In dit artikel ga ik uitleggen hoe je Samba 4 op FreeBSD als domain member kan toevoegen.
- Zorg dat er een verse installatie van FreeBSD 12 of 13 is geinstalleerd.
Controleer als eerste of de hostname goed staat. Voer het volgende commando in:
# hostname
Controleer de hostname en noteer deze, later moet deze op de domain controller toegevoegd worden.
- Controleer resolv.conf, voer het commando in:
# cat /etc/resolv.conf
- controleer ook de hostname in rc.conf, middels het volgende commando:
# cat /etc/rc.conf
- Controleer ook de datum, deze moet gelijk staan met het domein.
# date
- Log in op de domain controller en voeg de machine naam (uit FreeBSD) toe als DNS record met het juiste ip adres.
- De DNS Record is toegevoegd in de domain controller.
- Controleer of de toegevoegde DNS record ook wordt gevonden op de FreeBSD machine:
# getent hosts WW_SFTP
- Nu is het tijd om Samba te installeren:
# cd /usr/ports/net/samba413
# make install clean
- De installatie van de samba server is gestart.
- Kies de standaard opties voor Samba.
https://www.freshports.org/net/samba413
Samba4 is an attempt to implement an Active Directory compatible Domain Controller.
- Ook voor pkgconf, standaard opties, druk op OK.
https://www.freshports.org/devel/pkgconf/
pkgconf is a program which helps to configure compiler and linker flags for development frameworks. It is similar to pkg-config, but was written from scratch in Summer of 2011 to replace pkg-config, which now needs itself to build itself.
- Voor libtasn1 ook de standaard opties.
https://www.freshports.org/security/linux-c7-libtasn1
libtasn1 library was developed for ASN1 (Abstract Syntax Notation One) structures management.
- Kies de onderstaande opties voor Perl5.
https://www.freshports.org/lang/perl5.32
Perl is a language that combines some of the features of C, sed, awk and shell. See the manual page for more hype. There are also many books published by O'Reilly & Assoc. See pod/perlbook.pod for more information.
- Ga door met instaleren met de standaard opties voor libarchive-3.
https://www.freshports.org/archivers/libarchive
Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants and the POSIX cpio format.
- Ook standaard opties voor expat-2.
https://www.freshports.org/textproc/expat/
Expat is an XML 1.0 parser written in C. It aims to be fully conforming. It is currently not a validating XML processor.
- Standaard opties voor liblz4.
https://www.freshports.org/archivers/liblz4/
LZ4 is a very fast lossless compression algorithm, providing compression speed at 400 MB/s per core, scalable with multi-cores CPU. It also features an extremely fast decoder, with speed in multiple GB/s per core, typically reaching RAM speed limits on multi-core systems.
- Ga ook voor de standaard opties voor python37.
https://www.freshports.org/lang/python37
Python is an interpreted object-oriented programming language, and is often compared to Tcl, Perl or Scheme.
- Standaard opties voor gettext-tools.
https://www.freshports.org/devel/gettext-tools
GNU gettext is a framework of libraries and tools for internationalisation and localisation of software. This package contains development and translation tools. WWW: https://www.gnu.org/software/gettext/
- Volgende module libtextstyle ook de standaard opties kiezen.
https://www.freshports.org/devel/libtextstyleGNU libtextstyle provides an easy way to add styling to programs that produce output to a console or terminal emulator window. It does this in a way that allows the end user to customize the styling using the industry standard, namely Cascading Style Sheets (CSS).
- Zelfde opties houden voor gettext-runtime.
https://www.freshports.org/devel/gettext-runtimeGNU gettext is a framework of libraries and tools for internationalisation and localisation of software.
- Standaard opties voor readline.
https://www.freshports.org/devel/readline/The GNU Readline library provides a set of functions for use by applications that allow users to edit command lines as they are typed in. Both Emacs and vi editing modes are available. The Readline library includes additional functions to maintain a list of previously-entered command lines, to recall and perhaps reedit those lines, and perform csh-like history expansion on previous commands.
- Evenals voor ninja de standaard opties kiezen.
https://www.freshports.org/devel/ninjaNinja is yet another build system. It takes as input the interdependencies of files (typically source code and output executables) and orchestrates building them, quickly. Ninja joins a sea of other build systems. Its distinguishing goal is to be fast. It is born from my work on the Chromium browser project, which has over 30,000 source files and whose other build systems (including one built from custom non-recursive Makefiles) can take ten seconds to start building after changing one file. Ninja is under a second.
- Kies bij lzo2 ook de standaard opties.
https://www.freshports.org/archivers/lzo2/LZO is a data compression library which is suitable for data de-/compression in real-time. This means it favours speed over compression ratio.
- Standaard opties laten staan voor cmocka.
https://www.freshports.org/sysutils/cmockacmocka is a fork for Google's cmockery unit testing framework to fix bugs and support it in future.
- kies ook de standaard opties voor cmake-3.
https://www.freshports.org/devel/cmakeCMake is used to control the software compilation process using simple platform and compiler independent configuration files. CMake generates native makefiles and workspaces that can be used in the compiler environment of your choice. CMake is quite sophisticated: it is possible to support complex environments requiring system configuration, pre-processor generation, code generation, and template instantiation.
- Kies ook de standaard opties voor py37-Jinja2.
https://www.freshports.org/devel/py-Jinja2Jinja is a sandboxed template engine written in pure Python licensed under the BSD license. It provides a Django-like non-XML syntax and compiles templates into executable python code. It's basically a combination of Django templates and python code.
- Druk py37-Babel door met de standaard opties.
https://www.freshports.org/devel/py-babelBabel is composed of two major parts: * tools to build and work with gettext message catalogs * a Python interface to the CLDR (Common Locale Data Repository), providing access to various locale display names, localized number and date formatting, etc.
- Kies voor py37-docutils de standaard opties.
https://www.freshports.org/textproc/py-docutils/Utilities for the documentation of Python modules.
- Ook de standaard opties voor py37-snowballstemmer.
https://www.freshports.org/textproc/py-snowballstemmerSnowball is a small string processing language for creating stemming algorithms for use in Information Retrieval, plus a collection of stemming algorithms implemented using it.
- Kies ook de standaard opties voor py37-urllib3.
https://www.freshports.org/net/py-urllib3urllib3 is a powerful, sanity-friendly HTTP client for Python. Much of the Python ecosystem already uses urllib3 and you should too. urllib3 brings many critical features that are missing from the Python standard libraries
- Kies bij ca_root_nss-3 voor de standaard opties.
https://www.freshports.org/security/ca_root_nss/Root certificates from certificate authorities included in the Mozilla NSS library and thus in Firefox and Thunderbird.
- Kies voor curl ook de standaard opties.
https://www.freshports.org/ftp/curl/curl is used in command lines or scripts to transfer data. It is also used in cars, television sets, routers, printers, audio equipment, mobile phones, tablets, settop boxes, media players and is the internet transfer backbone for thousands of software applications affecting billions of humans daily.
- Voor m4 kies je ook de standaard opties.
https://www.freshports.org/devel/m4/GNU M4 is an implementation of the traditional Unix macro processor. It is mostly SVR4 compatible although it has some extensions (for example, handling more than 9 positional parameters to macros). GNU M4 also has built-in functions for including files, running shell commands, doing arithmetic, etc.
- De volgende module, textinfo ook de standaard opties.
https://www.freshports.org/print/texinfo/Texinfo is the official documentation format of the GNU project. It was invented by Richard Stallman and Bob Chassell many years ago, loosely based on Brian Reid's Scribe and other formatting languages of the time. It is used by many non-GNU projects as well.
- Kies de standaard opties voor help2man-1.
https://www.freshports.org/misc/help2manhelp2man is a tool for automatically generating simple manual pages from program output.
- gmake heeft ook de standaard opties nodig.
https://www.freshports.org/devel/gmake/GNU make is a tool that controls the generation of executables and other non-source files from source files. Its purpose is the same as that of the utility make(1).
- Kies standaard opties voor p5-Locale-libintl.
https://www.freshports.org/devel/p5-Locale-libintlThe package libintl-perl is an internationalization library for Perl that aims to be compatible with the Uniforum message translations system as implemented for example in GNU gettext.
- libiconv heeft de standaard opties nodig.
https://www.freshports.org/converters/libiconv/This library provides an iconv() implementation, for use on systems which don't have one, or whose implementation cannot convert from/to Unicode. It can convert from any of these encodings to any other, through Unicode conversion. It has also some limited support for transliteration, i.e. when a character cannot be represented in the target character set, it can be approximated through one or several similarly looking characters.
- Voor automake kiezen we ook standaard opties.
https://www.freshports.org/devel/automakeAutomake is a tool for automatically generating Makefiles compliant with the GNU Coding Standards. It was inspired by the 4.4BSD make and include files, but aims to be portable and to conform to the GNU standards for Makefile variables and targets.
- Wederom standaard opties voor rhash.
https://www.freshports.org/security/rhashRHash is a console utility and library for computing and verifying hash sums of files. It supports CRC32, MD4, MD5, SHA1, SHA256, SHA512, SHA3, Tiger, TTH, Torrent BTIH, AICH, ED2K, GOST R 34.11-94, RIPEMD-160, HAS-160, EDON-R 256/512, Whirlpool, and Snefru-128/256 hash sums.
- Kies voor talloc ook de standaard opties.
https://www.freshports.org/devel/talloc/A hierarchical pool based memory allocator with destructors. It uses reference counting to determine when memory should be freed.
- Kies voor tevent ook de standaard opties.
https://www.freshports.org/devel/teventtevent is a simple library that can handle the main event loop for an application. It supports three kinds of events: timed events, file descriptors becoming readable or writable and signals.
- kies de standaard opties voor tdb.
https://www.freshports.org/databases/tdb/TDB is a Trivial Database. In concept, it is very much like GDBM, and BSD's DB except that it allows multiple simultaneous writers and uses locking internally to keep writers from trampling on each other. TDB is also extremely small.
- Standaard opties voor popt.
https://www.freshports.org/devel/popt/This is the popt command line option parsing library. While it is similar to getopt(3), it contains a number of enhancements
- Ook weer de standaard opties voor gnutls-3.
https://www.freshports.org/security/gnutls/GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures. It is aimed to be portable and efficient with focus on security and interoperability.
- gmp-6 kan ook de standaard opties gebruiken.
https://www.freshports.org/math/gmpGMP is a free library for arbitrary precision arithmetic, operating on signed integers, rational numbers, and floating point numbers. There is no limit to the precision except the ones implied by the available memory in the machine GMP runs on. GMP has a rich set of functions, and the functions have a regular interface.
- Kies bij nettle ook voor de standaard opties.
https://www.freshports.org/security/nettleNettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages (C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel space.
- Standaard opties kiezen voor libunistring.
https://www.freshports.org/devel/libunistring/GNU LIBUNISTRING - Unicode string library This library provides functions for manipulating Unicode strings and for manipulating C strings according to the Unicode standard.
- Kies de standaard opties voor p11-kit.
https://www.freshports.org/security/p11-kitProvides a way to load and enumerate PKCS#11 modules. Provides a standard configuration setup for installing PKCS#11 modules in such a way that they're discoverable.
- Ook de standaard opties voor bash-completion-2.
https://www.freshports.org/shells/bash-completion/files/patch-reptyr - Kies de standaard opties voor bash-5.
https://www.freshports.org/shells/bash/This is GNU Bash. Bash is the GNU Project's Bourne Again SHell, a complete implementation of the POSIX.2 shell spec, but also with interactive command line editing, job control on architectures that support it, csh-like features such as history substitution and brace expansion, and a slew of other features.
- Kies de standaard opties voor bison-3.
https://www.freshports.org/devel/bisonBison is a general-purpose parser generator that converts an annotated context-free grammar into a deterministic LR or generalized LR (GLR) parser employing LALR(1) parser tables. As an experimental feature, Bison can also generate IELR(1) or canonical LR(1) parser tables. Once you are proficient with Bison, you can use it to develop a wide range of language parsers, from those used in simple desk calculators to complex programming languages.
- Kies de standaard opties voor xmlcatmgr-2.
https://www.freshports.org/textproc/xmlcatmgrXML Catalog Manager (xmlcatmgr in its short form) is a small utility used to manipulate SGML and XML catalogs. It is extremely small and lightweight, specially designed to be run from packaging systems. Basically, it allows adding and removing entries from catalogs in a completely automated way.
- Kies voor docbook-xsl ook de standaard opties.
https://www.freshports.org/textproc/docbook-xslThese are XSL stylesheets for the DocBook DTD and its derivatives (Simplified DocBook, etc.).
- Druk door met de standaard opties (zoals getoond hieronder) voor libxml2.
https://www.freshports.org/textproc/libxml2/Libxml2 is the XML C parser and toolkit developed for the Gnome project (but usable outside of the Gnome platform). XML itself is a metalanguage to design markup languages, i.e. text language where semantic and structure are added to the content using extra "markup" information enclosed between angle brackets.
- Standaard opties voor libxslt-1.
https://www.freshports.org/textproc/libxslt/Libxslt is the XSLT C library developed for the GNOME project. XSLT itself is a an XML language to define transformation for XML. Libxslt is based on libxml2, the XML C library developed for the GNOME project. It also implements most of the EXSLT set of processor-portable extensions functions and some of Saxon's evaluate and expressions extensions.
- Voor libcrypt is het ook aan te raden om de standaard aan te houden.
https://www.freshports.org/security/libgcryptLibgcrypt is a general purpose cryptographic library based on the code from GnuPG. It provides functions for all cryptographic building blocks: symmetric ciphers, hash algorithms, MACs, public key algorithms, large integer functions, random numbers and a lot of supporting functions.
- Kies de standaard voor libgpg-error.
https://www.freshports.org/security/libgpg-error/libgpg-error is a library that defines common error values for all GnuPG components. Among these are GPG, GPGSM, GPGME, GPG-Agent, libgcrypt, pinentry, SmartCard Daemon and possibly more in the future.
- Standaard opties voor glib-2.
https://www.freshports.org/devel/linux-glib2/GLib is the low-level core library that forms the basis of GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system.
- Graag ook de standaard opties kiezen voor pcre-8
https://www.freshports.org/devel/pcre/The PCRE library is a set of functions that implement regular expression pattern matching using the same syntax and semantics as Perl 5. PCRE has its own native API, as well as a set of wrapper functions that correspond to the POSIX regular expression API. The PCRE library is free, even for building proprietary software.
- trousers kan je ook doordrukken met OK.
https://www.freshports.org/security/trousersTrouSerS is an CPL (Common Public License) licensed Trusted Computing Software Stack. It is mostly compliant with the TSS 1.2 specification.
- Kies OK om door te gaan bij cairo-1.
https://www.freshports.org/graphics/cairo/Cairo is a vector graphics library with cross-device output support. Currently supported output targets include the X Window System and in-memory image buffers.
- Laat DOCS geselecteerd staan bij xorgproto-2020 en druk op [ENTER].
https://www.freshports.org/x11/xorgprotoThis package contains the X Window System unified protocol definitions. They where previously scattered through different packages, but have been merged to one package.
- Druk op [ENTER] bij libxcb-1.
https://www.freshports.org/x11/libxcbThe X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility.
- Bij de module freetype2 de standaard opties laten staan en klik op [OK].
https://www.freshports.org/print/freetype2/FreeType is a freely available software library to render fonts. It is written in C, designed to be small, efficient, highly customizable, and portable while capable of producing high-quality output (glyph images) of most vector and bitmap font formats.
- Houdt de optie APNG geselecteerd en klik op [OK] bij png-1.
https://www.freshports.org/graphics/png/?page=2Libpng was written as a companion to the PNG specification, as a way to reduce the amount of time and effort it takes to support the PNG file format in application programs.
- Laat de standaard opties staan voor fontconfig en druk door.
https://www.freshports.org/x11-fonts/fontconfig-reference/This port contains the programming reference for x11-fonts/fontconfig.
- Laat alle opties aanstaan voor mesa-libs-20 en durk op [OK].
https://www.freshports.org/graphics/mesa-libsThis package contains the Mesa OpenGL libraries for GLX and EGL clients. These include libEGL, libGL, and libglesv2 as well as utlity libraries libglapi and gbm.
- Voor llvm10 de standaard opties in tact laten.
https://www.freshports.org/devel/llvmThe LLVM Project is a collection of modular and reusable compiler and toolchain technologies. This port includes Clang (a C/C++/Objective-C compiler), LLD (a linker), LLDB (a debugger), and the LLVM infrastructure these are built on.
- binutils laten we alleen NLS geselecteerd staan, klik op [OK].
https://www.freshports.org/devel/binutilsThe GNU Binutils are a collection of binary tools. The main ones are: * ld - the GNU linker. * as - the GNU assembler.
- bla
https://www.freshports.org/math/mpfrThe MPFR library is a C library for multiple-precision floating-point computations with exact rounding (also called correct rounding). It is based on the GMP multiple-precision library.
- Beide opties aangevinkt laten bij Swig-4, druk vervolgens door.
https://www.freshports.org/devel/SWIG/SWIG is a tool for automatically generating the wrapper code needed to link collections of functions written in C/C++ with interpreted scripting languages. Currently, SWIG supports : - Tcl - Perl4 - Perl5 - Guile-iii - Python
- Laat alles staan zoals het is voor zstd, klik op [OK]
https://www.freshports.org/archivers/zstd/Zstandard, or zstd as short version, is a fast compression algorithm, providing high compression ratios. It also offers a special mode for small data, called dictionary compression.
- Geen opties voor libdrm-2.
https://www.freshports.org/graphics/libdrm/Userspace interface to kernel DRM (Direct Rendering Module) services.
- voor dbus-glib DOCS aangerkuist laten staan.
https://www.freshports.org/devel/dbus-glibGLib bindings for the D-BUS interprocess messaging system.
- Alle opties aan laten staan voor dubs-1.
https://www.freshports.org/devel/dbus/D-BUS supplies both a system daemon (for events such as "new hardware device added" or "printer queue changed") and a per-user-login-session daemon (for general IPC needs among user applications).
- Laat de DOCS aangevinkt bij de module html2text.
https://www.freshports.org/textproc/html2text/html2text is a command line utility, written in C++, that converts HTML documents (HTML 3.2) into plain text (ISO 8859-1).
- Laat alleen NLS (Native Language Support) aan staan en klik op [OK]
https://www.freshports.org/databases/gdbm/The GNU dbm is a library of database functions that use extensible hashing and works similar to the standard UNIX dbm functions. These routines are provided to a programmer needing to create and manipulate a hashed database.
- Zorg dat alles aangekruist is voor libevent-2 en druk door met [ENTER].
https://www.freshports.org/devel/libevent2/The libevent API provides a mechanism to execute a callback function when a specific event occurs on a file descriptor or after a timeout has been reached. Furthermore, libevent also support callbacks due to signals or regular timeouts.
- Alleen RUN_AS_EUID geselecteerd laten (Standaard opties) en druk door met [OK].
https://www.freshports.org/devel/gaminGamin is a file and directory monitoring system defined to be a subset of the FAM (File Alteration Monitor) system. This is a service provided by a library which allows to detect when a file or a directory has been modified.
- Alleen de Docs blijft aangekruist voor openldap-client-2.
https://www.freshports.org/net/openldap24-client/OpenLDAP is a suite of Lightweight Directory Access Protocol (v3) servers, clients, utilities and development tools.
- Alleen de Examples zijn aangevinkt met de standaard opties bij py37-dnspython-1.
https://www.freshports.org/dns/py-dnspythondnspython is a DNS toolkit for Python. It supports almost all record types. It can be used for queries, zone transfers, and dynamic updates. It supports TSIG authenticated messages and EDNS0.
- Samba Server is geinstalleerd, we kunnen doorgaan met de volgende stappen. Het daadwerkelijke joinen aan een windows domein.
- Om uit te vinden waar het configuratie bestand staat van de Samba Server typ:
# smbd -b | grep CONFIGFILE
- Open de Samba server configuratiescherm middels het volgende commando:
# vi /usr/local/etc/smb4.conf
en voeg de volgende regels toe:[global]
netbios name = WW_SFTP
realm = WW.LOCAL
workgroup = WW
security = ADS
winbind enum groups = Yes
winbind enum users = Yes
winbind nss info = rfc2307
idmap config *:range = 2000-9999
idmap config * : backend = tdb
- Saa het bestand op middels de commandos:
:w
:q - Het is tijd om de parameters te testen, we kunnen dit doen met het commando:
# testparm
Opmerking: Mocht dit niet goed gaan, dan is het raadzaam om het smb4.conf bestand nogmaals na te kijken. - Middels het onderstaande commando gaan we de FreeBSD machine als "domain member" "joinen"
# net ads join -U administratoraccount
In de handleinding: https://blog.andreev.it/?p=2676 komen de onderstaande foutmeldingen niet naar boven, maar bij mij wel. Ik ben er ook achter gekomen dat het niet zo veel uitmaakt. We concentreren ons nu alleen op de text:
Joined 'WW_SFTP' to dns domain 'WW.local'
Ik zeg: "Een groot succes!"
Opmerking: De regels: DNS Update for ww_sftp.ww.local failed: ERROR_DNS_INVALID_NAME and DNS Update failed: NT_STATUS_UNSUCCESSUL zullen we negeren.
En de machine verschijnt ook in de active directory:
- Voeg de volgende 2 regels toe aan het bestand /etc/rc.conf om de Samba server te starten bij het booten van de machine.
samba_server_enable="YES"
winbindd_enable="YES"
Sla het bestand op middels :w & :q. - Nadat het opstarten van de Samba Server is toegevoegd aan /etc/rc.conf kan de samba server opgestart worden:
# service samba_server start
Samen met de Samba server word ook winbindd gestart.
- Test of je contact hebt met de domain controller:
# wbinfo -u
Zodra er gebruikersnamen terug komen met het domein ervoor, dan heb je contact met de DC.
- Controleer ook of je de groepen uit het domein kan opvragen:
# wbinfo -g
- Voer het volgende commando in en bekijk het resultaat. Als het goed is komen er geen gebruikers/wachtwoorden uit het domein terug:
# getent passwd
- We gaan nu het bestand: /etc/nsswitch.conf aanpassen middels het commando:
# vi /etc/nsswitch.conf
- Pas de volgende regels aan:
group: files winbind
passwd: files winbind
- Sla het bestand op middels :w & :q en herstart de machine:
# shutdown -r now
- Na het rebooten en inloggen proberen we nogmaals:
# getent passwd
Zodra hieronder (Even geduld...) gebruikersnamen uit het domein tevoorschijn komen dan heb je contact!
- Controleer ook of de groepen over komen:
# getent group
- Voeg de volgende rgeels toe aan het bestand: /usr/local/etc/smb4.conf:
template shell = /bin/sh
template homedir = /home/%D/%U
Opmerking: Met deze toevoeging maak je het voor domein gebruikers mogelijk om in te loggen. - Om als domein gebruiker succesvol in te kunnen loggen moet je ook de directory's aanmaken voor de domein gebruikers met de juiste rechten.
# mkdir -p /home/WW/rolanddeleeuw
# cd /home/WW
# chown -R This email address is being protected from spambots. You need JavaScript enabled to view it. rolanddeleeuw/
- Pas het volgende bestand aan: /etc/ssh/sshd_config en zorg er voor dat onderstaande lijnen in het bestand staan of het commentaar (#) symbool verwijderd is.
PasswordAuthentication yes
- Zorg er ook voor dat de volgende regel actief is en/of aanwezig in sshd.conf:
ChallengeResponseAuthentication no
- Voeg de onderstaande regel toe aan: /etc/pam.d/sshd, de volgorde is belangrijk.
auth sufficient /usr/local/lib/pam_winbind.so
Opmerking: De volgorde is ook belangrijk! - Voeg dan ook onderstaande regel toe aan bestand: /etc/pam.d/sshd
account sufficient /usr/local/lib/pam_winbind.so
- Voeg ook onderstaande regel toe aan bestand: /etc/pam.d/sshd.
password sufficient /usr/local/lib/pam_winbind.so
- Sla het bestand op middels :w & :q.
- Voeg nu onderstaande regel toe in het bestand: /etc/pam.d/system, de volgorde is ook belangrijk:
auth sufficient /usr/local/lib/pam_winbind.so
- Voeg onderstaande regel toe aan het bestand: /etc/pam.d/system
account sufficient /usr/local/lib/pam_winbind.so
- Ook is onderstaande lijn beneodigd in bestand: /etc/pam.d/system:
password sufficient /usr/local/lib/pam_winbind.so
- Herstart de machine middels het commando:
# shutdown -r now - Na de reboot kan je inloggen als domein gebruiker:
- Maak een directory aan waar de Samba share naartoe mag verwijzen:
# cd /
# mkdir SFTP
# cd SFTP
# mkdir download
# mkdir upload - Ga naar de domain controller en maak een groep aan voor de SFTP Share.
- De volgende regels voeg ik toe aan /usr/local/etc/smb4.conf
[SFTP]
comment = SFTP Server
path = /SFTP
valid users = @WW\SFTP
guest ok = no
writable = yes
browsable = yes
- Sla het bestand op middels :w & :q.
- Herstart de Samba server:
# service samba_server restart
- Deel de juiste rehcten uit op de folders in de share:
# chmod -R 0775 *
# chown -R root:WW\\SFTP *
- Het kan zijn dat je geen toegang hebt, je kan dan 2 dingen doen.
- Login gegevens invoeren zodat je samba dwingt om de gebruikers & groepen op te halen van de domain controller
- De FreeBSD Server herstart, op deze manier dwing je Samba ook om opnieuw de gebruikers gegevens op te halen uit het AD.
- Dit is de manier hoe het mij is gelukt om een Samba Server als Active Directory Member toe te voegen.
Bron: FreeBSD: Setup Samba as an AD Domain Member – Blog of Kliment Andreev – A place so I won't forget things
