ebook - PDF 免费下载

S a m b a 1 6 1 7 S S L

1 6 S a m b a S a m b a S a m b a N T U N I X ( S a m b a ) Windows 9x Samba PA M Windows NT L D A P Samba 2.0.0 P D C 21 22 16.1 Windows 9x 16-1 16-1 Windows 9x ( b o s s ) ( ) 16-2 S a m b a b o s s 16-2

208 Samba U N I X Windows 9x b o s s L i n u x 16-2 Wi n d o w s Windows NT U N I X N T U N I X 16-3 16-3 Windows NT M D 4 U N I X

16 209 D E S Windows U N I X Windows NT S A M ( ) Windows NT N S A M S A M S A M Windows NT U N I X (/ e t c / p a s s w o r d ) ( U N I X Sun Microsystems N I S S u n N I S N I S N I S N I N I S U N I X Windows NT U N I X Windows NT U N I X S a m b a S a m b a Windows NT U N I X S a m b a Windows 9x Windows NT Windows U N I X b o s s Wi n d o w s U N I X U N I X ( Windows NT U N I X ) S a m b a Wi n d o w s U N I X P O P R A D I U S 16.2 ( Windows NT U N I X ) ( ) ( )

210 Samba ) ( ( ) Windows NT U N I X N I S N I N T N I S G I N A http://www.dcs. q m w. a c. u k /- w i l l i a m s S a m b a S a m b a ( N T ) S a m b a S a m b a U N I X U N I X S a m b a S M B ( S a m b a Windows NT ) PA M U N I X U N I X L D A P ( ) L D A P I D A P U N I X PA M S a m b a L D A P S a m b a L D A P L D A P S WAT S WAT S S L 16.3 Samba S a m b a Windows 95 Windows NT ( Windows NT ) S a m b a s m b p a s s w d s m b. c o n f encrypt passwords = yes smb passwd file = /usr/local/samba/private/smbpasswd s m b p a s s w d U N I X L i n u x ( Red Hat Tu r b o L i n u x ) / e t c s m b p a s s w d s m b p a s s w d s m b p a s s w d S a m b a Wi n d o w s N T U N I X

16 211 s m b p a s s w d cat /etc/passwd mksmbpasswd.sh > /usr/local/samba/private/smbpasswd N I S U N I X ypcat passwd mksmbpasswd.sh > /usr/local/samba/private/smbpasswd m k s m b p a s s w d. s h S a m b a 2. 0. 0 s m b p a s s w d ( p a s s w d ) s m b p a s s w d r o o t r o o t r o o t s m b p a s s w d s m b p a s s w d chown -R root.root /usr/local/samba/private/ chmod 550 /usr/local/samba/private chmod 600 /usr/local/samba/private/smbpasswd s m b p a s s w d S a m b a Wi n d o w s s m b p a s s w d S a m b a U N I X U N I X s m b. c o n f S a m b a Wi n d o w s Wi n d o w U N I X unix password sync passwd chat passwd chat debug passwd program S a m b a A P I S a m b a U N I X / b i n / p a s s w d / b i n / y p p a w w s d s m b. c o n f 16.3.1 unix password sync s m b p a s s w d Wi n d o w s S a m b a U N I X passwd program r o o t U N I X p a s s w d r o o t S a m b a unix password sync = False S a m b a Tr u e 16.3.2 passwd chat Wi n d o w s S a m b a U N I X / s m b d p a s s w d s m b d p a s s w d y p p a s s w d

212 Samba o n \ \ r \ t \ s (*) ( ) (.) passwd chat = \ *old*password* %o\n *new *password * %n\n *new *password * %n/n *changed * 16.3.3 passwd chat debug p a s s w d passwd parogram 100 100 p a s s w d passwd chat debug = False 16.3.4 passwd program s m b d U N I X u passwd program = /bin/passwd 16.4 PAM unix password sync passwd chat Wi n d o w s U N I X U N I X U N I X PA M ( ) PA M Sun Microsystems S o l a r i s L i n u x OSF CDE( ) U N I X PA M PA M PA M PA M PA M PA M We b http: / /www.sun.com/software/solaris/pam or http: / /parc.power. n e t / m o r g a n / L i n u x - PA M /. 3 PA M U N I X S M B ( S a m b a Windows NT) U N I X S M B

16 213 David Airlie pam_smb U N I X S M B S a m b a Windows NT Luke Leighton pam_ntdom U N I X S a m b a Windows NT PDC Stephen Langasek pam_smbpass U N I X S M B U N I X S a m b a s m b p a s s w d S a m b a 16.4.1 pam_smb h t t p :// w w w.csn.ul.ie/-airlied/pam_smb/ p a m _ s m b t a r g z i p tar zxvf pam_smb-1_1_tar. g z t a r g z i p gzip -d pam_smb-1_1_tar. g z tar xvf pam_smb-1_1_tar c d p a m _ s m b cd <source directory>. /configure m a k e p a m _ s m b _ a u t h. s o PA M L i n u x / l i b / s e c u r i t y / S l o a r i s / u s r / l i b / s e c u r i t y PA M PA / e t c p a m _ s m b. c o n f PA M L i n u x / e t c / p a m. d / l o g i n auth required /lib/security/pam_smb_auth.so p a m _ p w d b. s o p a m _ s e c u r e t t y. s o PA M p a m _ s m b _ a u t h. s o S o l a r i s / e t c / p a m c o n f : other auth required /usr/lib/security/pam_smb_auth.so.1 L i n u x S o l a r i x : debug s y s l o g use_first_pass PA M, nolocal / U N I X p a m _ s m b _ a u t h

214 Samba 1) U N I X n o l o c a l 2) S M B 3) ( *!!) p a m _ s m b _ a u t h S M B / e t c / p a m _ s m b. c o n f p a m _ s m b (/ e t c / p a m _ s m b / c o n f ) 3 p a m _ s m b S M B l i b N e t B I O S p a m _ s m b D N S S M B U N I X S M B Wi n d o w s 16.4.2 pam_ntdom S a m b a / S a m b a / f t p / p a m _ n t d o m p a m _ n t d o m H T T P p a m _ s m b p a m _ n t d o m p a m _ n t d o m p a m _ s m b 1) 2) (./ c o n f i g u r e ) 3) ( m a k e ) p a m _ n t d o m p a m _ n t d o m _ a u t h ( L i n u x / l i b / s e c u r i t y S o l a r i s / u s r / l i b / s e c u r i t y ) p a m _ s m b PA M L i n u x / e t c / p a m. d / l o g i n auth required /lib/security/pam_ntdom_auth.so PA M p w d b a u t h p w d b S o l a r i s / e t c / p a m. c o n f other auth required /usr/lib/security/pam_ntdom_auth.so.1 p a m _ s m b p a m _ s m b p a m _ n t d o m p a m _ s m b p a m _ n t d o m / e t c / p a m _ s m b. c o n f

16 215 p a m _ s m b [root@remote1] ls /tec/pam_smb.conf F O W L P L AY E A G L E E A G L E 2 F O W L P L AY E A G L E E A G L E 2 p a m _ n t d o m Wi n d o w s ( P D C s B D C s ) S a m b a p a m _ n t d o m U N I X U N I X Windows NT S a m b a Windows NT U N I X U N I X 16-4 U N I X Windows NT 16-4 Windows NT U N I X P D C S a m b a Samba U N I X S a m b a ( d o c s / t e x t d o c s ) N T D O M A I N. t x t p a m _ n o d o m U N I X U N I X Wi n d o w s p a m _ n t d o m 16.4.3 pam_smbpass f t p :// f t p. n e t e x p r e s s. n e t / p u b / p a m p a m _ s m b p a s s ( p a m _ s m b p a s s - 0 _ 5. t g z ) Red Hat rpm L i n u x PA M 1) t a r t a r g z i p 2) / l i b / s e c u r i t y cp pam_smbpass.so /lib/security PA M p a m _ s m b p a m _ n t d o m / e t c / p a m. d / l o g i n auth required /lib/security/pam_ntdom_auth.so a u t h p w d b ( PA M

216 Samba ) PA M debug audit use_first_pass try_first_pass ( PA M ) use_authtok t r y _ f i r s t _ p a s s PA M _ A U T H TO K not_set_pass PA M _ nodelay 1 p a m _ s m b p a s s S a m b a p a s s w d s m p b a s s w d U N I X U N I X Wi n d o w s PA M p a m _ s m b p a s s s m b p a s s w d U N I X U N I X U N I 16.5 LDAP U N I X Wi n d o w s L D A P S a m b a L D A P U N I X L D A P Wi n d o w s L D A P 2 4 S a m b a L D A P 16.6 Wi n d o w s U N I X U N I X Wi n d o w s p a m _ s m b p a m _ n t d o m S a m b a Wi n d o w s L D A P 16.7 Wi n d o w s U N I X U N I X Wi n d o w s

16 217 16.8 S a m b a S S L Wi n d o w s S a m b a Windows 9x U N I X S a m b a U N I X S a m b a p a m _ s m b p a s s U N I X Wi n d o w s Samba smbpasswd U N I X s m b p a s s w d U N I X S a m b a U N I X S a m b a U N I X Wi n d o w s U N I X p a m _ s m b s m b p a s s w d s m b p a s s w p a m _ s m b S a m b a p a m _ s m b P D C S a m b a U N I X Wi n d o w s Wi n d o w s U N I X S WAT Windows NT A P I S WAT 16.9 PA M PA M Sun Micrososystems L i n u x L i n u x