Журнал лабораторных работ

16:29:06

#smbclient \\\\192.168.16.3\\testsambauser -Utestsambauser

# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1
Password:
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
smb: \> ls
  .                                   D        0  Fri Dec 14 16:07:51 2007
  ..                                  D        0  Fri Dec 14 15:36:35 2007
  .bash_history                       H      214  Fri Dec 14 16:07:51 2007
                64253 blocks of size 16384. 61264 blocks available
smb: \> exit

16:29:29

#uptime

# Notes: to use to dual ldap servers backend for Samba, you must patch
# Samba with the dual-head patch from IDEALX. If not using this patch
# just use the same server for slaveLDAP and masterLDAP.
# Those two servers declarations can also be used when you have
# . one master LDAP server where all writing operations must be done
# . one slave LDAP server where all reading operations must be done
#   (typically a replication directory)
# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1
 16:30:25 up  7:10,  9 users,  load average: 2.41, 1.81, 1.64
ux3:~You have new mail in /var/spool/mail/root

/dev/pts/6

16:29:44

#less /etc/openldap/slapd.conf

/dev/pts/8

16:30:25

#mail

Mail version 8.1 6/6/93.  Type ? for help.
"/var/spool/mail/root": 2 messages 1 new 2 unread
 U  1 root@linux3.net.nt    Thu Dec 13 21:17  42/1601  "LogWatch for linux3.net.nt"
>N  2 user@linux3.net.nt    Fri Dec 14 16:28  16/742   "*** SECURITY information for linux3.net.nt"
&
Message 2:
From root@linux3.net.nt  Fri Dec 14 16:28:41 2007
Date: Fri, 14 Dec 2007 16:28:41 +0200
To: root@linux3.net.nt
From: user@linux3.net.nt
...
At EOF
&
At EOF
&
At EOF
&
At EOF
& q
Saved 1 message in mbox
Held 1 message in /var/spool/mail/root

16:30:39

#smbclient \\\\192.168.16.3\\testsambauser -Utestsambauser

# Notes: to use to dual ldap servers backend for Samba, you must patch
# Samba with the dual-head patch from IDEALX. If not using this patch
# just use the same server for slaveLDAP and masterLDAP.
# Those two servers declarations can also be used when you have
# . one master LDAP server where all writing operations must be done
# . one slave LDAP server where all reading operations must be done
#   (typically a replication directory)
# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1
Password:
session setup failed: NT_STATUS_LOGON_FAILURE

16:31:05

#less /etc/pam.d/s

16:31:05

#less /etc/pam.d/s

16:31:05

#less /etc/pam.d/system-auth

16:32:47

#less /etc/pam.d/serviceconf

16:33:07

#less /etc/pam.d/

16:33:07

#less /etc/pam.d/login

16:34:10

#less /etc/pam.d/samba

16:34:43

#less /etc/pam.d/login

16:35:02

#rpm -ql samba | less

16:36:29

#find /usr -name pamd.sshd

##############################################################################
# Notes: to use to dual ldap servers backend for Samba, you must patch
# Samba with the dual-head patch from IDEALX. If not using this patch
# just use the same server for slaveLDAP and masterLDAP.
# Those two servers declarations can also be used when you have
# . one master LDAP server where all writing operations must be done
# . one slave LDAP server where all reading operations must be done
#   (typically a replication directory)
# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1

16:37:12

#/etc/init.d/smb restart

Останавливаются службы SMB:           [  ОК  ]
Останавливаются службы NMB:           [  ОК  ]
Запускаются службы SMB:                   [  ОК  ]
Запускаются службы NMB:                   [  ОК  ]

16:37:30

#ln -s /etc/init.d/smb /etc/init.d/samba

##############################################################################
# Notes: to use to dual ldap servers backend for Samba, you must patch
# Samba with the dual-head patch from IDEALX. If not using this patch
# just use the same server for slaveLDAP and masterLDAP.
# Those two servers declarations can also be used when you have
# . one master LDAP server where all writing operations must be done
# . one slave LDAP server where all reading operations must be done
#   (typically a replication directory)
# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1

16:37:51

#/etc/init.d/samba restart

Останавливаются службы SMB:           [  ОК  ]
Останавливаются службы NMB:           [  ОК  ]
Запускаются службы SMB:                   [  ОК  ]
Запускаются службы NMB:                   [  ОК  ]

16:37:56

#ls /etc/pam.d/

apol              kde            seaudit                       system-config-network-druid
atd               kde-np         serviceconf                   system-config-packages
authconfig        kppp           setup                         system-config-pptp
authconfig-gtk    kuser          seuserx                       system-config-printer
chfn              login          smtp                          system-config-printer-gui
chsh              neat           smtp.sendmail                 system-config-printer-tui
cpufreq-selector  newrole        sshd                          system-config-rootpassword
crond             other          sshd_orig                     system-config-securitylevel
cups              passwd         su                            system-config-services
dateconfig        poweroff       sudo                          system-config-soundcard
ethereal          ppp            system-auth                   system-config-time
gdm               printconf      system-cdinstall-helper       system-config-users
gdm-autologin     printconf-gui  system-config-authentication  system-install-packages
gdmsetup          printconf-tui  system-config-date            vlock
gnome-system-log  printtool      system-config-display         xdm
halt              reboot         system-config-keyboard        xscreensaver
hibernate         remote         system-config-language        xserver
hwbrowser         run_init       system-config-mouse           yumex
internet-druid    samba          system-config-network
kbdrate           screen         system-config-network-cmd

16:38:08

#find /usr -name ssh | grep pam

# Notes: to use to dual ldap servers backend for Samba, you must patch
# Samba with the dual-head patch from IDEALX. If not using this patch
# just use the same server for slaveLDAP and masterLDAP.
# Those two servers declarations can also be used when you have
# . one master LDAP server where all writing operations must be done
# . one slave LDAP server where all reading operations must be done
#   (typically a replication directory)
# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1
/usr/share/doc/nss_ldap-234/pam.d/ssh

16:38:27

#ls /usr/share/doc/nss_ldap-234/

# just use the same server for slaveLDAP and masterLDAP.
# Those two servers declarations can also be used when you have
# . one master LDAP server where all writing operations must be done
# . one slave LDAP server where all reading operations must be done
#   (typically a replication directory)
# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1
ANNOUNCE.nss_ldap   ChangeLog.pam_ldap    ldapns.schema  pam.d
AUTHORS.nss_ldap    COPYING.LIB.pam_ldap  NEWS.nss_ldap  README.nss_ldap
AUTHORS.pam_ldap    COPYING.nss_ldap      NEWS.pam_ldap  README.pam_ldap
ChangeLog.nss_ldap  COPYING.pam_ldap      nsswitch.ldap  README.TLS

/dev/pts/4

16:38:28

#smbclient -U testsambauser -L //192.168.16.3

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

16:38:43

#smbclient -U testsambauser -L //192.168.16.3

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

/dev/pts/8

16:39:09

#ls /usr/share/doc/nss_ldap-234/pam.d/

# Those two servers declarations can also be used when you have
# . one master LDAP server where all writing operations must be done
# . one slave LDAP server where all reading operations must be done
#   (typically a replication directory)
# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1
chfn            imap            mcserv          ppp             samba           xdm
chsh            kde             other           reboot          shutdown        xlock
ftp             linuxconf       passwd          rexec           ssh             xscreensaver
gdm             linuxconf-pair  pop             rlogin          su              xserver
halt            login           poweroff        rsh             vlock

16:39:09

#ls /usr/share/doc/nss_ldap-234/pam.d/samba

/usr/share/doc/nss_ldap-234/pam.d/samba

16:39:39

#less /usr/share/doc/nss_ldap-234/pam.d/samba

/dev/pts/20

16:39:54

#screen -x

/dev/pts/8

16:39:57

#ls /etc/pam.d/login

# SMBLDAP-TOOLS Configuration (default are ok for a RedHat)
#
##############################################################################
# Allows not to use smbpasswd (if with_smbpasswd == 0 in smbldap_conf.pm) but
# prefer Crypt::SmbHash library
with_smbpasswd="0"
smbpasswd="/usr/bin/smbpasswd"
# Allows not to use slappasswd (if with_slappasswd == 0 in smbldap_conf.pm)
# but prefer Crypt:: libraries
with_slappasswd="0"
...
-- ВСТАВКА --                                                               228,1         99%
Password:
Server not using user level security and no password supplied.
tree connect failed: Call returned zero bytes (EOF)
[root@linux3:~]# smbclient //192.168.16.3/testsambauser -Utestsambauser
Password:
Server not using user level security and no password supplied.
tree connect failed: Call returned zero bytes (EOF)
[root@linux3:~]#
-----------------------------------------------------------------------------------------------------

16:40:18

#vim /etc/pam.d/login

16:40:31

#less /usr/share/doc/nss_ldap-234/pam.d/

16:40:46

#less /usr/share/doc/nss_ldap-234/pam.d/login

16:40:58

#cp /etc/pam.d/login /etc/pam.d/login_orig

16:41:18

#cp /usr/share/doc/nss_ldap-234/pam.d/login /etc/pam.d/login

# SMBLDAP-TOOLS Configuration (default are ok for a RedHat)
#
##############################################################################
# Allows not to use smbpasswd (if with_smbpasswd == 0 in smbldap_conf.pm) but
# prefer Crypt::SmbHash library
with_smbpasswd="0"
smbpasswd="/usr/bin/smbpasswd"
# Allows not to use slappasswd (if with_slappasswd == 0 in smbldap_conf.pm)
# but prefer Crypt:: libraries
with_slappasswd="0"
...
-- ВСТАВКА --                                                               228,1         99%
Password:
Server not using user level security and no password supplied.
tree connect failed: Call returned zero bytes (EOF)
[root@linux3:~]# smbclient //192.168.16.3/testsambauser -Utestsambauser
Password:
Server not using user level security and no password supplied.
tree connect failed: Call returned zero bytes (EOF)
[root@linux3:~]#
-----------------------------------------------------------------------------------------------------

16:41:25

#ssh 127.0.0.1 -l testsambauser

# prefer Crypt::SmbHash library
with_smbpasswd="0"
smbpasswd="/usr/bin/smbpasswd"
# Allows not to use slappasswd (if with_slappasswd == 0 in smbldap_conf.pm)
# but prefer Crypt:: libraries
with_slappasswd="0"
slappasswd="/usr/sbin/slappasswd"
# comment out the following line to get rid of the default banner
# no_banner="1"
testsambauser@127.0.0.1's password:
...
-- ВСТАВКА --                                                               228,1         99%
Password:
Server not using user level security and no password supplied.
tree connect failed: Call returned zero bytes (EOF)
[root@linux3:~]# smbclient //192.168.16.3/testsambauser -Utestsambauser
Password:
Server not using user level security and no password supplied.
tree connect failed: Call returned zero bytes (EOF)
[root@linux3:~]#
-----------------------------------------------------------------------------------------------------

16:41:52

#ssh 127.0.0.1 -l testuser

testuser@127.0.0.1's password:
Last login: Fri Dec 14 16:12:45 2007 from localhost.localdomain
-bash-3.00$ exit
logout
Connection to 127.0.0.1 closed.

16:42:06

#less /etc/pam.d/system-auth

16:42:23

#smbclient \\\\192.168.16.3\\testsambauser -Utestsambauser

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

16:42:32

#smbclient \\\\192.168.16.3\\testsambauser -Utestsambauser

#
##############################################################################
# Allows not to use smbpasswd (if with_smbpasswd == 0 in smbldap_conf.pm) but
# prefer Crypt::SmbHash library
with_smbpasswd="0"
smbpasswd="/usr/bin/smbpasswd"
# Allows not to use slappasswd (if with_slappasswd == 0 in smbldap_conf.pm)
# but prefer Crypt:: libraries
with_slappasswd="0"
slappasswd="/usr/sbin/slappasswd"
...
-- ВСТАВКА --                                                               228,1         99%
Password:
Server not using user level security and no password supplied.
tree connect failed: Call returned zero bytes (EOF)
[root@linux3:~]# smbclient //192.168.16.3/testsambauser -Utestsambauser
Password:
Server not using user level security and no password supplied.
tree connect failed: Call returned zero bytes (EOF)
[root@linux3:~]#
-----------------------------------------------------------------------------------------------------

16:42:38

#smbclient \\\\192.168.16.3\\testsambauser -Utestsambauser

Password:
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
smb: \> ls
  .                                   D        0  Fri Dec 14 16:07:51 2007
  ..                                  D        0  Fri Dec 14 15:36:35 2007
  .bash_history                       H      214  Fri Dec 14 16:07:51 2007
                64253 blocks of size 16384. 61253 blocks available
smb: \> exit

16:42:48

#testparm -sv | grep security

Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[printers]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
        security = USER
        paranoid server security = Yes
        security mask = 0777
        force security mode = 00
        directory security mask = 0777
        force directory security mode = 00

16:42:59

#testparm -sv | grep smb

# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[printers]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
        smb passwd file = /etc/samba/smbpasswd
        log file = /var/log/samba/log.smbd
        smb ports = 445 139
        max smbd processes = 0

16:43:05

#vim /etc/samba/smb.conf

74c74,75
< #  smb passwd file = /etc/samba/smbpasswd
---
>   smb passwd file = 
> #/etc/samba/smbpasswd

16:43:37

#less /usr/share/doc/nss_ldap-234/pam.d/login

16:43:41

#/etc/init.d/samba restart

Останавливаются службы SMB:           [  ОК  ]
Останавливаются службы NMB:           [  ОК  ]
Запускаются службы SMB:                   [  ОК  ]
Запускаются службы NMB:                   [  ОК  ]

16:43:46

#smbclient \\\\192.168.16.3\\testsambauser -Utestsambauser

Error connecting to 192.168.16.3 (В соединении отказано)
Connection to 192.168.16.3 failed

16:43:50

#vim /etc/samba/smb.conf

73,75c73,74
<   encrypt passwords = yes
<   smb passwd file = 
< #/etc/samba/smbpasswd
---
> ############  encrypt passwords = yes
>   smb passwd file = /etc/samba/smbpasswd
79c78
< obey pam restrictions = yes
---
> ##############obey pam restrictions = yes
252,256c251,255
< ;[tmp]
< ;   comment = Temporary file space
< ;   path = /tmp
< ;   read only = no
< ;   public = yes
---
> [tmp]
>    comment = Temporary file space
>    path = /tmp
>    read only = no
>    public = yes

16:45:34

#/etc/init.d/samba restart

Останавливаются службы SMB:           [  ОК  ]
Останавливаются службы NMB:           [  ОК  ]
Запускаются службы SMB:                   [  ОК  ]
Запускаются службы NMB:                   [  ОК  ]

16:45:36

#smbclient \\\\192.168.16.3\\testsambauser -Utestsambauser

Error connecting to 192.168.16.3 (В соединении отказано)
Connection to 192.168.16.3 failed

16:45:40

#vim /etc/samba/smb.conf

16:45:49

#vim /etc/samba/smb.conf

74c74,75
<   smb passwd file = /etc/samba/smbpasswd
---
>   smb passwd file =
>  #/etc/samba/smbpasswd

16:46:14

#/etc/init.d/samba restart

Останавливаются службы SMB:           [  ОК  ]
Останавливаются службы NMB:           [  ОК  ]
Запускаются службы SMB:                   [  ОК  ]
Запускаются службы NMB:                   [  ОК  ]

16:46:19

#tail -f /var/log/samba/log.smbd

[2007/12/14 16:47:10, 5] libsmb/nmblib.c:read_packet(755)
  Received a packet of len 50 from (192.168.16.21) port 137
[2007/12/14 16:47:10, 4] libsmb/nmblib.c:debug_nmb_packet(112)
  nmb packet from 192.168.16.21(137) header: id=24617 opcode=Query(0) response=No
      header: flags: bcast=Yes rec_avail=No rec_des=Yes trunc=No auth=No
      header: rcode=0 qdcount=1 ancount=0 nscount=0 arcount=0
      question: q_name=CLINIKA0<1d> q_type=32 q_class=1
[2007/12/14 16:47:10, 3] nmbd/nmbd_incomingrequests.c:process_name_query_request(454)
  process_name_query_request: Name query from 192.168.16.21 on subnet 192.168.16.3 for name CLINIKA0<1d>
[2007/12/14 16:47:10, 4] nmbd/nmbd_workgroupdb.c:find_workgroup_on_subnet(171)
...
-- ВСТАВКА --                                                               228,1         99%
Password:
Server not using user level security and no password supplied.
tree connect failed: Call returned zero bytes (EOF)
[root@linux3:~]# smbclient //192.168.16.3/testsambauser -Utestsambauser
Password:
Server not using user level security and no password supplied.
tree connect failed: Call returned zero bytes (EOF)
[root@linux3:~]#
-----------------------------------------------------------------------------------------------------

16:47:19

#smbclient \\\\192.168.16.3\\testsambauser -Utestsambauser

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

16:47:25

#smbclient \\\\192.168.16.3\\testsambauser -Utestsambauser

# Allows not to use slappasswd (if with_slappasswd == 0 in smbldap_conf.pm)
# but prefer Crypt:: libraries
with_slappasswd="0"
slappasswd="/usr/sbin/slappasswd"
# comment out the following line to get rid of the default banner
# no_banner="1"
Password:
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
smb: \> ls
  .                                   D        0  Fri Dec 14 16:07:51 2007
...
-- ВСТАВКА --                                                               228,1         99%
Password:
Server not using user level security and no password supplied.
tree connect failed: Call returned zero bytes (EOF)
[root@linux3:~]# smbclient //192.168.16.3/testsambauser -Utestsambauser
Password:
Server not using user level security and no password supplied.
tree connect failed: Call returned zero bytes (EOF)
[root@linux3:~]#
-----------------------------------------------------------------------------------------------------

16:48:00

#smbpasswd -x testsmbuser

# Notes: to use to dual ldap servers backend for Samba, you must patch
# Samba with the dual-head patch from IDEALX. If not using this patch
# just use the same server for slaveLDAP and masterLDAP.
# Those two servers declarations can also be used when you have
# . one master LDAP server where all writing operations must be done
# . one slave LDAP server where all reading operations must be done
#   (typically a replication directory)
# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1
Failed to modify password entry for user testsmbuser

/dev/pts/6

16:48:09

#vim /etc/openldap/slapd.conf

/dev/pts/8

16:48:34

#smbpasswd -x testsambauser

Deleted user testsambauser.

16:48:41

#smbclient \\\\192.168.16.3\\testsambauser -Utestsambauser

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

16:48:49

#smbpasswd -a testsambauser

# Samba with the dual-head patch from IDEALX. If not using this patch
# just use the same server for slaveLDAP and masterLDAP.
# Those two servers declarations can also be used when you have
# . one master LDAP server where all writing operations must be done
# . one slave LDAP server where all reading operations must be done
#   (typically a replication directory)
# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1
New SMB password:
Retype new SMB password:
Added user testsambauser.

16:49:00

#smbclient \\\\192.168.16.3\\testsambauser -Utestsambauser

Password:
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
smb: \> ls
  .                                   D        0  Fri Dec 14 16:07:51 2007
  ..                                  D        0  Fri Dec 14 15:36:35 2007
  .bash_history                       H      214  Fri Dec 14 16:07:51 2007
                64253 blocks of size 16384. 61231 blocks available
smb: \> exit

16:49:08

#ldappasswd -x -D "cn=admin,dc=mydc,dc=local" -w rootpass -s rootpass uid=testsambau

16:49:08

#ldappasswd -x -D "cn=admin,dc=mydc,dc=local" -w rootpass -s rootpass uid=testsamba

# Notes: to use to dual ldap servers backend for Samba, you must patch
# Samba with the dual-head patch from IDEALX. If not using this patch
# just use the same server for slaveLDAP and masterLDAP.
# Those two servers declarations can also be used when you have
# . one master LDAP server where all writing operations must be done
# . one slave LDAP server where all reading operations must be done
#   (typically a replication directory)
# Slave LDAP server
# Ex: slaveLDAP=127.0.0.1
ser,ou=Users,dc=mydc,dc=local
Result: Success (0)

16:49:25

#smbclient \\\\192.168.16.3\\testsambauser -Utestsambauser

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

16:49:33

#less /usr/share/doc/nss_ldap-234/pam.d/samba

16:50:09

#less /etc/pam

16:50:09

#less /etc/pam

16:50:09

#less /etc/pam_smb.conf

16:50:23

#vim /etc/pam_smb.conf

1c1
< WORKGROUP
---
> MYDCLOCAL

/dev/pts/6

16:50:29

#/etc/init.d/ldap restart

Останавливается slapd:                      [  ОК  ]
Checking configuration files for slapd:  /etc/openldap/slapd.conf: line 61: missing "=" in "to" in to clause
<access clause> ::= access to <what> [ by <who> <access> [ <control> ] ]+
<what> ::= * | [dn[.<dnstyle>]=<DN>] [filter=<filter>] [attrs=<attrlist>]
<attrlist> ::= <attr> [val[.<style>]=<value>] | <attr> , <attrlist>
<attr> ::= <attrname> | entry | children
<who> ::= [ * | anonymous | users | self | dn[.<dnstyle>]=<DN> ]
        [dnattr=<attrname>]
        [group[/<objectclass>[/<attrname>]][.<style>]=<group>]
        [peername[.<peernamestyle>]=<peer>] [sockname[.<style>]=<name>]
        [domain[.<domainstyle>]=<domain>] [sockurl[.<style>]=<url>]
        [ssf=<n>] [transport_ssf=<n>] [tls_ssf=<n>] [sasl_ssf=<n>]
<dnstyle> ::= base | exact | one(level) | sub(tree) | children | regex
<style> ::= regex | base | exact
<peernamestyle> ::= regex | exact | ip | path
<domainstyle> ::= regex | base | exact | sub(tree)
<access> ::= [self]{<level>|<priv>}
<level> ::= none | auth | compare | search | read | write
<priv> ::= {=|+|-}{w|r|s|c|x|0}+
<control> ::= [ stop | continue | break ]
                                                           [ СБОЙ ]

16:50:38

#vim /etc/openldap/slapd.conf

61,62c61,62
< access to attrs=sambaNTPassword to self write to * none
< access to attrs=sambaLMPassword to self qrite to * none
---
> access to attrs=sambaNTPassword by self write by * none
> access to attrs=sambaLMPassword by self write by * none

16:51:57

#/etc/init.d/ldap restart

Останавливается slapd:                      [ СБОЙ ]
Checking configuration files for slapd:  config file testing succeeded
                                                           [  ОК  ]
Запускается slapd:                              [  ОК  ]

16:52:00

#smbclient \\127.0.0.1 -Utestsambauser

[root@linux3:~]# /etc/init.d/smb restart
Останавливаются службы SMB:                                [  ОК  ]
Останавливаются службы NMB:                                [  ОК  ]
Запускаются службы SMB:                                    [  ОК  ]
Запускаются службы NMB:                                    [  ОК  ]
\127.0.0.1: Not enough '\' characters in service
Использование: [-?] [-?EgV] [-?EgV] [-?EgVNkP] [-?|--help] [--usage] [-R|--name-resolve NAME-RESOLVE-ORDER]
        [-M|--message HOST] [-I|--ip-address IP] [-E|--stderr] [-L|--list HOST]
        [-t|--terminal CODE] [-m|--max-protocol LEVEL] [-T|--tar <c|x>IXFqgbNan]
        [-D|--directory DIR] [-c|--command STRING] [-b|--send-buffer BYTES]
...
        [-V|--version] [-O|--socket-options SOCKETOPTIONS]
        [-n|--netbiosname NETBIOSNAME] [-W|--workgroup WORKGROUP]
        [-i|--scope SCOPE] [-U|--user USERNAME] [-N|--no-pass] [-k|--kerberos]
        [-A|--authentication-file FILE] [-S|--signing on|off|required]
        [-P|--machine-pass] service <password>
loginShell: /bin/bash
gecos: System User
userPassword: {SSHA}edPz7x+11qQhEok9MkZUfMPtL7pFZUs3
[root@linux3:~]# smbc
-----------------------------------------------------------------------------------------------------

/dev/pts/8

16:52:43

#smbclient \\\\192.168.16.3\\testsambauser -Utestsambauser

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

/dev/pts/6

16:52:43

#smbclient \\127.0.0.1\testsambauser -Utestsambauser

[root@linux3:~]# /etc/init.d/smb restart
Останавливаются службы SMB:                                [  ОК  ]
Останавливаются службы NMB:                                [  ОК  ]
Запускаются службы SMB:                                    [  ОК  ]
Запускаются службы NMB:                                    [  ОК  ]
\127.0.0.1testsambauser: Not enough '\' characters in service
Использование: [-?] [-?EgV] [-?EgV] [-?EgVNkP] [-?|--help] [--usage] [-R|--name-resolve NAME-RESOLVE-ORDER]
        [-M|--message HOST] [-I|--ip-address IP] [-E|--stderr] [-L|--list HOST]
        [-t|--terminal CODE] [-m|--max-protocol LEVEL] [-T|--tar <c|x>IXFqgbNan]
        [-D|--directory DIR] [-c|--command STRING] [-b|--send-buffer BYTES]
...
        [-V|--version] [-O|--socket-options SOCKETOPTIONS]
        [-n|--netbiosname NETBIOSNAME] [-W|--workgroup WORKGROUP]
        [-i|--scope SCOPE] [-U|--user USERNAME] [-N|--no-pass] [-k|--kerberos]
        [-A|--authentication-file FILE] [-S|--signing on|off|required]
        [-P|--machine-pass] service <password>
loginShell: /bin/bash
gecos: System User
userPassword: {SSHA}edPz7x+11qQhEok9MkZUfMPtL7pFZUs3
[root@linux3:~]# smbc
-----------------------------------------------------------------------------------------------------

/dev/pts/8

16:52:50

#/etc/init.d/samba restart

Останавливаются службы SMB:           [  ОК  ]
Останавливаются службы NMB:           [  ОК  ]
Запускаются службы SMB:                   [  ОК  ]
Запускаются службы NMB:                   [  ОК  ]

/dev/pts/6

16:53:06

#smbclient -L \\127.0.0.1\testsambauser -Utestsambauser

#        the encrypted SMB passwords. They allow the Unix password
#        to be kept in sync with the SMB password.
                         ldap://127.0.0.1
;  unix password sync = Yes
  passwd program = /usr/bin/passwd %u
  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*
tokens*updated*successfully*
# Unix users can map to different SMB User names
;  username map = /etc/samba/smbusers
# Using the following line enables you to customise your configuration
...
Останавливаются службы SMB:                                [  ОК  ]
Останавливаются службы NMB:                                [  ОК  ]
Запускаются службы SMB:                                    [  ОК  ]
Запускаются службы NMB:                                    [  ОК  ]
Connection to 127.0.0.1testsambauser failed
loginShell: /bin/bash
gecos: System User
userPassword: {SSHA}edPz7x+11qQhEok9MkZUfMPtL7pFZUs3
[root@linux3:~]# smbc
-----------------------------------------------------------------------------------------------------

16:53:29

#smbclient -L \\\\

#        to be kept in sync with the SMB password.
                         ldap://127.0.0.1
;  unix password sync = Yes
  passwd program = /usr/bin/passwd %u
  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*
tokens*updated*successfully*
# Unix users can map to different SMB User names
;  username map = /etc/samba/smbusers
# Using the following line enables you to customise your configuration
"/etc/samba/smb.conf" 326L, 11667C записано
...
Останавливаются службы NMB:                                [  ОК  ]
Запускаются службы SMB:                                    [  ОК  ]
Запускаются службы NMB:                                    [  ОК  ]
Password:
session setup failed: NT_STATUS_LOGON_FAILURE
loginShell: /bin/bash
gecos: System User
userPassword: {SSHA}edPz7x+11qQhEok9MkZUfMPtL7pFZUs3
[root@linux3:~]# smbc
-----------------------------------------------------------------------------------------------------

16:53:49

#smbclient -L \\\\127.0.0.1\\testsambauser -Utestsambauser

Password:
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
        Sharename       Type      Comment
        ---------       ----      -------
        tmp             Disk      Temporary file space
        IPC$            IPC       IPC Service (Samba Server)
        testsambauser   Disk      Home Directories
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
        Server               Comment
        ---------            -------
        LINUX3               Samba Server
        Workgroup            Master
        ---------            -------
        MYDCLOCAL            LINUX3

16:53:56

#smbclient -L \\\\127.0.0.1\\testsambauser -Utestsambauser

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

/dev/pts/4

16:54:04

#smbclient -U testsambauser -L //192.168.16.3

Password:
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
        Sharename       Type      Comment
        ---------       ----      -------
        tmp             Disk      Temporary file space
        IPC$            IPC       IPC Service (Samba Server)
        testsambauser   Disk      Home Directories
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
        Server               Comment
        ---------            -------
        LINUX3               Samba Server
        Workgroup            Master
        ---------            -------
        MYDCLOCAL            LINUX3

16:54:18

#smbclient -U testsambauser -L //192.168.16.3

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

16:54:28

#smbclient -U testsambauser -L //192.168.16.3

/dev/pts/6

16:54:48

#smbclient -L \\\\127.0.0.1\\testt -Utestt

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

16:55:08

#smbclient -L \\\\127.0.0.1\\root -Uroot

Password:
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
        Sharename       Type      Comment
        ---------       ----      -------
        tmp             Disk      Temporary file space
        IPC$            IPC       IPC Service (Samba Server)
        root            Disk      Home Directories
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
        Server               Comment
        ---------            -------
        LINUX3               Samba Server
        Workgroup            Master
        ---------            -------
        MYDCLOCAL            LINUX3

16:55:22

#smbclient -L \\\\127.0.0.1\\testuser -Utestuser

Password:
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
        Sharename       Type      Comment
        ---------       ----      -------
        tmp             Disk      Temporary file space
        IPC$            IPC       IPC Service (Samba Server)
        testuser        Disk      Home Directories
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
        Server               Comment
        ---------            -------
        LINUX3               Samba Server
        Workgroup            Master
        ---------            -------
        MYDCLOCAL            LINUX3

16:55:51

#smbclient -L \\\\127.0.0.1\\user -Uuser

#        to be kept in sync with the SMB password.
                         ldap://127.0.0.1
;  unix password sync = Yes
  passwd program = /usr/bin/passwd %u
  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*
tokens*updated*successfully*
# Unix users can map to different SMB User names
;  username map = /etc/samba/smbusers
# Using the following line enables you to customise your configuration
"/etc/samba/smb.conf" 326L, 11667C записано
...
Останавливаются службы NMB:                                [  ОК  ]
Запускаются службы SMB:                                    [  ОК  ]
Запускаются службы NMB:                                    [  ОК  ]
Password:
session setup failed: NT_STATUS_LOGON_FAILURE
loginShell: /bin/bash
gecos: System User
userPassword: {SSHA}edPz7x+11qQhEok9MkZUfMPtL7pFZUs3
[root@linux3:~]# smbc
-----------------------------------------------------------------------------------------------------

16:56:04

#smbclient -L \\\\127.0.0.1\\testt -Utestt

#        to be kept in sync with the SMB password.
                         ldap://127.0.0.1
;  unix password sync = Yes
  passwd program = /usr/bin/passwd %u
  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*
tokens*updated*successfully*
# Unix users can map to different SMB User names
;  username map = /etc/samba/smbusers
# Using the following line enables you to customise your configuration
"/etc/samba/smb.conf" 326L, 11667C записано
...
Останавливаются службы NMB:                                [  ОК  ]
Запускаются службы SMB:                                    [  ОК  ]
Запускаются службы NMB:                                    [  ОК  ]
Password:
session setup failed: NT_STATUS_LOGON_FAILURE
loginShell: /bin/bash
gecos: System User
userPassword: {SSHA}edPz7x+11qQhEok9MkZUfMPtL7pFZUs3
[root@linux3:~]# smbc
-----------------------------------------------------------------------------------------------------

/dev/pts/4

16:56:10

#vim /etc/pam

2c2
< 
---
> LINUX3

16:56:10

#vim /etc/pam_smb.conf

16:56:24

#/etc/init.d/samba restart

Останавливаются службы SMB:           [  ОК  ]
Останавливаются службы NMB:           [  ОК  ]
Запускаются службы SMB:                   [  ОК  ]
Запускаются службы NMB:                   [  ОК  ]

16:56:30

#tail -f /var/log/messages

Dec 14 16:56:29 linux3 nmbd[23157]: [2007/12/14 16:56:29, 0] nmbd/nmbd.c:terminate(58)
Dec 14 16:56:29 linux3 nmbd[23157]:   Got SIGTERM: going down...
Dec 14 16:56:30 linux3 nmbd[23317]: [2007/12/14 16:56:30, 0] nmbd/nmbd_logonnames.c:add_logon_names(163)
Dec 14 16:56:30 linux3 nmbd[23317]:   add_domain_logon_names:
Dec 14 16:56:30 linux3 nmbd[23317]:   Attempting to become logon server for workgroup MYDCLOCAL on subnet 192.168.16.3
Dec 14 16:56:30 linux3 nmbd[23317]: [2007/12/14 16:56:30, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(290)
Dec 14 16:56:30 linux3 nmbd[23317]:   become_domain_master_browser_bcast:
Dec 14 16:56:30 linux3 nmbd[23317]:   Attempting to become domain master browser on workgroup MYDCLOCAL on subnet 192.168.16.3
Dec 14 16:56:30 linux3 nmbd[23317]: [2007/12/14 16:56:30, 0] nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(303)
Dec 14 16:56:30 linux3 nmbd[23317]:   become_domain_master_browser_bcast: querying subnet 192.168.16.3 for domain master browser on workgroup MYDCLOCAL
Dec 14 16:56:34 linux3 nmbd[23317]: [2007/12/14 16:56:34, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(124)
Dec 14 16:56:34 linux3 nmbd[23317]:   become_logon_server_success: Samba is now a logon server for workgroup MYDCLOCAL on subnet 192.168.16.3

16:56:37

#smbclient -U testsambauser -L //192.168.16.3

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

16:56:52

#smbclient -U testsambauser -L //192.168.16.3

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

/dev/pts/8

16:57:01

#tail -f /var/log/samba/log.smbd

/dev/pts/6

16:57:09

#smbclient -L \\\\127.0.0.1\\testt -Utestt

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

16:57:39

#smbpasswd -a testt

                         ldap://127.0.0.1
;  unix password sync = Yes
  passwd program = /usr/bin/passwd %u
  passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*
tokens*updated*successfully*
# Unix users can map to different SMB User names
;  username map = /etc/samba/smbusers
# Using the following line enables you to customise your configuration
"/etc/samba/smb.conf" 326L, 11667C записано
[root@linux3:~]# /etc/init.d/smb restart
...
Запускаются службы SMB:                                    [  ОК  ]
Запускаются службы NMB:                                    [  ОК  ]
New SMB password:
Retype new SMB password:
Added user testt.
loginShell: /bin/bash
gecos: System User
userPassword: {SSHA}edPz7x+11qQhEok9MkZUfMPtL7pFZUs3
[root@linux3:~]# smbc
-----------------------------------------------------------------------------------------------------

/dev/pts/4

16:57:43

#less /var/log/

16:57:43

#less /var/log/secure

16:57:52

#less /var/log/messages

/dev/pts/6

16:58:04

#smbclient -L \\\\127.0.0.1\\testt -Utestt

Password:
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
        Sharename       Type      Comment
        ---------       ----      -------
        tmp             Disk      Temporary file space
        IPC$            IPC       IPC Service (Samba Server)
        testt           Disk      Home Directories
Domain=[MYDCLOCAL] OS=[Unix] Server=[Samba 3.0.24-1.110asp]
        Server               Comment
        ---------            -------
        LINUX3               Samba Server
        Workgroup            Master
        ---------            -------
        MYDCLOCAL            LINUX3
        WORKGROUP            STUDENT1
loginShell: /bin/bash
gecos: System User
userPassword: {SSHA}edPz7x+11qQhEok9MkZUfMPtL7pFZUs3
[root@linux3:~]# smbc
-----------------------------------------------------------------------------------------------------

/dev/pts/4

16:58:11

#smbclient -U testsambauser -L //192.168.16.3

Password:
session setup failed: NT_STATUS_LOGON_FAILURE

Статистика

Справка

О программе

LiLaLo (L3) расшифровывается как Live Lab Log.
Программа разработана для повышения эффективности обучения Unix/Linux-системам.
(c) Игорь Чубин, 2004-2008

Журнал лабораторных работ

Журнал

Пятница (12/14/07)

Статистика

Справка

О программе