|
|
Riga 310: |
Riga 310: |
| # chown -R root:bind /var/lib/samba/private/ | | # chown -R root:bind /var/lib/samba/private/ |
| # chmod -R 774 /var/lib/samba/private/ | | # chmod -R 774 /var/lib/samba/private/ |
| </pre>
| |
| Occorre poi modificare la zona che definisce la nostra rete interna. Se abbiamo seguito la guida indicata in prececenza, il file della nostra zona locale sarà:
| |
| <pre>
| |
| # nano /etc/bind/db.dominio
| |
| </pre>
| |
| al quale va aggiunta tutta la sezione dedicata a Samba4/Active Directory:
| |
| <pre>
| |
| ; Record per Samba4
| |
| gc._msdcs IN CNAME server01
| |
|
| |
| ; global catalog servers
| |
| _gc._tcp IN SRV 0 100 3268 server01
| |
| _gc._tcp.Default-First-Site-Name._sites IN SRV 0 100 3268 server01
| |
| _ldap._tcp.gc._msdcs IN SRV 0 100 389 server01
| |
| _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs IN SRV 0 100 389 server01
| |
|
| |
| ; ldap servers
| |
| ldap._tcp IN SRV 0 100 389 server01
| |
| _ldap._tcp.dc._msdcs IN SRV 0 100 389 server01
| |
| _ldap._tcp.pdc._msdcs IN SRV 0 100 389 server01
| |
| _ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 server01
| |
| _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 server01
| |
|
| |
| ; krb5 servers
| |
| _kerberos._tcp IN SRV 0 100 88 server01
| |
| _kerberos._tcp.dc._msdcs IN SRV 0 100 88 server01
| |
| _kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 server01
| |
| _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 server01
| |
| _kerberos._udp IN SRV 0 100 88 server01
| |
| ; MIT kpasswd likes to lookup this name on password change
| |
| _kerberos-master._tcp IN SRV 0 100 88 server01
| |
| kerberos-master._udp IN SRV 0 100 88 server01
| |
|
| |
| ; kpasswd
| |
| _kpasswd._tcp IN SRV 0 100 464 server01
| |
| _kpasswd._udp IN SRV 0 100 464 server01
| |
|
| |
| ; heimdal 'find realm for host' hack
| |
| _kerberos IN TXT DOMINIO.LOCAL
| |
|
| |
| samba IN A 10.0.0.10
| |
| </pre> | | </pre> |
| Di default, Bind registra i suoi log tramite Syslog, e quindi nel file <code>/var/log/syslog</code>. Potrebbe però essere conveniente spostare i log del nostro DNS in un file separato. | | Di default, Bind registra i suoi log tramite Syslog, e quindi nel file <code>/var/log/syslog</code>. Potrebbe però essere conveniente spostare i log del nostro DNS in un file separato. |