budougumi0617 · March 11, 2014 15:33
diff --git a/file0.txt b/file0.txt
 wget  http://ftp.samba.org/pub/samba/stable/samba-4.1.2.tar.gz
 tar zxvf samba-4.1.2.tar.gz
 cd samba-4.1.2
 ./configure --enable-debug --enable-selftest
 make
 make install
diff --git a/file1.txt b/file1.txt
 # /usr/local/samba/bin/samba-tool domain provision
 Realm: server.kerberos.local                       
 Domain [sever]:server                       
 Server Role (dc, member, standalone) [dc]:dc 
 DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]:
 DNS forwarder IP address (write 'none' to disable forwarding) [10.XXX.YYY.ZZZ]:
 Administrator password:                   
 Retype password:
diff --git a/file10.txt b/file10.txt
 # cat /etc/krb5.conf
 [logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

 [libdefaults]
 default_realm = KERBEROS.LOCAL
 dns_lookup_realm = false
 dns_lookup_kdc = true
 ticket_lifetime = 24h
 renew_lifetime = 7d
 forwardable = true

 [realms]
 KERBEROS.LOCAL = {
  kdc = server.kerberos.local
  admin_server = server.kerberos.local
 }

 [domain_realm]
 .kerberos.local = KERBEROS.LOCAL
 kerberos.local = KERBEROS.LOCAL
diff --git a/file11.txt b/file11.txt
 # vim /etc/init.d/samba4
 # cat /etc/init.d/samba4
 #! /bin/bash
 #
 # samba4       Bring up/down samba4 service
 #
 # chkconfig: - 90 10
 # description: Activates/Deactivates all samba4 interfaces configured to \
 #              start at boot time.
 #
 ### BEGIN INIT INFO
 # Provides:
 # Should-Start:
 # Short-Description: Bring up/down samba4
 # Description: Bring up/down samba4
 ### END INIT INFO
 # Source function library.
 . /etc/init.d/functions

 if [ -f /etc/sysconfig/samba4 ]; then
    . /etc/sysconfig/samba4
 fi

 CWD=$(pwd)
 prog="samba4"

 start() {
      # Attach irda device
      echo -n $"Starting $prog: "
    /usr/local/samba/sbin/samba
    sleep 2
    if ps ax | grep -v "grep" | grep -q /samba/sbin/samba ; then success $"samba4 startup"; else failure $"samba4 startup"; fi
      echo
 }
 stop() {
      # Stop service.
      echo -n $"Shutting down $prog: "
    killall samba
    sleep 2
    if ps ax | grep -v "grep" | grep -q /samba/sbin/samba ; then failure $"samba4 shutdown"; else success $"samba4 shutdown"; fi
      echo
 }
 status() {
    /usr/local/samba/sbin/samba --show-build
 }

 # See how we were called.
 case "$1" in
 start)
    start
      ;;
 stop)
    stop
      ;;
 status)
    status irattach
    ;;
 restart|reload)
    stop
    start
    ;;
 *)
      echo $"Usage: $0 {start|stop|restart|status}"
      exit 1
 esac

 exit 0
diff --git a/file12.txt b/file12.txt
 # chmod 0755 /etc/init.d/samba4
 # ln -s /etc/init.d/samba4 /etc/rc3.d/S80samba4 
 # chkconfig --add samba4
 # chkconfig --level 35 samba4 on
diff --git a/file13.txt b/file13.txt
 /etc/init.d/samba4 status
 /etc/init.d/samba4 start
diff --git a/file14.txt b/file14.txt
 /usr/local/samba/bin/samba-tool user add user01
 /usr/local/samba/bin/samba-tool user add user02
 /usr/local/samba/bin/samba-tool user add user03
diff --git a/file15.txt b/file15.txt
 # /usr/local/samba/bin/samba-tool user list
 Administrator
 krbtgt
 user01
 user02
 user03
 Guest
diff --git a/file16.txt b/file16.txt
 # /usr/local/samba/bin/smbclient -L localhost -U%
 Domain=[KERBEROS] OS=[Unix] Server=[Samba 4.1.2]

        Sharename       Type      Comment
        ---------       ----      -------
        IPC$            IPC       IPC Service (Samba 4.1.2)
        secondShare     Disk
        share           Disk
        sysvol          Disk
        netlogon        Disk
 Domain=[KERBEROS] OS=[Unix] Server=[Samba 4.1.2]

        Server               Comment
        ---------            -------

        Workgroup            Master
        ---------            -------
diff --git a/file17.txt b/file17.txt
 :~> cat /etc/hosts
 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
 ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
 10.XXX.YYY.ZZZ server.kerberos.local server
diff --git a/file18.txt b/file18.txt
 yshimizu@RPP2D117C:~> cat /etc/krb5.conf
 [logging]
 default = FILE:/var/log/krb5libs.log
 kdc = SYSLOG:INFO:LOCAL5
 admin_server = SYSLOG:INFO:LOCAL5

 [libdefaults]
 default_realm = KERBEROS.LOCAL
 dns_lookup_realm = true
 dns_lookup_kdc = true
 ticket_lifetime = 24h
 renew_lifetime = 7d
 forwardable = true

 [realms]
 KERBEROS.LOCAL = {
  kdc = server.kerberos.local
  admin_server = server.kerberos.local
  default_domain = kerberos.local
  kdc = server
 }
 [domain_realm]
 .kerberos.local = KRBEROS.LOCAL
 kerberos.local = KERBEROS.LOCAL
diff --git a/file19.txt b/file19.txt
 # kinit [email protected]
 Password for [email protected]:
 Warning: Your password will expire in 41 days on Mon Apr 21 17:20:55 2014
diff --git a/file2.txt b/file2.txt
 # /usr/local/samba/sbin/samba
 # /usr/local/samba/sbin/samba -V
 Version 4.1.2
 # /usr/local/samba/bin/smbclient --version
 Version 4.1.2
diff --git a/file20.txt b/file20.txt
 # klist
 Ticket cache: FILE:/tmp/krb5cc_0
 Default principal: [email protected]

 Valid starting     Expires            Service principal
 03/11/14 11:28:41  03/11/14 21:28:41  krbtgt/[email protected]
        renew until 03/18/14 11:27:39
diff --git a/file21.txt b/file21.txt
 # mount.cifs //server/share ./share -o sec=krb5
 # klist
 Ticket cache: FILE:/tmp/krb5cc_0
 Default principal: [email protected]

 Valid starting     Expires            Service principal
 03/11/14 11:28:41  03/11/14 21:28:41  krbtgt/[email protected]
        renew until 03/18/14 11:27:39
 03/11/14 11:31:20  03/11/14 21:28:41  cifs/[email protected]
        renew until 03/18/14 11:27:39
diff --git a/file3.txt b/file3.txt
 # cat /etc/sysconfig/network-scripts/ifcfg-eth0
 DEVICE=eth0
 TYPE=Ethernet
 UUID=XXXXXXXXXXXXXXXXXXXXXXXXXXX
 ONBOOT=yes
 NM_CONTROLLED=yes
 BOOTPROTO=dhcp
 HWADDR=XXXXXXXXXXXXXXXXXXXXXXXXX
 DEFROUTE=yes
 PEERDNS=no
 PEERROUTES=yes
 IPV4_FAILURE_FATAL=yes
 IPV6INIT=no
 NAME="System eth0"
diff --git a/file4.txt b/file4.txt
 # cat /etc/resolv.conf
 # Generated by NetworkManager
 domain kerberos.local
 nameserver 127.0.0.1
 nameserver 10.XXX.YYY.ZZZ
diff --git a/file5.txt b/file5.txt
 # vim /usr/local/samba/etc/smb.conf
 dns forwarder = 10.XXX.YYY.1
diff --git a/file6.txt b/file6.txt
 # cat /etc/hosts
 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
 ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
 10.XXX.YYY.ZZZ server.kerberos.local server
diff --git a/file7.txt b/file7.txt
 # host -t SRV _ldap._tcp.kerberos.local
 _ldap._tcp.kerberos.local has SRV record 0 100 389 server.kerberos.local.
diff --git a/file8.txt b/file8.txt
 # mkddir -m 777 /data/share
 # mkddir -m 777 /data/secondShare
 # vim /usr/local/samba/etc/smb.conf
diff --git a/file9.txt b/file9.txt
 # cat /usr/local/samba/etc/smb.conf
 # Global parameters
 [global]
        workgroup = KERBEROS
        realm = KERBEROS.LOCAL
        netbios name = SERVER
        server role = active directory domain controller
        dns forwarder = 10.XXX.YYY.ZZZ

 [netlogon]
        path = /usr/local/samba/var/locks/sysvol/kerberos.local/scripts
        read only = No

 [sysvol]
        path = /usr/local/samba/var/locks/sysvol
        read only = No

 [test]
         path = /data/test
         comment = Test Share
         read only = No

 [share]
         path  = /data/share
         read only = No

 [secondShare]
         path = /data/secondShare
         read only = No
	wget http://ftp.samba.org/pub/samba/stable/samba-4.1.2.tar.gz
	tar zxvf samba-4.1.2.tar.gz
	cd samba-4.1.2
	./configure --enable-debug --enable-selftest
	make
	make install
	# /usr/local/samba/bin/samba-tool domain provision
	Realm: server.kerberos.local
	Domain [sever]:server
	Server Role (dc, member, standalone) [dc]:dc
	DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]:
	DNS forwarder IP address (write 'none' to disable forwarding) [10.XXX.YYY.ZZZ]:
	Administrator password:
	Retype password:
	# cat /etc/krb5.conf
	[logging]
	default = FILE:/var/log/krb5libs.log
	kdc = FILE:/var/log/krb5kdc.log
	admin_server = FILE:/var/log/kadmind.log

	[libdefaults]
	default_realm = KERBEROS.LOCAL
	dns_lookup_realm = false
	dns_lookup_kdc = true
	ticket_lifetime = 24h
	renew_lifetime = 7d
	forwardable = true

	[realms]
	KERBEROS.LOCAL = {
	kdc = server.kerberos.local
	admin_server = server.kerberos.local
	}

	[domain_realm]
	.kerberos.local = KERBEROS.LOCAL
	kerberos.local = KERBEROS.LOCAL
	# vim /etc/init.d/samba4
	# cat /etc/init.d/samba4
	#! /bin/bash
	#
	# samba4 Bring up/down samba4 service
	#
	# chkconfig: - 90 10
	# description: Activates/Deactivates all samba4 interfaces configured to \
	# start at boot time.
	#
	### BEGIN INIT INFO
	# Provides:
	# Should-Start:
	# Short-Description: Bring up/down samba4
	# Description: Bring up/down samba4
	### END INIT INFO
	# Source function library.
	. /etc/init.d/functions

	if [ -f /etc/sysconfig/samba4 ]; then
	. /etc/sysconfig/samba4
	fi

	CWD=$(pwd)
	prog="samba4"

	start() {
	# Attach irda device
	echo -n $"Starting $prog: "
	/usr/local/samba/sbin/samba
	sleep 2
	if ps ax \| grep -v "grep" \| grep -q /samba/sbin/samba ; then success $"samba4 startup"; else failure $"samba4 startup"; fi
	echo
	}
	stop() {
	# Stop service.
	echo -n $"Shutting down $prog: "
	killall samba
	sleep 2
	if ps ax \| grep -v "grep" \| grep -q /samba/sbin/samba ; then failure $"samba4 shutdown"; else success $"samba4 shutdown"; fi
	echo
	}
	status() {
	/usr/local/samba/sbin/samba --show-build
	}

	# See how we were called.
	case "$1" in
	start)
	start
	;;
	stop)
	stop
	;;
	status)
	status irattach
	;;
	restart\|reload)
	stop
	start
	;;
	*)
	echo $"Usage: $0 {start\|stop\|restart\|status}"
	exit 1
	esac

	exit 0
	# chmod 0755 /etc/init.d/samba4
	# ln -s /etc/init.d/samba4 /etc/rc3.d/S80samba4
	# chkconfig --add samba4
	# chkconfig --level 35 samba4 on
	/usr/local/samba/bin/samba-tool user add user01
	/usr/local/samba/bin/samba-tool user add user02
	/usr/local/samba/bin/samba-tool user add user03
	# /usr/local/samba/bin/samba-tool user list
	Administrator
	krbtgt
	user01
	user02
	user03
	Guest
	# /usr/local/samba/bin/smbclient -L localhost -U%
	Domain=[KERBEROS] OS=[Unix] Server=[Samba 4.1.2]

	Sharename Type Comment
	--------- ---- -------
	IPC$ IPC IPC Service (Samba 4.1.2)
	secondShare Disk
	share Disk
	sysvol Disk
	netlogon Disk
	Domain=[KERBEROS] OS=[Unix] Server=[Samba 4.1.2]

	Server Comment
	--------- -------

	Workgroup Master
	--------- -------
	:~> cat /etc/hosts
	127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
	::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
	10.XXX.YYY.ZZZ server.kerberos.local server
	yshimizu@RPP2D117C:~> cat /etc/krb5.conf
	[logging]
	default = FILE:/var/log/krb5libs.log
	kdc = SYSLOG:INFO:LOCAL5
	admin_server = SYSLOG:INFO:LOCAL5

	[libdefaults]
	default_realm = KERBEROS.LOCAL
	dns_lookup_realm = true
	dns_lookup_kdc = true
	ticket_lifetime = 24h
	renew_lifetime = 7d
	forwardable = true

	[realms]
	KERBEROS.LOCAL = {
	kdc = server.kerberos.local
	admin_server = server.kerberos.local
	default_domain = kerberos.local
	kdc = server
	}
	[domain_realm]
	.kerberos.local = KRBEROS.LOCAL
	kerberos.local = KERBEROS.LOCAL