Jump to content
Sign in to follow this  

Linux+Домен Win 2K

Recommended Posts

у меня крик о помощи. Я перевернул уже кучу доков и похоже в конец запутолся. Помогите прикрутить Linux Mandriva к домену Windows 2000.







workgroup = SVK


netbios name = dima-smb

server string = Samba Server %v

printcap name = cups

load printers = yes

printcap cache time = 60

printing = cups

log file = /var/log/samba/%m.log

max log size = 50

map to guest = bad user

security = domain

password server = *

winbind use default domain=yes

encrypt passwords = yes

smb passwd file = /etc/samba/smbpasswd

idmap uid = 10000-20000

idmap gid = 10000-20000

winbind use default domain = yes

winbind enum users=yes

winbind enum groups=yes

template shell = /bin/bash

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

wins server =

dns proxy = no

dos charset = cp866

unix charset = UTF8


comment = Home Directories

browseable = no

writable = yes


comment = All Printers

path = /var/spool/samba

browseable = no

guest ok = yes

writable = no

printable = yes

create mode = 0700

print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers.

use client driver = yes


path = /var/lib/samba/printers

browseable = yes

write list = @adm root

guest ok = yes

inherit permissions = yes

# Settings suitable for Winbind:

# write list = @"Domain Admins" root

# force group = +@"Domain Admins"


path = /var/tmp

guest ok = No

printable = Yes

comment = PDF Generator (only valid users)

printing = bsd

#print command = /usr/share/samba/scripts/print-pdf file path win_path recipient IP &

print command = /usr/share/samba/scripts/print-pdf "%s" "%H" "//%L/%u" "%m" "%I" "%J" &

lpq command = /bin/true

есть еще файл /etc/samba/smb-winbind.conf настройки точно такие же сделал (ни чего умне придумать не мог)



default = FILE:/var/log/kerberos/krb5libs.log

kdc = FILE:/var/log/kerberos/krb5kdc.log

admin_server = FILE:/var/log/kerberos/kadmind.log


ticket_lifetime = 24000

default_realm = SVK.LOCAL

default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc

default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc

permitted_enctypes = des3-hmac-sha1 des-cbc-crc

dns_lookup_realm = false

dns_lookup_kdc = false

kdc_req_checksum_type = 2

checksum_type = 2

ccache_type = 1

forwardable = true

proxiable = true








kdc = kerberos.example.com:88

admin_server = kerberos.example.com:749

default_domain = example.com





.example.com = EXAMPLE.COM


profile = /etc/kerberos/krb5kdc/kdc.conf


debug = false

ticket_lifetime = 36000

renew_lifetime = 36000

forwardable = true

krb4_convert = false


krb4_convert = false

krb4_get_tickets = false

/etc/hosts sk.svk.local sk dima-smb.svk.local dima-smb

регистрация в домене проходит

#net rpc join -U имя_администратора_win_домена

Joined domain SVK

# wbinfo -p

Ping to winbindd succeeded on fd 4

# wbinfo -t

checking the trust secret via RPC calls succeeded

# wbinfo --set-auth-user=user%password (пользователь с правами админа в домене)

# wbinfo -a user%1234

plaintext password authentication succeeded

challenge/response password authentication succeeded

# wbinfo -g



(должно быть имя домена)

# wbinfo -u

Error looking up domain user

в логах:

[2007/10/03 12:59:53, 0] libads/kerberos.c:ads_kinit_password(208)

kerberos_kinit_password DIMA-SMB$@SVK.LOCAL failed: Cannot find KDC for reques

ted realm

[2007/10/03 12:59:53, 1] nsswitch/winbindd_ads.c:ads_cached_connection(114)

ads_connect for domain SVK failed: Cannot find KDC for requested realm

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Create New...