Download: Приложение Настройка стенда

Приложение Использование UNIX как контроллера домена Задача данного приложения — дать слушателю практическое понимание специфики реализации домена средствами UNIX (Linux/FreeBSD). Настройка стенда Выведите WinXP из домена corpX.un и перегрузите виртуальную машину. На контроллере домена (Windows 2003) в оснастке Active Directory Users and Computers удалите gate из списка компьютеров. В FreeBSD/Linux выполните: gate# cat /etc/nsswitch.conf ... passwd: files group: files shadow: files # только в Linux Остановите контроллер домена (Windows 2003). Во FreeBSD выполните следующее: gate# cd /etc/named...
Author: Arcel1973 Shared: 7/30/19
Downloads: 1253 Views: 3015

Content

Приложение Использование UNIX как контроллера домена

Задача данного приложения — дать слушателю практическое понимание специфики реализации домена средствами UNIX (Linux/FreeBSD).

Настройка стенда

Выведите WinXP из домена corpX.un и перегрузите виртуальную машину. На контроллере домена (Windows 2003) в оснастке Active Directory Users and Computers удалите gate из списка компьютеров. В FreeBSD/Linux выполните: gate# cat /etc/nsswitch.conf ... passwd: files group: files shadow: files # только в Linux Остановите контроллер домена (Windows 2003). Во FreeBSD выполните следующее: gate# cd /etc/namedb gate# ee named.conf … zone "corpX.un" { type master; file "/etc/namedb/master/corpX.un"; allow-update { 127.0.0.1; }; }; gate# /etc/rc.d/named restart Новым контроллером домена будет server server# pkg_add -r samba3 server# сd /usr/local/etc/ server# cat smb.conf [global] workgroup = CORPX os level = 128 domain master = yes security = user domain logons = yes logon path = \\%L\profiles\%U [netlogon] path = /home/samba [profiles] path = /home/ read only = no, server# testparm server# mkdir /home/samba server# pw groupadd users server# net groupmap add ntgroup="Domain Admins" unixgroup=wheel rid=512 type=d server# net groupmap add ntgroup="Domain Users" unixgroup=users rid=513 type=d server# net groupmap add ntgroup="Domain Guests" unixgroup=nobody rid=514 type=d server# net groupmap list server# more /etc/rc.conf … nmbd_enable="YES" smbd_enable="YES" winbindd_enable="NO" … server# /usr/local/etc/rc.d/samba start server# smbpasswd -a root Smb password: password server# smbpasswd -e root Enabled user root. server# pw usermod root -G users server# pw useradd winxp$ -d /tmp -s /usr/sbin/nologin

В Ubuntu выполните следующие шаги:

root@server:~# apt-get install samba root@server:~# cd /etc/samba/ root@server:~# cat smb.conf os level = 128 domain master = yes security = user domain logons = yes logon path = \\%L\profiles\%U [netlogon] path = /home/samba [profiles] path = /home/ read only = no root@server:~# testparm root@server:~# mkdir /home/samba root@server:~# net groupmap add ntgroup="Domain Admins" unixgroup=root rid=512 type=d root@server:~# net groupmap add ntgroup="Domain Users" unixgroup=users rid=513 type=d root@server:~# net groupmap add ntgroup="Domain Guests" unixgroup=nogroup rid=514 type=d root@server:~# net groupmap list root@server:~# restart smbd root@server:~# restart nmbd root@server:~# smbpasswd -a root Smb password: password root@server:~# smbpasswd -e root Enabled user root. root@server:~# usermod -G users root root@server:~# adduser -force-badname -home /tmp -shell /bin/false winxp$ Enter new UNIX password: Pa$$w0rd,

Проверка работоспособности PDC Введите WinXP в домен corpX.un. На контроллере домена (server) добавьте пользователя user1, а затем включите его в группу

локальных администраторов WinXP.

Включение gate в домен (server) Во FreeBSD выполните следующие шаги:

server# pw useradd gate$ -d /tmp -s /usr/sbin/nologin server# smbpasswd -a gate$ … Added user gate$. server# smbpasswd -e gate$ Enabled user gate$. Дальнейшие шаги выполняются на gate gate# /usr/local/etc/rc.d/samba stop gate# pkg_delete -x samba3 gate# pkg_add -r samba3 gate# cat /etc/rc.conf … nmbd_enable="NO" smbd_enable="NO" winbindd_enable="YES" … gate# cd /usr/local/etc/ gate# cat smb.conf security = DOMAIN winbind use default domain = Yes winbind enum users = yes winbind enum groups = yes winbind cache time = 36 idmap uid = 20000-40000 idmap gid = 20000-40000 template homedir = /home/%U template shell = /bin/sh gate# /usr/local/etc/rc.d/samba restart gate# cat /etc/nsswitch.conf passwd: files winbind group: files winbind gate# net rpc join -U root Enter root's password: Joined domain CORPX.

В Ubuntu выполните следующие шаги:

root@server:~# adduser -force-badname -home /tmp -shell /bin/false gate$, ...Password: Pa$$w0rd root@server:~# smbpasswd -a gate$ … Added user gate$. root@server:~# smbpasswd -e gate$ Enabled user gate$. Дальнейшие шаги выполняются на gate root@gate:~# stop nmbd root@gate:~# stop smbd root@gate:~# apt-get purge samba winbind root@gate:~# rm -rf /var/cache/samba /var/lib/samba root@gate:~# apt-get install winbind root@gate:~# cd /etc/samba root@gate:~# cat smb.conf [global] workgroup = CORPX security = DOMAIN winbind use default domain = Yes winbind enum users = yes winbind enum groups = yes winbind cache time = 36 idmap uid = 20000-40000 idmap gid = 20000-40000 template homedir = /home/%U template shell = /bin/bash root@gate:~# /etc/init.d/winbind restart root@gate:~# cat /etc/nsswitch.conf passwd: files winbind group: files winbind shadow: files winbind root@gate:~# net rpc join -U root Enter root's password: Joined domain CORPX.

Проверка аутентификации на gate В FreeBSD/Ubuntu выполните следующее:

gate# ntlm_auth -username=user1 password: NT_STATUS_OK: Success (0x0) gate# wbinfo -u gate# wbinfo -g gate# id user1

Управление доступом к файлам В FreeBSD/Ubuntu внесите в конец файла smb.conf следующие строки:

[user_write] path = /tmp valid users = CORPX\root, [group_write] path = /tmp valid users = "@CORPX\domain users" force user = nobody Перезапустите samba на server и проверьте доступ к шарам под разными учетными записями: доменного пользователя и администратора домена.]
15

Similar documents

Файловые сервисы UNIX для пользователей Windows
Файловые сервисы UNIX для пользователей Windows Установка FreeBSD [gate:~]# pkg_add ­r samba3 [gate:~]# cat /etc/rc.conf … nmbd_enable="YES" smbd_enable="YES" winbindd_enable="NO" … [gate:~]# rehash [gate:~]# cd /usr/local/etc/ Ubuntu root@gate:~# apt­get install samba root@gate:~# cd /etc/samba/ Пу
Two Stops Then USA for Roger Waters Tour 2012
Two Stops Then USA for Roger Waters Tour 2012 Apr 22 2012 Roger Waters It seems like an eternity since Roger Waters performed The Wall Live Concert on his 2012 tour! The band, tour crew and Roger have been having a nice rest since performing on 1st April 2012 at Estádio do Morumbi in Sao Paulo, Braz
Justice at Nuremberg Leo Alexander and the Nazi Doctors’ Trial Ulf Schmidt
Justice at Nuremberg Leo Alexander and the Nazi Doctors’ Trial Ulf Schmidt St Antony’s Series General Editor: Richard Clogg (1999–), Fellow of St Antony’s College, Oxford Recent titles include: Ulf Schmidt JUSTICE AT NUREMBERG Leo Alexander and the Nazi Doctors’ Trial Steve Tsang (editor) PEACE AND
AUTODESK SOFTWARE LICENCE AGREEMENT UNITED KINGDOM IMPORTANT, PLEASE READ THIS FIRST. THIS IS A LICENCE AGREEMENT.
AUTODESK SOFTWARE LICENCE AGREEMENT UNITED KINGDOM IMPORTANT, PLEASE READ THIS FIRST. THIS IS A LICENCE AGREEMENT. AUTODESK IS WILLING TO LICENSE THE ACCOMPANYING SOFTWARE TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS LICENCE AGREEMENT AND ANY SUPPLEMENTARY OR UNI
3D Games - Unity & Cinema4D page01
3D Games - Unity & Cinema4D page01 Cinema 4D / 3D principles Edges – otherwise known XYZ – Dimensions up/down, left/ as “verteces” (or a ‘vertex’, right and back/forward singular) are lines between 2 points on a model. Use RGB Arrows – Red (x), Green (y), the edge tool to manipulate Blue (z) – blue
Library Across The Open Sea 1
Library Across The Open Sea 1 Unleashed 1. To Asgaard We Fly(3:53) 8. Execute Them All(3:20) 2. Open Wide(3:11) 9. Captured(3:47) 3. I Am God(4:33) 10. Breaking The Law(2:13) 4. The One Insane (3:02) 11. The General (4:22) 5. Across The Open Sea (2:45) 6. In The Northen Sea(3:53) 7. Forever Goodbye
04-12527M ™ ™ ™ Table of Contents
04-12527M ™ ™ ™ Table of Contents Story ..2 Installation ..4 Menu Navigation ..5 Game Objectives ..6 Running the Game ..6 Heads Up Display (HUD) ..12 Controls ..15 Database ..18 Technical Support ..28 Credits ..29 Software License Agreement ..30 Default Keyboard Controls ..41 ™ ™ Story This is the b
Warranty MIDWAY HOME ENTERTAINMENT INC. warrants to the original purchaser of this Midway
Warranty MIDWAY HOME ENTERTAINMENT INC. warrants to the original purchaser of this Midway Home Entertainment Inc. software product that the medium on which this computer pro- gram is recorded is free from defects in materials and workmanship for a period of ninety (90) days from the date of purchase
Upgrading to Micro-Cap 9
Upgrading to Micro-Cap 9 When upgrading to a new version of Micro-Cap, the user will typically want to import data from their previous version of Micro-Cap. The type of data may consist of files such as schematics, macro circuits, and libraries, schematic information for components, shapes, and pack
ONE FOR ALL 1
URC-7710 English Instructions manual ..P. 2 Deutsch Français ONE FOR ALL 1 Español Português Italiano Nederlands URC-7710 Universal remote Universal Fernbedienung Télécommande universelle Mando a Distancia Universal Telecomando Universal Telecomando Universale Universele Afstandsbediening Table of C
( 1 of 1 ) United States Patent 6,506,148
( 1 of 1 ) United States Patent 6,506,148 Loos January 14, 2003 Nervous system manipulation by electromagnetic fields from monitors Abstract Physiological effects have been observed in a human subject in response to stimulation of the skin with weak electromagnetic fields that are pulsed with certai
USB 2.0 Specification Engineering Change Notice (ECN) #1: Mini-B connector Date: 10/20/2000 Reason for ECN: The USB 2.0 specified device-side connector – the B connector – is too large for use with
USB 2.0 Specification Engineering Change Notice (ECN) #1: Mini-B connector Date: 10/20/2000 Reason for ECN: The USB 2.0 specified device-side connector – the B connector – is too large for use with a new generation of handheld and mobile devices, e.g., cell phones which would benefit from connectivi
Autodesk SOFTWARE LICENSE AGREEMENT
Autodesk SOFTWARE LICENSE AGREEMENT US - Canada READ CAREFULLY: AUTODESK, INC. (“AUTODESK”) LICENSES THIS SOFTWARE TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS SOFTWARE LICENSE AGREEMENT (“AGREEMENT”). BY SELECTING THE “I ACCEPT” BUTTON AT THE END OF THIS AGREEME
Space Details Key: SIOS Name: Core Technology Description: Core technology, tools and shared libraries. Creator (Creation Date): (Nov 23, 2007) Last Modifier (Mod. Date): sam deane (Jan 07, 2009)
Space Details Key: SIOS Name: Core Technology Description: Core technology, tools and shared libraries. Creator (Creation Date): (Nov 23, 2007) Last Modifier (Mod. Date): sam deane (Jan 07, 2009) Available Pages • Resource Archiver Tool v1.4 User Guide • How To Browse An Archive • How To Create An A
IP Camera NC400HD User Manual
IP Camera NC400HD User Manual Version 1.0 Catalogue Chapter 1:Introduce 1.1 Product Introduce 1.2 Product Applications 1.3 Environmental Requirements Chapter 2:Function Introduce 2.1 Basic Function Introduce 2.2 Advanced Function Introduce Chapter 3:IP Camera Installation Wizard Chapter 4:Detailed I
USB DISPLAY ADAPTER
USB DISPLAY ADAPTER USER MANUAL CONTENTS INTRODUCTION ... 3 FEATURES ... 3 SYSTEM REQUIREMENTS ... 3 PACKAGE CONTENTS ... 3 SUPPORTED COMMON DISPLAY RESOLUTION: ... 4 TECHNICAL SPECIFICATIONS: ... 4 INSTALLATION ON WINDOWS 2000 / XP ... 5 DEVICE DRIVER INSTALLATION ... 5 VERIFYING DEVICE DRIVER INST
FCC Information This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules.
FCC Information This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates radio
Quick guide
Quick guide HOME MENU BACKWARD FORWARD ON/OFF MICRO-USB MICROSD CONNECTOR SLOT HOME SCREEN RECENT OPENED RECENT ADDED GO TO LIBRARY NOTIFICATION PANEL APPLICATIONS PANEL READING BOOK CLOSE ADD BOOK BOOKMARK NEXT PAGE READING NEXT PAGE SETTINGS PREVIOUS PREVIOUS PAGE PAGE PREVIOUS PAGE NEXT PAGE PREV
Wonderful Communication, Mobile Life.
Wonderful Communication, Mobile Life. Welcome to use Connect Manager Connect Manager User Manual Copyright © Huawei Technologies Co., Ltd. 2014. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technolo
IconBuilder xp
IconBuilder xp User’s Guide A Guide to Understanding the Filter Table of Contents An Introduction2AComplete List of Features 3 Overview of the Interface 4 Quick Guide to the Controls 5 Getting Started in Photoshop 6 Frequently Asked Questions 7 Tips & Tricks 8 ©2001 The Iconfactory. All rights reser
TOPAZ CLEAN ™ V2.0 User’s Guide
Topaz Labs, LLC A Video and Image Enhancement Company TOPAZ CLEAN ™ V2.0 User’s Guide May 2009 Copyright © 2009 Topaz Labs, LLC. All rights reserved. http://www.topazlabs.com TABLE OF CONTENTS Introduction...3 Getting Started...4 The Clean 2 User Interface ... 5 Image Modes... 6 Using Presets...7 Ap
SDCard Data Sheet SD
SDCard SDCard Data Sheet SD Card SDCard vX.Y Copyright © 2006-2007. Cypress Semiconductor. All Rights Reserved. Build Configurations Read Full File Standard Basic Only File Basic System File System File System System Read Write Approximate PSoC® Memory Use (bytes) Resources Flash **RAM Flash *RAM
USF skin format reference v1.7
USF skin format reference v1.7 1. USF SKIN FORMAT BASICS ... 2 2. USF IMAGES FORMAT ... 2 3. USF HEADER FORMAT ... 3 3.1. [GLOBAL] SECTION FORMAT ... 3 3.2. [BITMAPS] SECTION FORMAT ... 3 3.3. WINDOW DESCRIPTION SECTIONS ... 3 3.4. WINDOW CONTROLS DESCRIPTION SECTIONS ... 4 3.4.1. Window site contro
Using the FarCry dedicated server (Linux)
Using the FarCry dedicated server (Linux) 2004-09-24 © 2004 Crytek 1 CU rsSRPyirutek Studios Using the FarCry dedicated server (Linux) MCFFAeota noaaHRQnnpfrtgtnictuuala.ieiy. nrnncv.stceg.tgihnl..se n..di..a.eign...ne ... s... cdgF...eyli...u cr...aotvd...ah...ruete...e...Cerdr... d... wr...i ssn..
Using vmrun to Control Virtual Machines
Using vmrun to Control Virtual Machines VMware Workstation 7.0 VMware Fusion 3.0 VMware vSphere 4 VMware Server 2.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of thi
Oracle VM VirtualBox©R User Manual Version 4.3.12 ©c 2004-2014 Oracle Corporation http://www.virtualbox.org
Oracle VM VirtualBox©R User Manual Version 4.3.12 ©c 2004-2014 Oracle Corporation http://www.virtualbox.org Contents 1 First steps 11 1.1 Why is virtualization useful? .12 1.2 Some terminology .12 1.3 Features overview .13 1.4 Supported host operating systems .15 1.5 Installing VirtualBox and extens
Using the FarCry dedicated server (Linux)
Using the FarCry dedicated server (Linux) 2004-09-28 © 2019 Crytek 1 Using the FarCry dedicated server (Linux)...1 Profiles...3 Starting dedicated server...3 Running a server without profiles...4 Mapcycle...5 Running the server on a specific network adapter and port...5 Having your server listed on
UTILITY CD For 8cm 210MB CDR DOS Menu ( Bootable CD )
UTILITY CD For 8cm 210MB CDR DOS Menu ( Bootable CD ) 1) BOOT FROM DRIVE C:\ 2) REBOOT 3) ERD COMMANDER 2005 Designed for WinXP/2000 but gives one a useful GUI in Win9X/ME. (Most components work in Windows VISTA) Includes as standard in ERD Commander : Explorer Disk Commander File Restore Locksmith
…90 shots to thank gravity…
…90 shots to thank gravity… …the end…
Using the Torg Drama Deck with MasterBook Rules
Using the Torg Drama Deck with MasterBook Rules In general, the Torg Drama Deck may be used with the MasterBook game system without modification, just by reading what's on the card. Nonetheless, here are some guidelines to make the Torg Drama Deck more like the MasterDeck. Note that there are more c