Changes

Jump to navigation Jump to search

Client Authentication:Mepis (view source)

Revision as of 12:05, 8 April 2007

2,018 bytes added ,  12:05, 8 April 2007
→‎Domain Login
Line 11: Line 11:  
===Domain Login===
 
===Domain Login===
    +
apt-get install winbind libpam-mount
    +
or use synaptic to install the two rpms
 +
 +
these files can be edited with nano or graphically, comment out the existing setting and paste the new
 +
 +
your workgroup is probably correct, as you set this during install
 +
nano -w /etc/samba/smb.conf
 +
.
 +
workgroup = MYDOMAIN
 +
idmap uid = 10000-20000
 +
idmap gid = 10000-20000
 +
template shell = /bin/bash
 +
template homedir = /home/%U
 +
winbind enum users = yes
 +
winbind enum groups = yes
 +
winbind cache time = 10
 +
winbind separator = +
 +
security = domain
 +
password server = *
 +
winbind use default domain = yes
 +
 +
 +
nano -w /etc/nsswitch.conf
 +
.
 +
passwd: compat winbind
 +
group: compat winbind
 +
shadow: compat winbind
 +
 +
nano -w /etc/pam.d/common-account
 +
.
 +
account sufficient      pam_winbind.so
 +
account required        pam_unix.so
 +
 +
nano -w /etc/pam.d/common-auth
 +
.
 +
auth    required        pam_mount.so
 +
#
 +
## use the follolwing "auth" line by itself to restrict local access (a bit paranoid) -
 +
## will validate ONLY off of network
 +
#auth  required        pam_winbind.so use_first_pass
 +
#
 +
## use the TWO "auth" lines below for either network or local validation -
 +
## will validate off of EITHER network or local passwd db
 +
auth    sufficient      pam_winbind.so use_first_pass
 +
auth    required        pam_unix.so use_first_pass
 +
 +
nano -w /etc/pam.d/common-session
 +
.
 +
session required        pam_unix.so
 +
session required        pam_mkhomedir.so umask=0022 skel=/etc/skel/
 +
session optional        pam_mount.so
 +
 +
/etc/init.d/winbind start
 +
 +
 +
This is where SME doesn't support linux clients as well as windows so... logon to your server
 +
signal-event machine-account-create  ClientName$
 +
smbpasswd -a -m ClientName$
 +
 +
 +
to check your client values > K menu > Setting Configuration > Internet and Networking > Samba <br>
 +
ClientName is the NetBIOS Name, + you must add the trailing $  <br>
 +
Workgroup is Workgroup, your local '''windows''' domain  <br>
 +
 +
Now back to mepis and join the workgroup/domain
 +
  net rpc join -D WorkGroup -U admin
    
===Mounting Shares===
 
===Mounting Shares===
Retrieved from "https://wiki.koozali.org/Special:MobileDiff/1895"

Navigation menu