Samba4 » Historique » Version 14
Gilles Grandgérard, 23/10/2014 14:00
| 1 | 6 | Gilles Grandgérard | h1. Samba4 Primaire |
|---|---|---|---|
| 2 | 6 | Gilles Grandgérard | |
| 3 | 8 | Gilles Grandgérard | h2. config eol |
| 4 | 6 | Gilles Grandgérard | <pre><code class="JSON"> |
| 5 | 6 | Gilles Grandgérard | { |
| 6 | 7 | Gilles Grandgérard | "libelle_etab": {"owner": "gen_config", "val": "ACA"}, |
| 7 | 7 | Gilles Grandgérard | "adresse_ip_eth0": {"owner": "gen_config", "val": "172.20.56.45"}, |
| 8 | 7 | Gilles Grandgérard | "system_mail_to": {"owner": "gen_config", "val": "eolebase"}, |
| 9 | 7 | Gilles Grandgérard | "check_passwd": {"owner": "gen_config", "val": "non"}, |
| 10 | 7 | Gilles Grandgérard | "nom_domaine_local": {"owner": "gen_config", "val": "ac-test.lan"}, |
| 11 | 7 | Gilles Grandgérard | "proxy_client_adresse": {"owner": "gen_config", "val": "172.20.210.10"}, |
| 12 | 7 | Gilles Grandgérard | "exim_relay_smtp": {"owner": "gen_config", "val": "smtp.ac-dijon.fr"}, |
| 13 | 7 | Gilles Grandgérard | "netmask_ssh_eth0": {"owner": "gen_config", "val": ["0.0.0.0"]}, |
| 14 | 7 | Gilles Grandgérard | "ip_admin_eth0": {"owner": "gen_config", "val": ["0.0.0.0"]}, |
| 15 | 7 | Gilles Grandgérard | "numero_etab": {"owner": "gen_config", "val": "0000000A"}, |
| 16 | 7 | Gilles Grandgérard | "nom_machine": {"owner": "gen_config", "val": "eolebase"}, |
| 17 | 7 | Gilles Grandgérard | "netmask_admin_eth0": {"owner": "gen_config", "val": ["0.0.0.0"]}, |
| 18 | 7 | Gilles Grandgérard | "domaine_messagerie_etab": {"owner": "gen_config", "val": "ac-test.fr"}, |
| 19 | 7 | Gilles Grandgérard | "ip_ssh_eth0": {"owner": "gen_config", "val": ["0.0.0.0"]}, |
| 20 | 7 | Gilles Grandgérard | "nom_academie": {"owner": "gen_config", "val": "ac-test"}, |
| 21 | 7 | Gilles Grandgérard | "adresse_ip_gw": {"owner": "gen_config", "val": "172.20.56.254"}, |
| 22 | 7 | Gilles Grandgérard | "activer_proxy_client": {"owner": "gen_config", "val": "oui"}, |
| 23 | 7 | Gilles Grandgérard | "adresse_ip_dns": {"owner": "gen_config", "val": ["172.20.210.10"]} |
| 24 | 6 | Gilles Grandgérard | } |
| 25 | 1 | Gilles Grandgérard | </code></pre> |
| 26 | 8 | Gilles Grandgérard | |
| 27 | 10 | Gilles Grandgérard | |
| 28 | 10 | Gilles Grandgérard | h2. instalation |
| 29 | 10 | Gilles Grandgérard | |
| 30 | 8 | Gilles Grandgérard | # ajout de %%nom_domaine_local dans @hostname@ => faire un %if si module de type AD |
| 31 | 8 | Gilles Grandgérard | # le fichier @hosts@ est OK |
| 32 | 8 | Gilles Grandgérard | # modification de la fstab, cf. comme on fait dans @eole-fichier@ mais devra aussi être appliqué aux fichiers de Samba4 (sysvol, ...) |
| 33 | 8 | Gilles Grandgérard | <pre> |
| 34 | 8 | Gilles Grandgérard | [libdefaults] |
| 35 | 8 | Gilles Grandgérard | dns_lookup_realm = true |
| 36 | 8 | Gilles Grandgérard | dns_lookup_kdc = true |
| 37 | 8 | Gilles Grandgérard | default_realm = AC-TEST.LAN |
| 38 | 8 | Gilles Grandgérard | </pre> |
| 39 | 8 | Gilles Grandgérard | # modification du @krb5.conf@ => templatiser |
| 40 | 8 | Gilles Grandgérard | # provisionnement du domaine |
| 41 | 9 | Gilles Grandgérard | # modification smb.conf => templatiser ou utilisser samba-tool ? |
| 42 | 8 | Gilles Grandgérard | <pre> |
| 43 | 8 | Gilles Grandgérard | # Global parameters |
| 44 | 8 | Gilles Grandgérard | [global] |
| 45 | 8 | Gilles Grandgérard | workgroup = AC-TEST |
| 46 | 8 | Gilles Grandgérard | realm = ac-test.lan |
| 47 | 8 | Gilles Grandgérard | netbios name = EOLEBASE |
| 48 | 8 | Gilles Grandgérard | server role = active directory domain controller |
| 49 | 8 | Gilles Grandgérard | dns forwarder = 172.20.210.10 |
| 50 | 8 | Gilles Grandgérard | |
| 51 | 8 | Gilles Grandgérard | [netlogon] |
| 52 | 8 | Gilles Grandgérard | path = /usr/local/samba/var/locks/sysvol/ac-test.lan/scripts |
| 53 | 8 | Gilles Grandgérard | read only = No |
| 54 | 8 | Gilles Grandgérard | |
| 55 | 8 | Gilles Grandgérard | [sysvol] |
| 56 | 8 | Gilles Grandgérard | path = /usr/local/samba/var/locks/sysvol |
| 57 | 8 | Gilles Grandgérard | read only = No |
| 58 | 1 | Gilles Grandgérard | </pre> |
| 59 | 9 | Gilles Grandgérard | # fichier resolv.conf => ??? |
| 60 | 9 | Gilles Grandgérard | # fichier ntp.conf + modifications |
| 61 | 8 | Gilles Grandgérard | |
| 62 | 10 | Gilles Grandgérard | h2. EOLEisation |
| 63 | 8 | Gilles Grandgérard | |
| 64 | 10 | Gilles Grandgérard | Création d'un dictionnaire Creole gérant le service "samba4" et les ouvertures de port tcp et udp. |
| 65 | 6 | Gilles Grandgérard | |
| 66 | 13 | Joël Cuissinat | h2. Migration |
| 67 | 1 | Gilles Grandgérard | |
| 68 | 13 | Joël Cuissinat | Paquets supplémentaires à mettre en dépendance : |
| 69 | 13 | Joël Cuissinat | <pre> |
| 70 | 13 | Joël Cuissinat | libldap2-dev python-ldap |
| 71 | 13 | Joël Cuissinat | </pre> |
| 72 | 10 | Gilles Grandgérard | |
| 73 | 6 | Gilles Grandgérard | |
| 74 | 6 | Gilles Grandgérard | <pre> |
| 75 | 6 | Gilles Grandgérard | # |
| 76 | 6 | Gilles Grandgérard | # INSTALLATION SECONDAIRE !!!!! |
| 77 | 6 | Gilles Grandgérard | </pre> |
| 78 | 6 | Gilles Grandgérard | |
| 79 | 2 | Gilles Grandgérard | h1. Samba4 Secondaire |
| 80 | 2 | Gilles Grandgérard | |
| 81 | 2 | Gilles Grandgérard | h2. config eof |
| 82 | 3 | Gilles Grandgérard | <pre><code class="JSON"> |
| 83 | 5 | Gilles Grandgérard | { |
| 84 | 5 | Gilles Grandgérard | "libelle_etab": {"owner": "gen_config", "val": "ACA"}, |
| 85 | 5 | Gilles Grandgérard | "adresse_ip_eth0": {"owner": "gen_config", "val": "172.20.56.46"}, |
| 86 | 5 | Gilles Grandgérard | "system_mail_to": {"owner": "gen_config", "val": "eolebase"}, |
| 87 | 5 | Gilles Grandgérard | "check_passwd": {"owner": "gen_config", "val": "non"}, |
| 88 | 5 | Gilles Grandgérard | "nom_domaine_local": {"owner": "gen_config", "val": "ac-test.lan"}, |
| 89 | 5 | Gilles Grandgérard | "proxy_client_adresse": {"owner": "gen_config", "val": "172.20.210.10"}, |
| 90 | 5 | Gilles Grandgérard | "exim_relay_smtp": {"owner": "gen_config", "val": "smtp.ac-dijon.fr"}, |
| 91 | 5 | Gilles Grandgérard | "netmask_ssh_eth0": {"owner": "gen_config", "val": ["0.0.0.0"]}, |
| 92 | 5 | Gilles Grandgérard | "ip_admin_eth0": {"owner": "gen_config", "val": ["0.0.0.0"]}, |
| 93 | 5 | Gilles Grandgérard | "numero_etab": {"owner": "gen_config", "val": "0000000A"}, |
| 94 | 5 | Gilles Grandgérard | "nom_machine": {"owner": "gen_config", "val": "eolebase2"}, |
| 95 | 5 | Gilles Grandgérard | "netmask_admin_eth0": {"owner": "gen_config", "val": ["0.0.0.0"]}, |
| 96 | 4 | Gilles Grandgérard | "domaine_messagerie_etab": {"owner": "gen_config", "val": "ac-test.fr"}, |
| 97 | 5 | Gilles Grandgérard | "ip_ssh_eth0": {"owner": "gen_config", "val": ["0.0.0.0"]}, |
| 98 | 5 | Gilles Grandgérard | "nom_academie": {"owner": "gen_config", "val": "ac-test"}, |
| 99 | 5 | Gilles Grandgérard | "adresse_ip_gw": {"owner": "gen_config", "val": "172.20.56.254"}, |
| 100 | 5 | Gilles Grandgérard | "activer_proxy_client": {"owner": "gen_config", "val": "oui"}, |
| 101 | 5 | Gilles Grandgérard | "adresse_ip_dns": {"owner": "gen_config", "val": ["172.20.210.10"]} |
| 102 | 4 | Gilles Grandgérard | } |
| 103 | 3 | Gilles Grandgérard | </code></pre> |
| 104 | 2 | Gilles Grandgérard | h2. instalation |
| 105 | 1 | Gilles Grandgérard | |
| 106 | 1 | Gilles Grandgérard | <pre> |
| 107 | 1 | Gilles Grandgérard | # |
| 108 | 1 | Gilles Grandgérard | # INSTALLATION SECONDAIRE !!!!! |
| 109 | 1 | Gilles Grandgérard | # le primaire est 'eolebase' en 172.20.56.45 |
| 110 | 1 | Gilles Grandgérard | # |
| 111 | 1 | Gilles Grandgérard | |
| 112 | 1 | Gilles Grandgérard | apt-get update |
| 113 | 1 | Gilles Grandgérard | |
| 114 | 1 | Gilles Grandgérard | export DEBIAN_FRONTEND=noninteractive |
| 115 | 1 | Gilles Grandgérard | |
| 116 | 1 | Gilles Grandgérard | apt-get -q -y install build-essential autotools-dev comerr-dev dpkg-dev ethtool krb5-multidev libacl1-dev libattr1-dev libblkid-dev \ |
| 117 | 1 | Gilles Grandgérard | libblkid1 libc-dev-bin libc6-dev libdevmapper1.02.1 libgcrypt11-dev libgnutls-dev libgpg-error-dev libkrb5-dev libncurses5-dev \ |
| 118 | 1 | Gilles Grandgérard | libpopt-dev libreadline-gplv2-dev libssl-dev libstdc++6-4.4-dev libtasn1-3-dev libudev0 linux-libc-dev manpages-dev python-dev \ |
| 119 | 1 | Gilles Grandgérard | udev uuid-dev zlib1g-dev krb5-user |
| 120 | 1 | Gilles Grandgérard | |
| 121 | 1 | Gilles Grandgérard | unset DEBIAN_FRONTEND |
| 122 | 1 | Gilles Grandgérard | |
| 123 | 1 | Gilles Grandgérard | cd /root |
| 124 | 1 | Gilles Grandgérard | tar -zxvf samba-4.1.13.tar.gz |
| 125 | 1 | Gilles Grandgérard | cd samba-4.1.13 |
| 126 | 1 | Gilles Grandgérard | ./configure --with-ldap |
| 127 | 1 | Gilles Grandgérard | make |
| 128 | 1 | Gilles Grandgérard | make install |
| 129 | 1 | Gilles Grandgérard | |
| 130 | 1 | Gilles Grandgérard | cp samba4.sh /etc/init.d/samba4 |
| 131 | 1 | Gilles Grandgérard | chmod 755 /etc/init.d/samba4 |
| 132 | 1 | Gilles Grandgérard | update-rc.d samba4 default |
| 133 | 1 | Gilles Grandgérard | |
| 134 | 1 | Gilles Grandgérard | #implicite |
| 135 | 1 | Gilles Grandgérard | #apt-get install ntpdate |
| 136 | 1 | Gilles Grandgérard | #ntpdate pool.ntp.org |
| 137 | 1 | Gilles Grandgérard | #apt-get install ntp |
| 138 | 1 | Gilles Grandgérard | |
| 139 | 1 | Gilles Grandgérard | # socket NTP Samba |
| 140 | 1 | Gilles Grandgérard | cd /usr/share/eole/creole/modif/ |
| 141 | 1 | Gilles Grandgérard | cp ../distrib/ntp.conf . |
| 142 | 1 | Gilles Grandgérard | cat >>ntp.conf <<EOF |
| 143 | 1 | Gilles Grandgérard | ntpsigndsocket /usr/local/samba/var/lib/ntp_signd |
| 144 | 1 | Gilles Grandgérard | EOF |
| 145 | 1 | Gilles Grandgérard | sed -i 's/restrict default kod notrap nomodify nopeer noquery/restrict default kod notrap nomodify nopeer noquery mssntp/g' ntp.conf |
| 146 | 1 | Gilles Grandgérard | |
| 147 | 1 | Gilles Grandgérard | # Hostname FQDN |
| 148 | 1 | Gilles Grandgérard | cat >hostname <<EOF |
| 149 | 1 | Gilles Grandgérard | %%nom_machine.%%nom_domaine_local |
| 150 | 1 | Gilles Grandgérard | EOF |
| 151 | 1 | Gilles Grandgérard | |
| 152 | 1 | Gilles Grandgérard | gen_patch |
| 153 | 1 | Gilles Grandgérard | |
| 154 | 1 | Gilles Grandgérard | chgrp ntp /usr/local/samba/var/lib/ntp_signd |
| 155 | 1 | Gilles Grandgérard | usermod -a -G staff ntp |
| 156 | 1 | Gilles Grandgérard | |
| 157 | 1 | Gilles Grandgérard | reconfigure |
| 158 | 1 | Gilles Grandgérard | |
| 159 | 1 | Gilles Grandgérard | |
| 160 | 1 | Gilles Grandgérard | echo "export PATH=$PATH:/usr/local/samba/sbin:/usr/local/samba/bin" >> /root/.bashrc |
| 161 | 1 | Gilles Grandgérard | source /root/.bashrc |
| 162 | 1 | Gilles Grandgérard | |
| 163 | 1 | Gilles Grandgérard | #bascule sur primaire |
| 164 | 1 | Gilles Grandgérard | cat >/etc/resolv.conf <<EOF |
| 165 | 1 | Gilles Grandgérard | nameserver 172.20.56.45 |
| 166 | 1 | Gilles Grandgérard | search ac-test.lan |
| 167 | 1 | Gilles Grandgérard | EOF |
| 168 | 1 | Gilles Grandgérard | |
| 169 | 1 | Gilles Grandgérard | cat >/etc/krb5.conf <<EOF |
| 170 | 1 | Gilles Grandgérard | [libdefaults] |
| 171 | 1 | Gilles Grandgérard | dns_lookup_realm = true |
| 172 | 1 | Gilles Grandgérard | dns_lookup_kdc = true |
| 173 | 1 | Gilles Grandgérard | default_realm = AC-TEST.LAN |
| 174 | 1 | Gilles Grandgérard | EOF |
| 175 | 1 | Gilles Grandgérard | |
| 176 | 1 | Gilles Grandgérard | kinit administrator |
| 177 | 1 | Gilles Grandgérard | |
| 178 | 1 | Gilles Grandgérard | #debug /usr/local/samba/sbin/samba -i -d9 |
| 179 | 1 | Gilles Grandgérard | /usr/local/samba/sbin/samba |
| 180 | 1 | Gilles Grandgérard | |
| 181 | 1 | Gilles Grandgérard | samba-tool domain join ac-test.lan DC -U administrator --realm=ac-test.lan -W AC-TEST.LAN |
| 182 | 1 | Gilles Grandgérard | |
| 183 | 1 | Gilles Grandgérard | samba-tool dns add 127.0.0.1 ac-test.lan ac-test.lan NS eolebase2.ac-test.lan |
| 184 | 1 | Gilles Grandgérard | |
| 185 | 1 | Gilles Grandgérard | #bascule sur moi |
| 186 | 1 | Gilles Grandgérard | cat >/etc/resolv.conf <<EOF |
| 187 | 1 | Gilles Grandgérard | nameserver 127.0.0.1 |
| 188 | 1 | Gilles Grandgérard | search ac-test.lan |
| 189 | 1 | Gilles Grandgérard | EOF |
| 190 | 1 | Gilles Grandgérard | |
| 191 | 1 | Gilles Grandgérard | |
| 192 | 9 | Gilles Grandgérard | </pre> |
| 193 | 9 | Gilles Grandgérard | |
| 194 | 9 | Gilles Grandgérard | h1. samba4 fichier |
| 195 | 9 | Gilles Grandgérard | |
| 196 | 9 | Gilles Grandgérard | <pre> |
| 197 | 9 | Gilles Grandgérard | apt-get -q -y install build-essential autotools-dev comerr-dev dpkg-dev ethtool krb5-multidev libacl1-dev libattr1-dev libblkid-dev \ |
| 198 | 9 | Gilles Grandgérard | libblkid1 libc-dev-bin libc6-dev libdevmapper1.02.1 libgcrypt11-dev libgnutls-dev libgpg-error-dev libkrb5-dev libncurses5-dev \ |
| 199 | 9 | Gilles Grandgérard | libpopt-dev libreadline-gplv2-dev libssl-dev libstdc++6-4.4-dev libtasn1-3-dev libudev0 linux-libc-dev manpages-dev python-dev \ |
| 200 | 9 | Gilles Grandgérard | udev uuid-dev zlib1g-dev krb5-user acl libldap-dev libcups2-dev |
| 201 | 9 | Gilles Grandgérard | |
| 202 | 9 | Gilles Grandgérard | ./configure --with-ads --with-shared-modules=idmap_ad |
| 203 | 1 | Gilles Grandgérard | </pre> |
| 204 | 11 | Gilles Grandgérard | |
| 205 | 11 | Gilles Grandgérard | |
| 206 | 11 | Gilles Grandgérard | h1. Horus Web avec authentification dans AD |
| 207 | 11 | Gilles Grandgérard | |
| 208 | 11 | Gilles Grandgérard | h2. config eol |
| 209 | 11 | Gilles Grandgérard | <pre><code class="JSON"> |
| 210 | 11 | Gilles Grandgérard | { |
| 211 | 11 | Gilles Grandgérard | "check_passwd": {"owner": "gen_config", "val": "non"}, |
| 212 | 11 | Gilles Grandgérard | "nom_domaine_local": {"owner": "gen_config", "val": "ac-test.lan"}, |
| 213 | 11 | Gilles Grandgérard | "proxy_client_adresse": {"owner": "gen_config", "val": "172.20.210.10"}, |
| 214 | 11 | Gilles Grandgérard | "bacula_dir_password": {"owner": "gen_config", "val": "efcf727bbaab47cede2a162a26601dbc0173e0c38e751040e37dacff"}, |
| 215 | 11 | Gilles Grandgérard | "web_url": {"owner": "gen_config", "val": "172.20.56.49"}, |
| 216 | 11 | Gilles Grandgérard | "activer_apache": {"owner": "gen_config", "val": "oui"}, |
| 217 | 11 | Gilles Grandgérard | "domaine_messagerie_etab": {"owner": "gen_config", "val": "ac-test.fr"}, |
| 218 | 11 | Gilles Grandgérard | "exim_relay_smtp": {"owner": "gen_config", "val": "smtp.ac-dijon.fr"}, |
| 219 | 11 | Gilles Grandgérard | "bacula_fd_password": {"owner": "gen_config", "val": "68e1170b2be9afddedd239dd543de50636d4045a399a43bae499f234"}, |
| 220 | 11 | Gilles Grandgérard | "system_mail_to": {"owner": "gen_config", "val": "eolebase"}, |
| 221 | 11 | Gilles Grandgérard | "ip_admin_eth0": {"owner": "gen_config", "val": ["0.0.0.0"]}, |
| 222 | 11 | Gilles Grandgérard | "numero_etab": {"owner": "gen_config", "val": "0000000A"}, |
| 223 | 11 | Gilles Grandgérard | "netmask_admin_eth0": {"owner": "gen_config", "val": ["0.0.0.0"]}, |
| 224 | 11 | Gilles Grandgérard | "bacula_sd_password": {"owner": "gen_config", "val": "70ba154dd6c3967016ff8c533fe42724ca0c5ec612edebacb5a12e53"}, |
| 225 | 11 | Gilles Grandgérard | "bacula_dir_name": {"owner": "gen_config", "val": "web-dir"}, |
| 226 | 11 | Gilles Grandgérard | "activer_proxy_client": {"owner": "gen_config", "val": "oui"}, |
| 227 | 11 | Gilles Grandgérard | "ip_ssh_eth0": {"owner": "gen_config", "val": ["0.0.0.0"]}, |
| 228 | 11 | Gilles Grandgérard | "libelle_etab": {"owner": "gen_config", "val": "ACA"}, |
| 229 | 11 | Gilles Grandgérard | "smb_workgroup": {"owner": "gen_config", "val": "domgg"}, |
| 230 | 11 | Gilles Grandgérard | "smb_netbios_name": {"owner": "gen_config", "val": "horus"}, |
| 231 | 11 | Gilles Grandgérard | "netmask_ssh_eth0": {"owner": "gen_config", "val": ["0.0.0.0"]}, |
| 232 | 11 | Gilles Grandgérard | "adresse_ip_eth0": {"owner": "gen_config", "val": "172.20.56.49"}, |
| 233 | 11 | Gilles Grandgérard | "nom_machine": {"owner": "gen_config", "val": "web"}, |
| 234 | 11 | Gilles Grandgérard | "nom_academie": {"owner": "gen_config", "val": "ac-test"}, |
| 235 | 11 | Gilles Grandgérard | "adresse_ip_gw": {"owner": "gen_config", "val": "172.20.56.254"}, |
| 236 | 11 | Gilles Grandgérard | "adresse_ip_dns": {"owner": "gen_config", "val": ["172.20.210.10"]} |
| 237 | 12 | Gilles Grandgérard | "activer_phpmyadmin": {"owner": "gen_config", "val": "oui"} |
| 238 | 11 | Gilles Grandgérard | } |
| 239 | 11 | Gilles Grandgérard | </code></pre> |
| 240 | 11 | Gilles Grandgérard | |
| 241 | 11 | Gilles Grandgérard | |
| 242 | 11 | Gilles Grandgérard | h2. instalation |
| 243 | 14 | Gilles Grandgérard | |
| 244 | 14 | Gilles Grandgérard | dans firefox : |
| 245 | 14 | Gilles Grandgérard | About:config ==> |
| 246 | 14 | Gilles Grandgérard | |
| 247 | 14 | Gilles Grandgérard | *network.negotiate-auth.trusted-uris = ac-test.lan* |