charon:~# virt-install --virt-type kvm --name herakles --location /home/sfroehli/debian-buster-DI-alpha5-amd64-netinst.iso --os-variant debian9 --memory 512 --disk size=4 & sokrates:~$ virt-viewer --connect qemu+ssh://root@charon.synth.intern/system herakles & Debian-Installation durchführen Hostname: herakles Domain: synthesis.synth.intern ftp-host: ftp.at.debian.org herakles:~# apt-get install samba winbind smbclient libnss-winbind libpam-winbind sudo herakles:~# apt-get install krb5-user acl attr ntp dnsutils herakles:~# apt-get install tcpdump lsof strace ltrace vim herakles:~# vi /etc/network/interfaces iface enp1s0 inet static address 192.168.1.13 netmask 255.255.255.0 gateway 192.168.1.1 herakles:~# update-alternatives --all herakles:~# vigr adm+sudo hinzufügen herakles:~# reboot herakles:~# vi /etc/hosts 192.168.1.13 herakles.synthesis.synth.intern herakles herakles:~# vi /etc/resolv.conf nameserver 192.168.1.11 search synthesis.synth.intern herakles:~# vi /etc/samba/smb.conf ---------------------------------------------- [global] server string = Herakles workgroup = SYNTHESIS security = ads realm = synthesis.synth.intern preferred master = no domain master = no local master = no # extended ACL support vfs objects = acl_xattr map acl inherit = yes store dos attributes = yes username map = /etc/samba/user.map # debugging debuglevel = 1 log file = /var/log/samba/log.%m max log size = 1000 logging = file idmap config *:backend = tdb idmap config *:range = 1000-9999 idmap config SYNTHESIS:backend = ad idmap config SYNTHESIS:schema_mode = rfc2307 idmap config SYNTHESIS:range = 10000-9999999 idmap config SYNTHESIS:unix_nss_info = yes winbind enum groups = yes winbind enum users = yes winbind use default domain = yes winbind refresh tickets = yes [users] comment = Home Directories path = /home browseable = yes read only = no [profiles] comment = User profiles path = /home/profiles browseable = yes read only = no ----------------------------------------------- herakles:~# vi /etc/nsswitch.conf passwd: files winbind group: files winbind herakles:~# vi /etc/samba/user.map !root = SYNTHESIS\Administrator SYNTHESIS\administrator herakles:~# net ads join -U administrator herakles:~# systemctl restart winbind.service herakles:~# mkdir /home/profiles herakles:~# chgrp -R "Unix Admins" /home/profiles/ herakles:~# chmod 1750 /home/profiles herakles:~# mkdir /home/test herakles:~# chown -R test."Domain Users" /home/test/ herakles:~# net rpc rights grant -U "SYNTHESIS\Administrator" "SYNTHESIS\Unix Admins" SeDiskOperatorPrivilege herakles:~# smbclient -L //controller/ herakles:~# smbclient //controller/netlogon -Utest -c 'ls' herakles:~# wbinfo --ping-dc herakles:~# getent passwd "SYNTHESIS\\Test" herakles:~# su - test test@herakles:~$ exit herakles:~# host www.orf.at