Haɗa CentOS 7 Desktop zuwa Samba4 AD azaman Memba na Domain


Wannan jagorar za ta bayyana yadda za ku iya haɗa CentOS 7 Desktop zuwa Samba4 Active Directory Domain Controller tare da Authconfig-gtk don tantance masu amfani a duk faɗin hanyoyin sadarwar ku daga madaidaitan bayanan asusu guda ɗaya da ke hannun Samba.

  1. Ƙirƙiri Kayan Aikin Gida Mai Aiki tare da Samba4 akan Ubuntu
  2. CentOS 7.3 Jagoran Shigarwa

Mataki 1: Sanya hanyar sadarwa ta CentOS don Samba4 AD DC

1. Kafin fara shiga CentOS 7 Desktop zuwa yankin Samba4 kuna buƙatar tabbatar da cewa hanyar sadarwar tana saita daidai don neman yankin ta hanyar sabis na DNS.

Buɗe Saitunan hanyar sadarwa kuma kashe cibiyar sadarwar Wired idan an kunna. Danna maɓallin Saituna na ƙasa kamar yadda aka kwatanta a hotunan kariyar kwamfuta da hannu sannan ka gyara saitunan cibiyar sadarwarka da hannu, musamman DNS IPs waɗanda ke nuna Samba4 AD DC ɗinka.

Lokacin da kuka gama, Aiwatar da tsarin sai ku kunna Katin Wayar hanyar sadarwa.

2. Na gaba, buɗe fayil ɗin sanyi na keɓancewar hanyar sadarwar ku kuma ƙara layi a ƙarshen fayil tare da sunan yankin ku. Wannan layin yana tabbatar da cewa an haɗa takwaran yankin ta atomatik ta ƙudurin DNS (FQDN) lokacin da kuke amfani da ɗan gajeren suna don rikodin yanki na DNS.

$ sudo vi /etc/sysconfig/network-scripts/ifcfg-eno16777736

Ƙara layi mai zuwa:

SEARCH="your_domain_name"

3. A ƙarshe, sake kunna sabis na cibiyar sadarwa don nuna canje-canje, tabbatar da idan an daidaita fayil ɗin daidaitawa daidai kuma a ba da jerin umarni na ping akan gajerun sunaye na DCs kuma a kan sunan yankin ku don tabbatar da ko ƙudurin DNS yana aiki.

$ sudo systemctl restart network
$ cat /etc/resolv.conf
$ ping -c1 adc1
$ ping -c1 adc2
$ ping tecmint.lan

4. Hakanan, saita sunan mai masaukin injin ku kuma sake kunna injin don aiwatar da saitunan daidai ta hanyar ba da umarni masu zuwa:

$ sudo hostnamectl set-hostname your_hostname
$ sudo init 6

Tabbatar idan an yi amfani da sunan mai masauki daidai tare da umarnin da ke ƙasa:

$ cat /etc/hostname
$ hostname

5. Saitin ƙarshe zai tabbatar da cewa lokacin tsarin ku yana aiki tare da Samba4 AD DC ta hanyar ba da umarnin da ke ƙasa:

$ sudo yum install ntpdate
$ sudo ntpdate -ud domain.tld

Mataki 2: Shigar da Buƙatun Software don Haɗa Samba4 AD DC

6. Domin haɗa CentOS 7 zuwa yankin Active Directory shigar da fakiti masu zuwa daga layin umarni:

$ sudo yum install samba samba samba-winbind krb5-workstation

7. A ƙarshe, shigar da software mai hoto mai hoto da aka yi amfani da shi don haɗin kan yanki wanda CentOS repos ya bayar: Authconfig-gtk.

$ sudo yum install authconfig-gtk

Mataki 3: Haɗa CentOS 7 Desktop zuwa Samba4 AD DC

8. Tsarin shiga CentOS zuwa mai sarrafa yanki yana da sauƙi sosai. Daga layin umarni buɗe Authconfig-gtk shirin tare da tushen gata kuma yi canje-canje masu zuwa kamar yadda aka bayyana a ƙasa:

$ sudo authconfig-gtk

Akan Shaida & Tabbatarwa shafin.

  • Babban Bayanin Asusu na Mai amfani = zaɓi Winbind
  • Winbind Domain = YOUR_DOMAIN
  • Tsarin Tsaro = ADS
  • Winbind ADS Realm= YOUR_DOMAIN.TLD
  • Masu kula da yanki = injinan yanki FQDN
  • Template Shell = /bin/bash
  • Ba da izinin shiga layi =  an duba

Akan Babba Zabuka tab.

  • Zaɓuɓɓukan Tabbatarwa na gida = duba Kaddamar da tallafin karatun karatun yatsa
  • Sauran Zaɓuɓɓukan Tabbatarwa = duba  Ƙirƙiri kundayen adireshi na gida a farkon shiga

9. Bayan kun ƙara duk ƙimar da ake buƙata, komawa zuwa Shafin Shaida & Tabbatarwa sannan ku latsa maɓallin Join Domain da maɓallin Ajiye daga taga faɗakarwa don adana saituna.

10. Bayan an adana tsarin sai a umarce ku da ku samar da asusun gudanarwa na yanki domin shiga yankin. Samar da takaddun shaida don mai amfani da mai gudanar da yanki kuma danna maɓallin Ok don shiga yankin a ƙarshe.

11. Bayan an haɗa na'urar ku a cikin daular, danna kan Aiwatar da maɓallin don yin la'akari da canje-canje, rufe duk windows kuma sake kunna na'ura.

12. Domin tabbatar da idan an haɗa tsarin zuwa Samba4 AD DC buɗe AD Users da Computers daga na'urar Windows tare da shigar da kayan aikin RSAT kuma kewaya zuwa yankin ku na Kwamfuta.

Ya kamata a jera sunan injin ku na CentOS akan jirgin da ya dace.

Mataki 4: Shiga zuwa CentOS Desktop tare da Samba4 AD DC Account

13. Domin shiga CentOS Desktop buga kan Ba a jera ba? haɗi kuma ƙara sunan mai amfani na asusun yanki wanda takwaransa na yankin ya rigaye kamar yadda aka kwatanta a ƙasa.

Domain\domain_account
or
[email 

14. Don tantancewa tare da asusun yanki daga layin umarni a cikin CentOS yi amfani da ɗayan waɗannan kalmomin:

$ su - domain\domain_user
$ su - [email 

15. Don ƙara tushen gata ga mai amfani da yanki ko rukuni, gyara fayil ɗin sudoers ta amfani da umarnin visudo tare da tushen tushen kuma ƙara layin da ke gaba kamar yadda aka kwatanta a ƙasa:

YOUR_DOMAIN\\domain_username       		 ALL=(ALL:ALL) ALL  	#For domain users
%YOUR_DOMAIN\\your_domain\  group      		 ALL=(ALL:ALL) ALL	#For domain groups

16. Don nuna taƙaitaccen bayani game da mai sarrafa yanki yi amfani da umarni mai zuwa:

$ sudo net ads info

17. Don tabbatar da idan asusun na'ura mai aminci da aka ƙirƙira lokacin da aka ƙara CentOS zuwa Samba4 AD DC yana aiki kuma lissafin asusun yanki daga layin umarni shigar da abokin ciniki Winbind ta hanyar ba da umarnin da ke ƙasa:

$ sudo yum install samba-winbind-clients

Sannan fitar da jerin cak akan Samba4 AD DC ta aiwatar da umarni masu zuwa:

$ wbinfo -p #Ping domain
$ wbinfo -t #Check trust relationship
$ wbinfo -u #List domain users
$ wbinfo -g #List domain groups
$ wbinfo -n domain_account #Get the SID of a domain account

18. Idan kuna son barin yankin ya ba da umarni mai zuwa a kan sunan yankinku ta amfani da asusun yanki tare da gatan gudanarwa:

$ sudo net ads leave your_domain -U domain_admin_username

Shi ke nan! Kodayake wannan hanya an mayar da hankali ne kan haɗa CentOS 7 zuwa Samba4 AD DC, matakan da aka kwatanta a cikin wannan takaddun kuma suna aiki don haɗa injin Desktop na CentOS 7 zuwa yankin Microsoft Windows Server 2008 ko 2012.