Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Single sign-on: Active Directory <=> Ubuntu

Matteo Giordano
December 05, 2006
Technology
1
76

Single sign-on: Active Directory <=> Ubuntu

Join di macchine Ubuntu ad un dominio AD.

Presentata nel corso dei seminari GASL presso l'Università di Chieti-Pescara "G. d'Annunzio" nel dicembre 2006.

Matteo Giordano

December 05, 2006
Tweet

More Decks by Matteo Giordano

See All by Matteo Giordano
Virtualizzazione: problematiche e soluzioni
malteo
1
57
Squid - un proxy per navigare sicuri e veloci
malteo
1
74

Other Decks in Technology

See All in Technology
グイグイ系QAエンジニアでやっていくよ!
____rina____
0
760
Shinagile 2024
kawaguti
PRO
2
120
.NET GraphQL Client のリアル
sansantech
PRO
1
230
LINEヤフーのウェブアクセシビリティ
lycorptech_jp
PRO
2
170
パフォーマンス最適化のベストプラクティス
databricksjapan
0
200
Taking Flight with Tailwind CSS
opdavies
0
4.3k
AWS CLIの起動が重くてつらいので aws-sdk-client-go を書いた / kamakura.go#6
fujiwara3
6
3k
Cloudflare WorkersがPythonに対応したので試してみた
miura55
0
190
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
2
1.7k
サービス開発におけるVue3とTypeScriptの親和性について
tsukuha
10
1.8k
Money-saving tips for the frugal serverless developer
theburningmonk
0
270
能動学習のいろは:書籍「Human-in-the-Loop機械学習」3〜5章
hiroyoshiito
0
290

Featured

See All Featured
YesSQL, Process and Tooling at Scale
rocio
165
13k
A Tale of Four Properties
chriscoyier
153
22k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
221
21k
Code Reviewing Like a Champion
maltzj
515
39k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
67
14k
5 minutes of I Can Smell Your CMS
philhawksworth
199
19k
The Power of CSS Pseudo Elements
geoffreycrofte
62
5k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
123
39k
No one is an island. Learnings from fostering a developers community.
thoeni
16
2.1k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
275
13k
WebSockets: Embracing the real-time Web
robhawkes
59
7k
Automating Front-end Workflow
addyosmani
1357
200k

Transcript

  1. Single sign-on Seminari G@SL 2006 http://gasl.unich.it/

  2. Sommario • Single sign-on • Samba • Winbind • Pluggable

    Authentication Modules • pam_mount • SAMBA server • pam_group

  3. Single sign-on Il single sign-on è una speciale forma di

    autenticazione che permette ad un utente di autenticarsi una volta sola e ottenere accesso a diverse risorse.

  4. Single sign-on Username: matteo Password: ******

  5. Samba

  6. Winbind • matteo • antonio • ... • stefano WINBIND

  7. Winbind 'matteo' RID: S-1-5-21-3015518840-556901772-689399334-1182 UID: 11182

  8. /etc/samba/smb.conf [global] ## Configurazione minima workgroup = LABECONOMIA realm =

    LABECONOMIA.LOCAL security = ADS password server = lupin ## RID -> UID idmap backend = rid:LABECONOMIA=10000- 20000 idmap uid = 10000-20000 idmap gid = 10000-20000 ## Dominio di default winbind use default domain = Yes

  9. Pluggable Authentication Modules PAM è un meccanismo flessibile di autenticazione

    degli utenti indipendente dal tipo di programma e dal sistema di autenticazione.

  10. PAM /etc/pam.d/ • login • gdm • sudo • common-auth

    • common-account /etc/nsswitch.conf passwd: compat winbind group: compat winbind

  11. pam_mount volume * cifs goemon & /home/LABECONOMIA/& - - -

    /etc/security/pam_mount.conf

  12. SAMBA server matteo 30 MB

  13. pam_group gdm;*;*;Al0000-2400;cdrom,floppy,audio,video,plugdev /etc/security/group.conf

  14. Join al dominio # ntpdate -s lupin # kinit Administrator

    # net ads join