Testinstall: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
HK (Diskussion | Beiträge) Keine Bearbeitungszusammenfassung |
HK (Diskussion | Beiträge) |
||
| (4 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 115: | Zeile 115: | ||
== Samba == | == Samba == | ||
Installiert wir Version 4 | Installiert wir Version 4 | ||
apt-get install samba | apt-get install samba cups | ||
<span style="color:#FF0000">Wichtig:</span>Für einen Stand alone PDC '''winbind''' abschalten, wird mit cifs-tools installiert. | |||
systemctl disable winbind.service | |||
systemctl stop winbind.service | |||
=== smb.conf === | |||
vim /etc/samba/smb.conf | vim /etc/samba/smb.conf | ||
[global] | |||
workgroup = jess4classic | |||
wins support = yes | |||
dns proxy = no | |||
interfaces = eth1 | |||
bind interfaces only = yes | |||
log file = /var/log/samba/log.all | |||
max log size = 1000 | |||
syslog = 0 | |||
panic action = /usr/share/samba/panic-action %d | |||
server role = classic primary domain controller | |||
passdb backend = tdbsam | |||
obey pam restrictions = yes | |||
unix password sync = no | |||
map to guest = bad user | |||
logon path = \\%N\profiles\%a\%U | |||
domain logons = yes | |||
domain master = yes | |||
local master = yes | |||
logon drive = H: | |||
logon home = \\%N\%U | |||
logon script = netlogon.cmd | |||
add machine script = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u | |||
[homes] | |||
comment = Home Directories | |||
browseable = no | |||
read only = no | |||
create mask = 0700 | |||
directory mask = 0700 | |||
valid users = %S | |||
[netlogon] | |||
comment = Network Logon Service | |||
path = /local/samba/netlogon | |||
guest ok = yes | |||
read only = yes | |||
write list = @ntadmin | |||
[profiles] | |||
comment = Users profiles | |||
path = /local/samba/profiles | |||
guest ok = no | |||
browseable = yes | |||
create mask = 0600 | |||
directory mask = 0700 | |||
read only = no | |||
[printers] | |||
comment = All Printers | |||
browseable = no | |||
path = /var/spool/samba | |||
printable = yes | |||
guest ok = no | |||
read only = yes | |||
create mask = 0700 | |||
[print$] | |||
comment = Printer Drivers | |||
path = /var/lib/samba/printers | |||
browseable = yes | |||
read only = yes | |||
guest ok = no | |||
write list = root, @lpadmin | |||
[fuer_alle] | |||
comment = Netzlaufwerk fuer alle | |||
path = /local/samba/shares/fuer_alle | |||
browseable = no | |||
read only = no | |||
create mask = 0666 | |||
directory mask = 0777 | |||
=== Verzeichnisse gemäß der smb.conf anlegen === | |||
mkdir /local/samba | mkdir /local/samba | ||
cd /local/samb | cd /local/samb | ||
mkdir -p netlogon profiles shares/fuer_alle | mkdir -p netlogon profiles shares/fuer_alle | ||
chmod 777 fuer_alle/ | chmod 777 shares/fuer_alle/ | ||
Für Vista, Win7 | |||
mkdir /local/samba/profiles/Vista | |||
chmod 1777 /local/samba/profiles/Vista | |||
=== User anlegen === | |||
==== Domain Admin ==== | |||
Kann Maschinen in die Domain holen und ist auf allem Maschinen '''root''' | |||
groupadd ntadmin | |||
net groupmap add ntgroup="Domain Admins" unixgroup=ntadmin rid=512 type=d | |||
adduser domadmin | |||
smbpasswd -a domadmin | |||
addgroup domadmin ntadmin | |||
==== Domain User ==== | |||
adduser domuser | |||
smbpasswd -a domuser | |||
Aktuelle Version vom 15. März 2015, 13:34 Uhr
Zurück zu LXC auf Ubuntu 14.04-2 LTS
Was soll es werden
- DHCP-Server
- Nameserver
- Router mit Masquerading
- bedeutet: zwei Netzwerkkarten
- tftpd-Server
- Samba-Server
- Ct startet automatisch
Netzwerkschnittstellen
vim /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
# Ergänzung für eth1 (output interface)
auto eth1
iface eth1 inet static
address 10.78.20.10
netmask 255.255.255.0
systemctl restart networking.service
DHCP-Server
apt-get install isc-dhcp-server
vim /etc/default/isc-dhcp-server
Ersetze
INTERFACES=""
gegen
INTERFACES="eth1"
vim /etc/dhcp/dhcpd.conf
ddns-update-style none;
option domain-name "test.local";
option domain-name-servers 10.78.20.10;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 10.78.20.0 netmask 255.255.255.0 {
range 10.78.20.100 10.78.20.200;
option routers 10.78.20.10;
}
systemctl restart isc-dhcp-server.service
Nameserver
apt-get install bind9
Für Tests (z.B. dig)
apt-get install dnsutils
Masquerading per Firewall
apt-get install iptables
vim /etc/rc.local
Einfügen vor exit 0
iptables -t nat -F iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Forwarding
vim /etc/sysctl.conf
Ersetze
#net.ipv4.ip_forward=1
durch
net.ipv4.ip_forward=1
Aktivieren
sysctl -p
tftp für PXE-Boot
vim /etc/dhcp/dhcpd.conf next-server 10.78.20.10; filename "linux/pxelinux.0";
systemctl restart isc-dhcp-server.service
apt-get install tftpd-hpa
vim /etc/default/tftp-hpa
Ändern von
TFTP_ADDRESS="0.0.0.0:69"
in
TFTP_ADDRESS="10.78.20.10:69"
mkdir /srv/tftp/linux
Zum schnellen testen
wget http://ftp.nl.debian.org/debian/dists/jessie/main/installer-i386/current/images/netboot/netboot.tar.gz
mv netboot.tar.gz /srv/tftp/linux/
cd /srv/tftp/linux
tar xf netboot.tar.gz
chgrp -R nogroup *
Client mit PXE als Bootdevice starten
Autostart
vim /var/lib/lxc/<CT-Name>/config
lxc.start.auto = 1 => Autostart lxc.start.delay = 5 => Startverzögerung
Home nach /local verlegen
mkdir -p /local/home rm -r /home ln -s /local/home /home
Samba
Installiert wir Version 4
apt-get install samba cups
Wichtig:Für einen Stand alone PDC winbind abschalten, wird mit cifs-tools installiert.
systemctl disable winbind.service systemctl stop winbind.service
smb.conf
vim /etc/samba/smb.conf
[global] workgroup = jess4classic wins support = yes dns proxy = no interfaces = eth1 bind interfaces only = yes log file = /var/log/samba/log.all max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d server role = classic primary domain controller passdb backend = tdbsam obey pam restrictions = yes unix password sync = no map to guest = bad user logon path = \\%N\profiles\%a\%U domain logons = yes domain master = yes local master = yes logon drive = H: logon home = \\%N\%U logon script = netlogon.cmd add machine script = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u [homes] comment = Home Directories browseable = no read only = no create mask = 0700 directory mask = 0700 valid users = %S [netlogon] comment = Network Logon Service path = /local/samba/netlogon guest ok = yes read only = yes write list = @ntadmin [profiles] comment = Users profiles path = /local/samba/profiles guest ok = no browseable = yes create mask = 0600 directory mask = 0700 read only = no [printers] comment = All Printers browseable = no path = /var/spool/samba printable = yes guest ok = no read only = yes create mask = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no write list = root, @lpadmin [fuer_alle] comment = Netzlaufwerk fuer alle path = /local/samba/shares/fuer_alle browseable = no read only = no create mask = 0666 directory mask = 0777
Verzeichnisse gemäß der smb.conf anlegen
mkdir /local/samba cd /local/samb mkdir -p netlogon profiles shares/fuer_alle chmod 777 shares/fuer_alle/
Für Vista, Win7
mkdir /local/samba/profiles/Vista chmod 1777 /local/samba/profiles/Vista
User anlegen
Domain Admin
Kann Maschinen in die Domain holen und ist auf allem Maschinen root
groupadd ntadmin
net groupmap add ntgroup="Domain Admins" unixgroup=ntadmin rid=512 type=d
adduser domadmin smbpasswd -a domadmin addgroup domadmin ntadmin
Domain User
adduser domuser smbpasswd -a domuser