subject:"Re\: lug\-bg\: SAMBA as Primary Domain Controler \?\?\?\?"

Re: lug-bg: SAMBA as Primary Domain Controler ????

2003-03-11 Thread Vesselin Kolev

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

E biva biva da ne se chete i razbira.. no tova e veche fenomen!

Pisaneto po netlogon i profile E SLUZHEBNO i tam ne mozhesh da
si slagash filecheta i da si prehvyrliash kakvoto i da e. Tezi raboti
traibva da sa ti iasni predi da napravish kakvoto i da e!

1. Profiles sluzhi za syhranenie na localnite profiles na daden 
potrebitel vyrhu servera. Primerno tam mozhe da se prehvyrli 
sydyrzhanieto na 

C:\Documents and Settings\User

taka, che potrebitelia ot koiato i stancia v mrezhata da vleze v
domaina da ima edin i syshti nastroiki na decktop, registry i t.n..

Ukazvaneto na profiles zapochva oshte v sekciata global na smb.conf:

[global]

...
netbios name = Samba
...
...
;user profiles and home directory 
logon home = \\%L\%U\.profile 
logon drive = H: 
logon path = \\%L\profiles\%U
...

i zavyrshva s sekciata [profiles]:

[profiles] 
   path = /home/samba/profiles 
   writeable = yes 
   browseable = no 
   create mask = 0600 
   directory mask = 0700

Kakva e celta na cialata tazi shema opisana v smb.conf. Neka
az sym potrebitel vlk i imam account v PDC. Pyrviat pyt, kogato se
logna v systemata shte byde syzdadena directoria 

/home/samba/profiles/vlk

i v neia shte byde zapisan moiat profile. Kogato sledvashtiat pyt az
se logna, moiat profile shte byde izteglen ot 

\\Samba\profiles\vlk

Samba avtomatichno zamestva %L s netbios imeto na PDC, a %U s
tekushtoto potrebitelsko ime.

Poradi syobrazhenia za sigurnost profiles NE sa chitaemi za vsichki.
Vseki profile, koito byde syzdaden se pravi sobstvenost na unix
potrebitelia, koito se udostveriava prez Samba, na failovete se izvyrshva
chmod 0600, a na directoriite 0700.

VNIMANIE! Logon path e specifichen samo za WindowsNT/2000. Za
Windows 9x e bezpolezen.

2. Netlogon sluzhi za administrativni zadachi. V nego se postaviat scriptove
za izpylnenie v globalen mashtab za mashinite v domaina. Vizh Google
samba scripting za detaili (niama i tova da opisvam). Mozhe da se 
praviat backupi, antivurusni update-i i t.n...

Opisanieto na netlogon zapochva v [global]:

[global]

   ...
   logon script = netlogon.bat
   ...

i zavyrshva v sekciata [netlogon]

[netlogon] 
   comment = Network Logon Service 
   path = /home/netlogon 
   read only = yes 
   browseable = no 
   write list = vlk

Tuk naprimer e kazano, che potrebiteliat vlk mozhe da postavia
scriptove. Traibva da se vnimava koi ima pravo da pishe vyrhu tazi
directoria. Vseki postaven tuk izpylnim file, sled login ot strana na
user se izteglia i izpylniava na localnata za usera mashina. Ima ciala
pleiada virusi (Klez e syshto takyv), koito se prikachat kym Netlogon,
ne samo pod Windows PDC, no i pri Samba PDC.

Malko za UNIX-side syzdavaneto na directorii za rerursite na Samba.

Za Profiles:

[EMAIL PROTECTED] vlk]# mkdir /home/samba /home/samba/profiles 
[EMAIL PROTECTED] vlk]# chmod 1757 /home/samba/profiles

Za Netlogon

   [EMAIL PROTECTED] vlk]# mkdir -m 0775 /home/netlogon 
   [EMAIL PROTECTED] vlk]# chown root.admins /home/netlogon

3. HOMES

  S definiciata homes se zadava pravo na VSEKI potrebitel
da vizhda asociiranata mu v /etc/passwd directoria. Samba ne
mozhe (pone na tozi etap) da raboti dobre s virtualni useri i za
celta mapva unix potrebitel (ili celi unix grupi, kakto e v Samba 3)
kym Windows potrebiteli (ili NT style grupa).

  [homes] 
 comment = Home Directories 
 browseable = no 
 writeable = yes

Taka vseki potrebitel shte mozhe da vizhda svoiata unix directoria
pri uspechna authentikacia ot strana na Samba. Pri tova shte 
vizhda samo svoiata domashna directoria, no ne i chuzhdite, kakto
glasi reda browseable = no. Ako se napravi browseable = yes, togava
shte se vizhdat vsichki domashni directorii.


  I t.n... i t.n... Mislete kato pishete! Mislete i kakvo pravite. Shtoto s
tozi mode 777 na netlogon share sistemata mozhe da se nareche HackerCity.


Vesselin Kolev

On Tuesday 11 Mar 2003 09:46, Krasimir Dimitrov wrote:
 interesnoto e 4e ne dava syob6tenie za gre6ka
 toes vsi4ko po logvaneto e OK
 no sled kato se logne potrebitelia
 go izhvyrlia.
 ima samo 2 sharing-a i te sa netlogin  i profile
 v momenta te sa sobstvenost na
 user: nobody
 group: nogroup
 s prava 777
 po niski privilegii prosto ne znam kak da zadam
 niakoi da ima idea ???
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+baHQ+48lZPXaa+MRAmc3AKC/KXb1WczJAqeH8T0iitQ5c/J/ngCg0jC3
zAIfr4G0UkU1LfV0R69GXow=
=OR+h
-END PGP SIGNATURE-


A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html

Re: lug-bg: SAMBA as Primary Domain Controler ????

2003-03-10 Thread Krasimir Dimitrov

interesnoto e 4e ne dava syob6tenie za gre6ka
toes vsi4ko po logvaneto e OK
no sled kato se logne potrebitelia
go izhvyrlia.
ima samo 2 sharing-a i te sa netlogin  i profile
v momenta te sa sobstvenost na
user: nobody
group: nogroup
s prava 777
po niski privilegii prosto ne znam kak da zadam
niakoi da ima idea ???
-- 


krasimir


On Fri, 7 Mar 2003, Vesselin Kolev wrote:

 [ The following text is in the iso-8859-1 character set. ]
 [ Your display is set for the CP1251 character set.  ]
 [ Some characters may be displayed incorrectly. ]

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 Tc:)) taka, kakto si go namislil... ne stava..

 Pyrvo: Ako neshto prez samba se sherva za potrebitel, to e nuzhno
 da se ukazhe za koi. Tova go iziskva strogiat sintaksis na smb.conf.
 Pravi kolkoto se mozhe po-malko neshta po podrazbirane. Ukazvai
 vsichko podrobno. Eto ti edin primer na shering

 [vlk]
 comment = Vesselin Kolev - File Storage
 path = /home/vlk
 valid users = vlk
 guest ok = no
 public = no
 writeable = yes
 printable = no
 create mode = 0600
 directory mode = 0700

 Pyrvo zabelezhi ukazvaneto na user, koito mozhe da dostypva
 shernatata directoria. Tam mozhe da stoiat i poveche ot edin
 user, razdeleni s interval. Mozhe po podoben nachin da napravish
 share dostypen za celi grupi ot potrebiteli, kato ukazvash koi imat
 pravo da chetat, koi da pishat i koi izonshto mogat da vlizat v
 tozi share.

 Sled tova e nuzhno da se opraviat pravata na failovete i directoriite
 v unix. T.e. koi mozhe da chete i koi da pishe v edna directoria i t.n.
 V sluchaia vinagi imai predvid, che Samba samo mapva potrebiteli
 ili grupi ot UNIX, sledovatelno tam, kydeto te shte pishat i chetat
 shte ima syobraziavane s definiciite za distyp na failovata systema.

Pozdravi
  Vesselin Kolev

 On Friday 07 Mar 2003 15:22, Krasimir Dimitrov wrote:
  ami imam edna ma6ina s samba
  koiato triabva da e Primary Domain Controler
  klientite polu4avat syob6tenie:
  The share name was not found.
  Be sure typed it correctly
  prilagam faila smb.conf
 
  klientite sa pod Win 9x
  v logovete niama ni6to 
 
 
  krasimir
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.2.1 (GNU/Linux)

 iD8DBQE+aLd4+48lZPXaa+MRAmj+AKDLRgeEy5EBjat4IsOYFYIurjszrgCfdQ4l
 r5LOta6Klrbc8hQzXROb+3M=
 =YHV3
 -END PGP SIGNATURE-

 
 A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
 http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
 To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
 



A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html

Re: lug-bg: SAMBA as Primary Domain Controler ????

2003-03-07 Thread Vesselin Kolev

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Tc:)) taka, kakto si go namislil... ne stava..

Pyrvo: Ako neshto prez samba se sherva za potrebitel, to e nuzhno
da se ukazhe za koi. Tova go iziskva strogiat sintaksis na smb.conf.
Pravi kolkoto se mozhe po-malko neshta po podrazbirane. Ukazvai
vsichko podrobno. Eto ti edin primer na shering

[vlk]
comment = Vesselin Kolev - File Storage
path = /home/vlk
valid users = vlk
guest ok = no
public = no
writeable = yes
printable = no
create mode = 0600
directory mode = 0700

Pyrvo zabelezhi ukazvaneto na user, koito mozhe da dostypva
shernatata directoria. Tam mozhe da stoiat i poveche ot edin 
user, razdeleni s interval. Mozhe po podoben nachin da napravish
share dostypen za celi grupi ot potrebiteli, kato ukazvash koi imat
pravo da chetat, koi da pishat i koi izonshto mogat da vlizat v
tozi share.

Sled tova e nuzhno da se opraviat pravata na failovete i directoriite
v unix. T.e. koi mozhe da chete i koi da pishe v edna directoria i t.n.
V sluchaia vinagi imai predvid, che Samba samo mapva potrebiteli
ili grupi ot UNIX, sledovatelno tam, kydeto te shte pishat i chetat 
shte ima syobraziavane s definiciite za distyp na failovata systema.

   Pozdravi
 Vesselin Kolev

On Friday 07 Mar 2003 15:22, Krasimir Dimitrov wrote:
 ami imam edna ma6ina s samba
 koiato triabva da e Primary Domain Controler
 klientite polu4avat syob6tenie:
 The share name was not found.
 Be sure typed it correctly
 prilagam faila smb.conf

 klientite sa pod Win 9x
 v logovete niama ni6to 


 krasimir
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+aLd4+48lZPXaa+MRAmj+AKDLRgeEy5EBjat4IsOYFYIurjszrgCfdQ4l
r5LOta6Klrbc8hQzXROb+3M=
=YHV3
-END PGP SIGNATURE-


A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html

Re: lug-bg: SAMBA as Primary Domain Controler ????

Re: lug-bg: SAMBA as Primary Domain Controler ????

Re: lug-bg: SAMBA as Primary Domain Controler ????

3 matches

Site Navigation

Mail list logo

Footer information