{"id":265,"date":"2011-10-18T22:45:10","date_gmt":"2011-10-18T20:45:10","guid":{"rendered":"http:\/\/diablo.craem.net\/wordpress\/?p=265"},"modified":"2011-10-18T22:45:10","modified_gmt":"2011-10-18T20:45:10","slug":"squid-active-directory-parte-3","status":"publish","type":"post","link":"https:\/\/diablo.craem.net\/?p=265","title":{"rendered":"Squid + Active Directory ::parte 3::"},"content":{"rendered":"<p>Ahora, a\u00f1adimos nuestro servidor linux al active directory:<br \/>\n<code><br \/>\nnet ads join -S miserver_ad.midominio.local -U administrador<br \/>\n<\/code><br \/>\nNos pedir\u00e1 el password y si todo ha ido bien, nos responder\u00e1:<br \/>\n<code><br \/>\nUsing short domain name -- MIDOMINIO<br \/>\nJoined 'tuxServer' to realm 'MIDOMINIO.LOCAL'<br \/>\n<\/code><br \/>\nSi ha funcionado bien, vamos a modificar el script que inicia el windbind&#8230;. hacemos copia y lo dejamos tal que: <em>\/init.d\/windbin<\/em><br \/>\n<code><br \/>\n#!\/bin\/sh<br \/>\n### BEGIN INIT INFO<br \/>\n# Provides:<br \/>\nwinbind<br \/>\n# Required-Start: $network $local_fs $remote_fs<br \/>\n# Required-Stop: $network $local_fs $remote_fs<br \/>\n# Default-Start: 2 3 4 5<br \/>\n# Default-Stop: 016<br \/>\n# Short-Description: start Winbind daemon<br \/>\n### END INIT INFO<br \/>\nPATH=\/sbin:\/bin:\/usr\/sbin:\/usr\/bin<br \/>\n[ -r \/etc\/default\/winbind ] && . \/etc\/default\/winbind<br \/>\nDAEMON=\/usr\/sbin\/winbindd<br \/>\n# clear conflicting settings from the environment<br \/>\nunset TMPDIR<br \/>\n# See if the daemon is there<br \/>\ntest -x $DAEMON || exit 0<br \/>\n. \/lib\/lsb\/init-functions<br \/>\ncase \"$1\" in<br \/>\nstart)<br \/>\nlog_daemon_msg \"Starting the Winbind daemon\" \"winbind\"<br \/>\nmkdir -p \/var\/run\/samba\/winbindd_privileged || return 1<br \/>\nchgrp proxy \/var\/run\/samba\/winbindd_privileged\/ || return 1<br \/>\nchmod 0750 \/var\/run\/samba\/winbindd_privileged\/ || return 1<br \/>\nstart-stop-daemon --start --quiet --oknodo --exec $DAEMON -- $WINBINDD_OPTS<br \/>\nchmod 77 \/var\/run\/samba\/winbindd_privileged<br \/>\nlog_end_msg $?<br \/>\n;;<br \/>\nstop)<br \/>\nlog_daemon_msg \"Stopping the Winbind daemon\" \"winbind\"<br \/>\nstart-stop-daemon --stop --quiet --oknodo --exec $DAEMON<br \/>\nlog_end_msg $?<br \/>\n;;<br \/>\nrestart|force-reload)<br \/>\n$0 stop && sleep 2 && $0 start<br \/>\n;;<br \/>\n*)<br \/>\necho \"Usage: \/etc\/init.d\/winbind {start|stop|restart|force-reload}\"<br \/>\nexit 1<br \/>\n;;<br \/>\nesac<br \/>\n<\/code><br \/>\nAhora, toca modificar el orden de arranque de los servicios, siendo por orden:<br \/>\n1\u00ba) Samba<br \/>\n2\u00ba) WindBind<br \/>\n3\u00ba) Squid<br \/>\nL\u00f3gicamente, para que squid consulte correctamente el AD, tiene que tener arrancados antes que \u00e9l, el samba y el WindBind..<br \/>\nEditamos el fichero <em>\/etc\/rc.local<\/em> y a\u00f1adimos:<br \/>\n<code><br \/>\ninvoke-rc.d samba stop<br \/>\ninvoke-rc.d winbind stop<br \/>\ninvoke-rc.d squid stop<br \/>\ninvoke-rc.d samba start<br \/>\ninvoke-rc.d winbind start<br \/>\ninvoke-rc.d squid start<br \/>\n<\/code><br \/>\nY reiniciamos el servidor&#8230;.<br \/>\n<code><br \/>\n# reboot<br \/>\n<\/code><br \/>\nUna vez iniciado el servidor, para comprobar que todo ha ido bien, tecleamos:<br \/>\n<code><br \/>\n# wbinfo -u<br \/>\n<\/code><br \/>\nnos deber\u00e1 de mostrar todos los usuarios de active directory&#8230;..<br \/>\nY ahora nos toca configurar squid para que consulte los usuarios&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ahora, a\u00f1adimos nuestro servidor linux al active directory: net ads join -S miserver_ad.midominio.local -U administrador Nos pedir\u00e1 el password y si todo ha ido bien, nos responder\u00e1: Using short domain name &#8212; MIDOMINIO Joined &#8216;tuxServer&#8217; to realm &#8216;MIDOMINIO.LOCAL&#8217; Si ha funcionado bien, vamos a modificar el script que inicia el windbind&#8230;. hacemos copia y lo [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,8],"tags":[16,58,97,102,166,177],"class_list":["post-265","post","type-post","status-publish","format-standard","hentry","category-linux","category-varios","tag-active-directory","tag-debian","tag-kerberos","tag-linux-2","tag-samba","tag-squid"],"_links":{"self":[{"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/posts\/265","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=265"}],"version-history":[{"count":0,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/posts\/265\/revisions"}],"wp:attachment":[{"href":"https:\/\/diablo.craem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=265"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=265"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=265"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}