Differences

This shows you the differences between two versions of the page.

--- create_domain_member [2020/04/22 16:01] – chris
+++ create_domain_member [2020/04/22 16:17] (current) – chris
@@ Line 4: / Line 4: @@
-  * //nano /etc/ssh/sshd_config// and edit to //Permitrootlogin = yes//
+  * //nano /etc/ssh/sshd_config//
+     Permitrootlogin = yes
   * //service ssh restart//
   * //apt update && apt upgrade && apt autoremove//
@@ Line 44: / Line 47: @@
        SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'
   * //nano /etc/snmp/snmp.conf//
        #mibs:
   * //nano /etc/ntp.conf//
@@ Line 68: / Line 69: @@
        # restrict ::
   * //service ntp restart//
   * show status with //ntpq -p//
-	apt -y install realmd sssd sssd-tools adcli krb5-user packagekit samba-common samba-common-bin samba-libs
+  * //apt -y install realmd sssd sssd-tools adcli krb5-user packagekit samba-common samba-common-bin samba-libs//
-	"nano /etc/resolv.conf
+//Italic Text//nano /etc/resolv.conf
-domain domain.artit.nl
-search domain.artit.nl.
-nameserver 192.168.10.11
-nameserver 192.168.10.1
-nameserver 192.168.10.100"
-	realm discover DOMAIN.ARTIT.NL
-	realm join DOMAIN.ARTIT.NL
-	id administrator@DOMAIN.ARTIT.NL
-	apt -y install winbind libpam-winbind libnss-winbind krb5-config samba-dsdb-modules samba-vfs-modules
-	"nano /etc/samba/smb.conf
-# ArtIT Domain Integration of SAMBA
-[global]
+      domain domain.artit.nl
+      search domain.artit.nl.
+      nameserver 192.168.10.11
+      nameserver 192.168.10.1
+      nameserver 192.168.10.100
+  * //realm discover DOMAIN.ARTIT.NL//
+  * //realm join DOMAIN.ARTIT.NL//
+  * //id administrator@DOMAIN.ARTIT.NL//
+  * //apt -y install winbind libpam-winbind libnss-winbind krb5-config samba-dsdb-modules samba-vfs-modules//
+  * //nano /etc/samba/smb.conf//
+      # ArtIT Domain Integration of SAMBA
+  [global]
+        passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n
         workgroup = VERIFY
-        realm = DOMAIN.ARTIT.NL
+        winbind rpc only = yes
+        passwd program = /usr/bin/passwd %u
+        max log size = 1000
         security = ads
+        template homedir = /home/%U
+        os level = 20
         idmap config * : backend = tdb
-        idmap config * : range = 3000-7999
-        idmap config DOMAIN.ARTIT.NL : backend = rid
-        idmap config DOMAIN.ARTIT.NL : range = 10000-999999
-        template homedir = /home/%U
-        template shell = /bin/bash
-        winbind use default domain = true
-        winbind offline logon = false
-        winbind rpc only = yes
-        log file = /var/log/samba/log.%m
-        max log size = 1000
         syslog = 0
+        panic action = /usr/share/samba/panic-action %d
+        unix password sync = yes
+        realm = DOMAIN.ARTIT.NL
         usershare allow guests = Yes
-        map to guest = Bad User
         obey pam restrictions = Yes
+        idmap config domain.artit.nl : range = 10000-999999
+        wins support = true
+        winbind offline logon = false
         pam password change = Yes
-        passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n
+        log file = /var/log/samba/log.%m
-        *password\supdated\ssuccessfully*
+        template shell = /bin/bash
-        passwd program = /usr/bin/passwd %u
+        idmap config domain.artit.nl : backend = rid
-        unix password sync = yes
+        idmap config * : range = 3000-7999
         map to guest = bad user
+        winbind use default domain = true
-# Printer Section -------------------------------------------------------------------------
-[printers]
+  # Printer Section -------------------------------------------------------------------------
+  [printers]
         comment = All Printers
         browseable = yes
@@ Line 124: / Line 128: @@
         read only = yes
         create mask = 0700
-[print$]
+  [print$]
         comment = Printer Drivers
         path = /var/lib/samba/printers
@@ Line 132: / Line 136: @@
         read only = yes
         guest ok = yes
-        write list = root, administrators@DOMANIN.ARTIT.NL
+        write list = root chris @"VERIFY\Administrators" @"VERIFY\Users"
-# NETWORK SHARES --------------------------------------------------------------------------
+  # NETWORK SHARES --------------------------------------------------------------------------
-[c$]
+  [c$]
         comment = Root Share
         path = /
         guest ok = no
-        browseable = no
+        browseable = yes
         read only = no
-# NETWORK SHARES --------------------------------------------------------------------------
+        create mask = 0775
+        directory mask = 0775
+        valid users = root chris @"VERIFY\Administrators" @"VERIFY\Users"
+    ...
+  # End of configuration file --- ArtIT 22 april 2020 ---
+   * //nano /etc/nsswitch.conf//
-[c$]
+      passwd:         files systemd winbind
+      group:          files systemd winbind
-        comment = Root Share
+   * //net ads join -U Administrator//
-        path = /
+   * //systemctl restart winbind//
-        guest ok = no
+   * //Unordered List Itemwbinfo -u//
-        browseable = no
-        read only = no"
-	"nano /etc/nsswitch.conf
+You now have a running domain member in your network.
-passwd:         files systemd winbind
-group:          files systemd winbind"
-	net ads join -U Administrator
-	systemctl restart winbind
-	wbinfo -u