我们有一个运行LDAP的Fedora Directory Server,其中有几百个用户。 我们需要一种方法,可以根据项目创buildsamba共享,并限制跨多个Linux服务器访问这些共享。
在这里,我们有15-20台服务器,每台运行不同版本的CentOS。 想法是根据读/写访问仅限于该组或特定组的用户子集的组创build文件夹。
我们如何validation用户身份并在同一子网中的另一台服务器上创buildSamba共享。 用户使用Windows Professional,他们应该访问特定的samba共享来为特定服务器备份文件。
我需要创build一个表单,pipe理员可以通过select服务器创build一个文件夹,并相应地分配用户。 想法欢迎如何去做这件事。
应该没有问题。 我在生产环境中使用以下configuration
[global] workgroup = SYSADM server string = File server netbios name = FS1 security = domain load printers = no show add printer wizard = no printcap name = /dev/null disable spoolss = yes encrypt passwords = yes winbind enum groups = yes winbind enum users = yes idmap backend = ldap:"ldap://pdc.example.net/" ldap idmap suffix = ou=idmap idmap uid = 1000-500000 idmap gid = 1000-500000 idmap config SYSADM : backend = nss idmap config SYSADM : range = 1000-500000 ldapsam:trusted = yes ldapsam:editposix = yes ldap suffix = dc=example,dc=net ldap user suffix = ou=users ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap admin dn = "uid=ldap_reader,ou=users,dc=example,dc=net" enable privileges = yes os level = 3 local master = no domain master = no preferred master = no domain logons = no client ntlmv2 auth = yes client plaintext auth = no lanman auth = no lm announce = no display charset = utf8 unix charset = utf8 dos charset = cp866 log level = 3 host msdfs = no [Department1] comment = Department1 path = /samba/department1/ public=yes guest ok = no write list = user1, @"SYSADM\department1" valid users = @"SYSADM\department1" browseable = yes force create mode = 0770 create mode = 0770 force directory mode = 0770 directory mode = 0770 vfs objects = full_audit full_audit:prefix = [Department1]:%u|%I full_audit:success = write rmdir rename mkdir unlink open read pread write pwrite full_audit:failure = none full_audit:facility = LOCAL1 full_audit:priority = ALERT