Enable the SMB Service:
# svcadm enable -r smb/serverSynchoronize Clock with Domain Controller
Make sure the clock difference between client and domain controller is less than 5 minutes# ntpdate dc01.goweekend.ca
Enable SMB service
# svcadm enable -r smb/serverJoin Windows Domain
smbadm will create all the objects required on domaincontroller# smbadm join -u ouadmin goweekend.ca
Map ID
# idmap add -d "winuser:*@*" "unixuser:*"# idmap list
Change Name Server Switch Configuration
# svccfg -s svc:/system/name-service/switch
svc:/system/name-service/switch> setprop config/password = astring: "files nis ad"
svc:/system/name-service/switch> setprop config/group = astring: "files nis ad"
svc:/system/name-service/switch> select system/name-service/switch:default
svc:/system/name-service/switch:default> refresh
svc:/system/name-service/switch:default> quit
# svcadm refresh svc:/system/name-service/switch
Create SMB Shares on Solaris Server
# zfs create -o mountpoint=/myshare upool/myshare
# zfs share -o share.smb=on -o share.smb.abe=on -o share.smb.guestok=off upool/myshare%myshare_
# zfs set aclinherit=passthrough upool/myshare
# chmod -R A+user:testuser:rwxpdDaARWcCos:fd-----:allow /myshare
Configurate SMB Autohome Shares
https://docs.oracle.com/cd/E36784_01/html/E36832/autohomeshares.html#scrolltoc
On Solaris Client
# cat /etc/smbautohome
+nsswitch OU=Users,DC=ad,DC=goweekend,DC=ca
New user on Solaris Server
If you found your new user status is locked, look like below in /etc/shadowusertest :*LK*:16245::::::
or
# passwd -s usertest
usertest LK
You need run below command to activate new user:
# passwd -r files usertest
or, unlock existing user
# passwd -u usertest
No comments:
Post a Comment