failed
due
to
some
other
reason
#
(like
no
NIS
server
responding)
then
the
search
continues
with
the
#
next
entry.
#
#
Legal
entries
are:
#
#
nisplus
or
nis+
Use
NIS+
(NIS
version
3)
#
nis
or
yp
Use
NIS
(NIS
version
2),
also
called
YP
#
dns
Use
DNS
(Domain
Name
Service)
#
files
Use
the
local
files
#
db
Use
the
local
database
(.db)
files
#
compat
Use
NIS
on
compat
mode
#
hesiod
Use
Hesiod
for
user
lookups
#
[NOTFOUND=return]
Stop
searching
if
not
found
so
far
#
#
To
use
db,
put
the
"db"
in
front
of
"files"
for
entries
you
want
to
be
#
looked
up
first
in
the
databases
#
#
Example:
#passwd:
db
files
nisplus
nis
#shadow:
db
files
nisplus
nis
#group:
db
files
nisplus
nis
passwd:
files
winbind
shadow:
files
winbind
group:
files
winbind
#hosts:
db
files
nisplus
nis
dns
hosts:
files
dns
#
Example
--‐
obey
only
what
nisplus
tells
us...
#services:
nisplus
[NOTFOUND=return]
files
#networks:
nisplus
[NOTFOUND=return]
files
#protocols:
nisplus
[NOTFOUND=return]
files
#rpc:
nisplus
[NOTFOUND=return]
files
#ethers:
nisplus
[NOTFOUND=return]
files
#netmasks:
nisplus
[NOTFOUND=return]
files
bootparams:
nisplus
[NOTFOUND=return]
files
ethers:
files
netmasks:
files
networks:
files
protocols:
files
rpc:
files
services:
files
…….
--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐The
End--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐-‐--‐--‐--‐--‐--‐--‐--‐--‐--‐
#cat
/dev/dovecot.conf
##
Dovecot
configuration
file
#
If
you're
in
a
hurry,
see
http://wiki.dovecot.org/QuickConfiguration
#
"dovecot
--‐n"
command
gives
a
clean
output
of
the
changed
settings.
Use
it
#
instead
of
copy&pasting
this
file
when
posting
to
the
Dovecot
mailing
list.
#
'#'
character
and
everything
after
it
is
treated
as
comments.
Extra
spaces
#
and
tabs
are
ignored.
If
you
want
to
use
either
of
these
explicitly,
put
the
#
value
inside
quotes,
eg.:
key
=
"#
char
and
trailing
whitespace
"
#
Default
values
are
shown
for
each
setting,
it's
not
required
to
uncomment
#
any
of
the
lines.
#
Base
directory
where
to
store
runtime
data.
#base_dir
=
/var/run/dovecot/
#
Protocols
we
want
to
be
serving:
imap
imaps
pop3
pop3s
#
If
you
only
want
to
use
dovecot--‐auth,
you
can
set
this
to
"none".
protocols
=
imap
imaps
pop3
pop3s
#
IP
or
host
address
where
to
listen
in
for
connections.
It's
not
currently
#
possible
to
specify
multiple
addresses.
"*"
listens
in
all
IPv4
interfaces.
#
"[::]"
listens
in
all
IPv6
interfaces,
but
may
also
listen
in
all
IPv4
#
interfaces
depending
on
the
operating
system.
#
#
If
you
want
to
specify
ports
for
each
service,
you
will
need
to
configure
#
these
settings
inside
the
protocol
imap/pop3
{
...
}
section,
so
you
can
#
specify
different
ports
for
IMAP/POP3.
For
example:
#
protocol
imap
{
#
listen
=
*:10143
#
ssl_listen
=
*:10943
#
..
#
}
protocol
pop3
{
listen
=
*:110
}
#listen
=
[::]
#
Disable
LOGIN
command
and
all
other
plaintext
authentications
unless
#
SSL/TLS
is
used
(LOGINDISABLED
capability).
Note
that
if
the
remote
IP
#
matches
the
local
IP
(ie.
you're
connecting
from
the
same
computer),
the
#
connection
is
considered
secure
and
plaintext
authentication
is
allowed.
#disable_plaintext_auth
=
no
#
Should
all
IMAP
and
POP3
processes
be
killed
when
Dovecot
master
process
#
shuts
down.
Setting
this
to
"no"
means
that
Dovecot
can
be
upgraded
without
#
forcing
existing
client
connections
to
close
(although
that
could
also
be
#
a
problem
if
the
upgrade
is
eg.
because
of
a
security
fix).
This
however
#
means
that
after
master
process
has
died,
the
client
processes
can't
write
#
to
log
files
anymore.
#shutdown_clients
=
yes
##
##
Logging
………..
--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐The
End--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐-‐--‐--‐
#cat
/etc/postfix/main.cf
queue_directory
=
/var/spool/postfix
command_directory
=
/usr/sbin
daemon_directory
=
/usr/libexec/postfix
mail_owner
=
postfix
myhostname
=
openldap.foxmail.com
mydomain
=
foxmail.com
myorigin
=
$mydomain
inet_interfaces
=
all
mydestination
=
$myhostname,
localhost.$mydomain,
localhost,$mydomain
unknown_local_recipient_reject_code
=
550
mynetworks_style
=
subnet
mynetworks
=
192.168.20.0/24,127.0.0.0/8
relay_domains
=
$mydestination
alias_maps
=
hash:/etc/aliases
alias_database
=
hash:/etc/aliases
mail_spool_directory
=
/var/mail
debug_peer_level
=
2
debugger_command
=
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
#xxgdb
$daemon_directory/$process_name
$process_id
&
sleep
5
sendmail_path
=
/usr/sbin/sendmail.postfix
newaliases_path
=
/usr/bin/newaliases.postfix
mailq_path
=
/usr/bin/mailq.postfix
setgid_group
=
postdrop
html_directory
=
no
manpage_directory
=
/usr/share/man
sample_directory
=
/usr/share/doc/postfix--‐2.2.10/samples
readme_directory
=
/usr/share/doc/postfix--‐2.2.10/README_FILES
smtpd_sasl_auth_enable
=
yes
smtpd_sasl_security_options
=
noanonymous
smtpd_sasl_local_domain
=
$mydomain
--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐The
End--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐-‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐--‐
V
Join
Domain
and
test
it |
|
免费注册
发表于 2012-05-24 13:01
发表于 2012-05-24 21:49
