{"id":45032,"date":"2024-10-06T19:57:16","date_gmt":"2024-10-06T11:57:16","guid":{"rendered":"https:\/\/server.hk\/cnblog\/45032\/"},"modified":"2024-10-06T19:57:16","modified_gmt":"2024-10-06T11:57:16","slug":"samba-%e7%b3%bb%e5%88%97%ef%bc%88%e4%b9%9d%ef%bc%89%ef%bc%9a%e5%b0%87-centos-7-%e6%a1%8c%e9%9d%a2%e7%b3%bb%e7%b5%b1%e5%8a%a0%e5%85%a5%e5%88%b0-samba-4-ad-%e5%9f%9f%e7%92%b0%e5%a2%83%e4%b8%ad","status":"publish","type":"post","link":"https:\/\/server.hk\/cnblog\/45032\/","title":{"rendered":"Samba \u7cfb\u5217\uff08\u4e5d\uff09\uff1a\u5c07 CentOS 7 \u684c\u9762\u7cfb\u7d71\u52a0\u5165\u5230 Samba 4 AD \u57df\u74b0\u5883\u4e2d"},"content":{"rendered":"<h1 id=\"samba-%e7%b3%bb%e5%88%97%ef%bc%88%e4%b9%9d%ef%bc%89%ef%bc%9a%e5%b0%87-centos-7-%e6%a1%8c%e9%9d%a2%e7%b3%bb%e7%b5%b1%e5%8a%a0%e5%85%a5%e5%88%b0-samba-4-ad-%e5%9f%9f%e7%92%b0%e5%a2%83%e4%b8%ad-ecXlNVknbR\">Samba \u7cfb\u5217\uff08\u4e5d\uff09\uff1a\u5c07 CentOS 7 \u684c\u9762\u7cfb\u7d71\u52a0\u5165\u5230 Samba 4 AD \u57df\u74b0\u5883\u4e2d<\/h1>\n<p>\u5728\u7576\u4eca\u7684\u4f01\u696d\u74b0\u5883\u4e2d\uff0c\u6587\u4ef6\u5171\u4eab\u548c\u7528\u6236\u7ba1\u7406\u662f\u81f3\u95dc\u91cd\u8981\u7684\u3002Samba \u4f5c\u70ba\u4e00\u500b\u958b\u6e90\u7684\u8edf\u4ef6\u5957\u4ef6\uff0c\u63d0\u4f9b\u4e86\u5728 Linux \u548c Windows \u7cfb\u7d71\u4e4b\u9593\u5171\u4eab\u6587\u4ef6\u548c\u6253\u5370\u6a5f\u7684\u80fd\u529b\u3002\u7279\u5225\u662f Samba 4\uff0c\u652f\u6301 Active Directory (AD) \u7684\u529f\u80fd\uff0c\u4f7f\u5f97 Linux \u7cfb\u7d71\u80fd\u5920\u66f4\u597d\u5730\u878d\u5165 Windows \u74b0\u5883\u3002\u672c\u6587\u5c07\u4ecb\u7d39\u5982\u4f55\u5c07 CentOS 7 \u684c\u9762\u7cfb\u7d71\u52a0\u5165\u5230 Samba 4 AD \u57df\u74b0\u5883\u4e2d\u3002<\/p>\n<h2 id=\"%e5%89%8d%e6%9c%9f%e6%ba%96%e5%82%99-ecXlNVknbR\">\u524d\u671f\u6e96\u5099<\/h2>\n<p>\u5728\u958b\u59cb\u4e4b\u524d\uff0c\u78ba\u4fdd\u4f60\u7684 CentOS 7 \u7cfb\u7d71\u5df2\u7d93\u5b89\u88dd\u4e86 Samba 4\uff0c\u4e26\u4e14\u5df2\u7d93\u914d\u7f6e\u597d AD \u57df\u63a7\u5236\u5668\u3002\u4f60\u53ef\u4ee5\u4f7f\u7528\u4ee5\u4e0b\u547d\u4ee4\u4f86\u5b89\u88dd Samba\uff1a<\/p>\n<pre><code>sudo yum install samba samba-client samba-common<\/code><\/pre>\n<p>\u6b64\u5916\uff0c\u78ba\u4fdd\u4f60\u7684\u7cfb\u7d71\u6642\u9593\u8207 AD \u57df\u63a7\u5236\u5668\u540c\u6b65\uff0c\u9019\u5c0d\u65bc Kerberos \u8a8d\u8b49\u81f3\u95dc\u91cd\u8981\u3002\u53ef\u4ee5\u4f7f\u7528 NTP \u670d\u52d9\u4f86\u5be6\u73fe\u6642\u9593\u540c\u6b65\uff1a<\/p>\n<pre><code>sudo yum install ntp\nsudo systemctl start ntpd\nsudo systemctl enable ntpd<\/code><\/pre>\n<h2 id=\"%e5%8a%a0%e5%85%a5-ad-%e5%9f%9f-ecXlNVknbR\">\u52a0\u5165 AD \u57df<\/h2>\n<p>\u63a5\u4e0b\u4f86\uff0c\u6211\u5011\u9700\u8981\u5c07 CentOS 7 \u7cfb\u7d71\u52a0\u5165\u5230 Samba 4 AD \u57df\u4e2d\u3002\u9996\u5148\uff0c\u4f7f\u7528\u4ee5\u4e0b\u547d\u4ee4\u5b89\u88dd\u5fc5\u8981\u7684\u5de5\u5177\uff1a<\/p>\n<pre><code>sudo yum install realmd sssd adcli samba-common-tools<\/code><\/pre>\n<p>\u7136\u5f8c\uff0c\u4f7f\u7528 <code>realm<\/code> \u547d\u4ee4\u4f86\u767c\u73fe AD \u57df\uff1a<\/p>\n<pre><code>realm discover yourdomain.com<\/code><\/pre>\n<p>\u5982\u679c\u767c\u73fe\u6210\u529f\uff0c\u63a5\u4e0b\u4f86\u53ef\u4ee5\u4f7f\u7528\u4ee5\u4e0b\u547d\u4ee4\u5c07\u7cfb\u7d71\u52a0\u5165\u5230\u57df\u4e2d\uff1a<\/p>\n<pre><code>sudo realm join yourdomain.com -U 'Administrator'<\/code><\/pre>\n<p>\u5728\u9019\u88e1\uff0c<code>yourdomain.com<\/code> \u662f\u4f60\u7684 AD \u57df\u540d\uff0c<code>Administrator<\/code> \u662f\u57df\u7ba1\u7406\u54e1\u7684\u7528\u6236\u540d\u3002\u7cfb\u7d71\u6703\u63d0\u793a\u4f60\u8f38\u5165\u5bc6\u78bc\u3002<\/p>\n<h2 id=\"%e9%85%8d%e7%bd%ae-sssd-ecXlNVknbR\">\u914d\u7f6e SSSD<\/h2>\n<p>\u52a0\u5165\u57df\u5f8c\uff0c\u9700\u8981\u914d\u7f6e SSSD \u4ee5\u4fbf\u80fd\u5920\u6b63\u78ba\u5730\u8655\u7406\u8eab\u4efd\u9a57\u8b49\u3002\u7de8\u8f2f <code>\/etc\/sssd\/sssd.conf<\/code> \u6587\u4ef6\uff0c\u78ba\u4fdd\u4ee5\u4e0b\u914d\u7f6e\u5b58\u5728\uff1a<\/p>\n<pre><code>[sssd]\nservices = nss, pam\nconfig_file_version = 2\ndomains = yourdomain.com\n\n[domain\/yourdomain.com]\nid_provider = ad\naccess_provider = ad<\/code><\/pre>\n<p>\u4fdd\u5b58\u6587\u4ef6\u5f8c\uff0c\u91cd\u555f SSSD \u670d\u52d9\uff1a<\/p>\n<pre><code>sudo systemctl restart sssd<\/code><\/pre>\n<h2 id=\"%e6%b8%ac%e8%a9%a6%e7%94%a8%e6%88%b6%e7%99%bb%e9%8c%84-ecXlNVknbR\">\u6e2c\u8a66\u7528\u6236\u767b\u9304<\/h2>\n<p>\u73fe\u5728\uff0c\u4f60\u53ef\u4ee5\u6e2c\u8a66\u662f\u5426\u80fd\u5920\u4f7f\u7528 AD \u7528\u6236\u767b\u9304\u5230 CentOS 7 \u7cfb\u7d71\u3002\u4f7f\u7528\u4ee5\u4e0b\u547d\u4ee4\u4f86\u6aa2\u67e5\u7528\u6236\u662f\u5426\u80fd\u5920\u88ab\u8b58\u5225\uff1a<\/p>\n<pre><code>getent passwd username@yourdomain.com<\/code><\/pre>\n<p>\u5982\u679c\u80fd\u5920\u6b63\u78ba\u8fd4\u56de\u7528\u6236\u4fe1\u606f\uff0c\u5247\u8868\u793a\u914d\u7f6e\u6210\u529f\u3002\u63a5\u4e0b\u4f86\uff0c\u4f60\u53ef\u4ee5\u5617\u8a66\u4f7f\u7528 AD \u7528\u6236\u767b\u9304\u5230\u7cfb\u7d71\u3002<\/p>\n<h2 id=\"%e7%b8%bd%e7%b5%90-ecXlNVknbR\">\u7e3d\u7d50<\/h2>\n<p>\u901a\u904e\u4ee5\u4e0a\u6b65\u9a5f\uff0c\u6211\u5011\u6210\u529f\u5730\u5c07 CentOS 7 \u684c\u9762\u7cfb\u7d71\u52a0\u5165\u5230 Samba 4 AD \u57df\u74b0\u5883\u4e2d\u3002\u9019\u4e0d\u50c5\u63d0\u9ad8\u4e86\u6587\u4ef6\u5171\u4eab\u7684\u6548\u7387\uff0c\u9084\u7c21\u5316\u4e86\u7528\u6236\u7ba1\u7406\u7684\u904e\u7a0b\u3002\u5c0d\u65bc\u9700\u8981\u5728 Linux \u548c Windows \u74b0\u5883\u4e2d\u9032\u884c\u7121\u7e2b\u5354\u4f5c\u7684\u4f01\u696d\u4f86\u8aaa\uff0c\u9019\u662f\u4e00\u500b\u975e\u5e38\u6709\u7528\u7684\u89e3\u6c7a\u65b9\u6848\u3002<\/p>\n<p>\u5982\u679c\u4f60\u5c0d\u65bc <a href=\"https:\/\/server.hk\">VPS<\/a> \u89e3\u6c7a\u65b9\u6848\u611f\u8208\u8da3\uff0c\u6216\u8005\u60f3\u4e86\u89e3\u66f4\u591a\u95dc\u65bc <a href=\"https:\/\/server.hk\">\u9999\u6e2f\u4f3a\u670d\u5668<\/a> \u7684\u8cc7\u8a0a\uff0c\u6b61\u8fce\u8a2a\u554f\u6211\u5011\u7684\u7db2\u7ad9\u4ee5\u7372\u53d6\u66f4\u591a\u8a73\u7d30\u8cc7\u6599\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u5b78\u7fd2\u5982\u4f55\u5c07 CentOS 7 \u684c\u9762\u7cfb\u7d71\u6574\u5408\u9032 Samba 4 AD \u57df\u74b0\u5883\uff0c\u63d0\u5347\u7db2\u7d61\u7ba1\u7406\u8207\u8cc7\u6e90\u5171\u4eab\u6548\u7387\u3002<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4924],"tags":[],"class_list":["post-45032","post","type-post","status-publish","format-standard","hentry","category-setup-tutorials"],"_links":{"self":[{"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/posts\/45032","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/comments?post=45032"}],"version-history":[{"count":1,"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/posts\/45032\/revisions"}],"predecessor-version":[{"id":45033,"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/posts\/45032\/revisions\/45033"}],"wp:attachment":[{"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/media?parent=45032"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/categories?post=45032"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/server.hk\/cnblog\/wp-json\/wp\/v2\/tags?post=45032"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}