Ferramentas do usuário

Ferramentas do site


infra-estrutura:linux:samba:gerenciamento_samba_cli

Gerenciamento do SAMBA via CLI

Para todos os exemplos utilizaremos o nome de dominio ricardobarbosams.com.br e usuário ricardobarbosa e grupo g_ti

Criação de usuário

# samba-tool user add ricardobarbosa --given-name=Ricardo --surname=barbosa --mail-address=ricardobarbosa@ricardobarbosams.com.br --login-shell=/bin/bash

Listar usuários

# samba-tool user list

Excluir um usuário

# samba-tool user delete ricardobarbosa

Reseta a senha do usuário do dominio

# samba-tool user setpassword ricardobarbosa

Desativar o usuário

# samba-tool user disable ricardobarbosa

Ativando o usuário

# samba-tool user enable ricardobarbosa

Criando grupo de usuários

# samba-tool group add g_ti

Excluindo grupo de usuários

# samba-tool group delete g_ti

Listando grupos de usuários

# samba-tool group list

Listando usuários membros do grupo

# samba-tool group listmembers "g_ti"

Adicionando usuários a determinado grupo

# samba-tool group addmembers g_ti ricardobarbosa

Removendo usuários de determinado grupo

samba-tool group remove members g_ti ricardobarbosa

===== Visualizando politicas de senha do samba(Active Directory)

# samba-tool domain passwordsettings show
# samba-tool domain passwordsettings set --complexity=off
# samba-tool domain passwordsettings set --history-length=0
# samba-tool domain passwordsettings set --min-pwd-age=0
# samba-tool domain passwordsettings set --max-pwd-age=0
# samba-tool domain passwordsettings set --min-pwd-length=4

Verificar registro da zone DNS do AD

samba-tool dns query agamenon _msdcs.freewaynet.corp @ ALL -U administrator --password=123456
Password for [FREEWAYNET\administrator]:
  Name=, Records=2, Children=0
    SOA: serial=109, refresh=900, retry=600, expire=86400, minttl=3600, ns=agamenon.freewaynet.corp., email=hostmaster.freewaynet.corp. (flags=600000f0, serial=109, ttl=3600)
    NS: agamenon.freewaynet.corp. (flags=600000f0, serial=1, ttl=900)
  Name=3f8e7991-853a-41c1-854b-2dc24cf51667, Records=1, Children=0
    CNAME: agamenon.freewaynet.corp. (flags=f0, serial=1, ttl=900)
  Name=dc, Records=0, Children=2
  Name=domains, Records=0, Children=1
  Name=gc, Records=0, Children=2
  Name=pdc, Records=0, Children=1
root@agamenon:~#
root@agamenon:~# samba-tool dns query agamenon _msdcs.freewaynet.corp domains._msdcs.freewaynet.corp ALL -U administrator --password=123456
  Name=, Records=0, Children=0
  Name=9ab474e0-d6c2-431d-a769-c44ba1f20818, Records=0, Children=1
root@agamenon:~# 
samba-tool dns query agamenon _msdcs.freewaynet.corp 9ab474e0-d6c2-431d-a769-c44ba1f20818.domains._msdcs.freewaynet.corp ALL -U administrator --password=123456
  Name=, Records=0, Children=0
  Name=_tcp, Records=0, Children=1
<code>
 
<code bash>
root@agamenon:~# samba-tool dns query agamenon _msdcs.freewaynet.corp _tcp.9ab474e0-d6c2-431d-a769-c44ba1f20818.domains._msdcs.freewaynet.corp ALL -U administrator --password=123456
  Name=, Records=0, Children=0
  Name=_ldap, Records=1, Children=0
    SRV: agamenon.freewaynet.corp. (389, 0, 100) (flags=f0, serial=1, ttl=900)
root@agamenon:~# 
root@agamenon:~# samba-tool dns query agamenon _msdcs.freewaynet.corp _ldap._tcp.9ab474e0-d6c2-431d-a769-c44ba1f20818.domains._msdcs.freewaynet.corp ALL -U administrator --password=123456
  Name=, Records=1, Children=0
    SRV: agamenon.freewaynet.corp. (389, 0, 100) (flags=f0, serial=1, ttl=900)
root@agamenon:~# 

Mostrar informações dominio

net rpc info

root@agamenon:~# net rpc info -U administrator
Enter administrator's password:
Domain Name: FREEWAYNET
Domain SID: S-1-5-21-1615479121-2557752159-4193669972
Sequence number: 1
Num users: 13
Num domain groups: 11
Num local groups: 26
root@agamenon:~# 

Consultando o horario

root@agamenon:~# net time 
Tue Sep 11 18:59:42 2018
root@agamenon:~# net time -S agamenon
Tue Sep 11 18:59:47 2018
root@agamenon:~# 

Setando o horário

root#  net time set -S MAGGOT -U Administrator
Tue May 17 00:55:30 MDT 2005

Consultando o time zone

Mostra o timezone em horas a partir do GMT

root#  net time zone -S SAURON
-0600

Consultando todos os registros DNS

samba-tool dns query <nome do servidor> <nome do dominio> @ ALL -U administrator

root# samba-tool dns query localhost yamaha.corp @ ALL -U administrator

Renomeando registro DNS

samba-tool dns update <nome do servidor> <nome do dominio> <nome registro> A <endereco IP antigo> <endereco IP novo> -U administrator

root# samba-tool dns update localhost yamaha.corp mail A 192.168.1.10 192.168.1.20 -U administrator

DNS

Alterando o registro SOA do samba

Para atualizar o registro SOA, primeiro visualize o SOA atual para pegar os valores de serial, ttl, expire, etc. Deve retornar algo semelhante a isso

SOA: serial=4, refresh=900, retry=600, expire=86400, minttl=3600, ns=ns1.yamaha.corp., email=hostmaster.yamaha.corp. (flags=600000f0, serial=4, ttl=3600)

# samba-tool dns update localhost yamaha.corp @ SOA 'ns1.yamaha.corp hostmaster.yamaha.corp 4 900 600 86400 3600' 'dc01.yamaha.corp hostmaster.yamaha.corp 4 900 600 86400 3600' -U Administrator

Para visualizar os diretórios disponíveis para um determinado usuário:

$ smbclient -L //servidor --user=usuário

=== Para acessar um compartilhamento disponível para um determinado usuário: ===

$ smbclient //servidor/compartilhamento --user=usuário

Verificar compartilhamentos

    smbclient -L zimmerman
 
    Server time is Sat Aug 10 15:58:27 1996
    Timezone is UTC+10.0
    Password: 
    Domain=[WORKGROUP] OS=[Windows NT 3.51] Server=[NT LAN Manager 3.51]
 
    Server=[ZIMMERMAN] User=[] Workgroup=[WORKGROUP] Domain=[]
 
            Sharename      Type      Comment
            ---------      ----      -------
            ADMIN$         Disk      Remote Admin
            public         Disk      Public 
            C$             Disk      Default share
            IPC$           IPC       Remote IPC
            OReilly        Printer   OReilly
            print$         Disk      Printer Drivers
 
 
    This machine has a browse list:
 
            Server               Comment
            ---------            -------
            HOPPER               Samba 1.9.15p8
            KERNIGAN             Samba 1.9.15p8
            LOVELACE             Samba 1.9.15p8
            RITCHIE              Samba 1.9.15p8
            ZIMMERMAN            

Acessar um compartilhamento via prompt (tipo telnet)

smbclient \\\\zimmerman\\public mypasswd
Server time is Sat Aug 10 15:58:44 1996
Timezone is UTC+10.0
Domain=[WORKGROUP] OS=[Windows NT 3.51] Server=[NT LAN Manager 3.51]
smb: \> 
smb: \> h
ls             dir            lcd            cd             pwd            
get            mget           put            mput           rename         
more           mask           del            rm             mkdir          
md             rmdir          rd             prompt         recurse        
translate      lowercase      print          printmode      queue          
cancel         stat           quit           q              exit           
newer          archive        tar            blocksize      tarmode        
setmode        help           ?              !              
smb: \>

Montar compartilhamento

[root@postel]# smbmount "\\\\samba1\\customers" -U rtg2t -c 'mount /customers -u 500 -g 100'
Added interface ip=192.168.35.84 bcast=192.168.255.255 nmask=255.255.0.0
Got a positive name query response from 192.168.168.158 ( 192.168.168.158 )
Server time is Tue Oct  5 10:27:36 1999
Timezone is UTC-4.0
Password:
Domain=[IPM] OS=[Unix] Server=[Samba 2.0.3]
security=user
[root@postel]# mount                                                                                                    
/dev/hda2 on / type ext2 (rw)
none on /proc type proc (rw)
none on /dev/pts type devpts (rw,mode=622)
//SAMBA1/CUSTOMERS on /customers type smbfs (0)

Discussão

Insira seu comentário. Sintaxe wiki é permitida:
 
infra-estrutura/linux/samba/gerenciamento_samba_cli.txt · Última modificação: 2018/09/25 14:02 por ricardobarbosams