Ferramentas do usuário

Ferramentas do site


infra-estrutura:linux:samba:gerenciamento_samba_cli

Essa é uma revisão anterior do documento!


Gerenciamento do SAMBA via CLI

Para todos os exemplos utilizaremos o nome de dominio ricardobarbosams.com.br e usuário ricardobarbosa e grupo g_ti

Criação de usuário

# samba-tool user add ricardobarbosa --given-name=Ricardo --surname=barbosa --mail-address=ricardobarbosa@ricardobarbosams.com.br --login-shell=/bin/bash

Listar usuários

# samba-tool user list

Excluir um usuário

# samba-tool user delete ricardobarbosa

Reseta a senha do usuário do dominio

# samba-tool user setpassword ricardobarbosa

Desativar o usuário

# samba-tool user disable ricardobarbosa

Ativando o usuário

# samba-tool user enable ricardobarbosa

Criando grupo de usuários

# samba-tool group add g_ti

Excluindo grupo de usuários

# samba-tool group delete g_ti

Listando grupos de usuários

# samba-tool group list

Listando usuários membros do grupo

# samba-tool group listmembers "g_ti"

Adicionando usuários a determinado grupo

# samba-tool group addmembers g_ti ricardobarbosa

Removendo usuários de determinado grupo

samba-tool group remove members g_ti ricardobarbosa

===== Visualizando politicas de senha do samba(Active Directory)

# samba-tool domain passwordsettings show
# samba-tool domain passwordsettings set --complexity=off
# samba-tool domain passwordsettings set --history-length=0
# samba-tool domain passwordsettings set --min-pwd-age=0
# samba-tool domain passwordsettings set --max-pwd-age=0
# samba-tool domain passwordsettings set --min-pwd-length=4

Verificar registro da zone DNS do AD

samba-tool dns query agamenon _msdcs.freewaynet.corp @ ALL -U administrator --password=123456
Password for [FREEWAYNET\administrator]:
  Name=, Records=2, Children=0
    SOA: serial=109, refresh=900, retry=600, expire=86400, minttl=3600, ns=agamenon.freewaynet.corp., email=hostmaster.freewaynet.corp. (flags=600000f0, serial=109, ttl=3600)
    NS: agamenon.freewaynet.corp. (flags=600000f0, serial=1, ttl=900)
  Name=3f8e7991-853a-41c1-854b-2dc24cf51667, Records=1, Children=0
    CNAME: agamenon.freewaynet.corp. (flags=f0, serial=1, ttl=900)
  Name=dc, Records=0, Children=2
  Name=domains, Records=0, Children=1
  Name=gc, Records=0, Children=2
  Name=pdc, Records=0, Children=1
root@agamenon:~#
root@agamenon:~# samba-tool dns query agamenon _msdcs.freewaynet.corp domains._msdcs.freewaynet.corp ALL -U administrator --password=123456
  Name=, Records=0, Children=0
  Name=9ab474e0-d6c2-431d-a769-c44ba1f20818, Records=0, Children=1
root@agamenon:~# 
samba-tool dns query agamenon _msdcs.freewaynet.corp 9ab474e0-d6c2-431d-a769-c44ba1f20818.domains._msdcs.freewaynet.corp ALL -U administrator --password=123456
  Name=, Records=0, Children=0
  Name=_tcp, Records=0, Children=1
<code>
 
<code bash>
root@agamenon:~# samba-tool dns query agamenon _msdcs.freewaynet.corp _tcp.9ab474e0-d6c2-431d-a769-c44ba1f20818.domains._msdcs.freewaynet.corp ALL -U administrator --password=123456
  Name=, Records=0, Children=0
  Name=_ldap, Records=1, Children=0
    SRV: agamenon.freewaynet.corp. (389, 0, 100) (flags=f0, serial=1, ttl=900)
root@agamenon:~# 
root@agamenon:~# samba-tool dns query agamenon _msdcs.freewaynet.corp _ldap._tcp.9ab474e0-d6c2-431d-a769-c44ba1f20818.domains._msdcs.freewaynet.corp ALL -U administrator --password=123456
  Name=, Records=1, Children=0
    SRV: agamenon.freewaynet.corp. (389, 0, 100) (flags=f0, serial=1, ttl=900)
root@agamenon:~# 

Mostrar informações dominio

net rpc info

root@agamenon:~# net rpc info -U administrator
Enter administrator's password:
Domain Name: FREEWAYNET
Domain SID: S-1-5-21-1615479121-2557752159-4193669972
Sequence number: 1
Num users: 13
Num domain groups: 11
Num local groups: 26
root@agamenon:~# 

Consultando o horario

root@agamenon:~# net time 
Tue Sep 11 18:59:42 2018
root@agamenon:~# net time -S agamenon
Tue Sep 11 18:59:47 2018
root@agamenon:~# 

Setando o horário

root#  net time set -S MAGGOT -U Administrator
Tue May 17 00:55:30 MDT 2005

Consultando o time zone

Mostra o timezone em horas a partir do GMT

root#  net time zone -S SAURON
-0600

Consultando todos os registros DNS

samba-tool dns query <nome do servidor> <nome do dominio> @ ALL -U administrator

root# samba-tool dns query localhost yamaha.corp @ ALL -U administrator

Renomeando registro DNS

samba-tool dns update <nome do servidor> <nome do dominio> <nome registro> A <endereco IP antigo> <endereco IP novo> -U administrator

root# samba-tool dns update localhost yamaha.corp mail A 192.168.1.10 192.168.1.20 -U administrator

DNS

Alterando o registro SOA do samba

Para atualizar o registro SOA, primeiro visualize o SOA atual para pegar os valores de serial, ttl, expire, etc. Deve retornar algo semelhante a isso

SOA: serial=4, refresh=900, retry=600, expire=86400, minttl=3600, ns=ns1.yamaha.corp., email=hostmaster.yamaha.corp. (flags=600000f0, serial=4, ttl=3600)

# samba-tool dns update localhost yamaha.corp @ SOA 'ns1.yamaha.corp hostmaster.yamaha.corp 4 900 600 86400 3600' 'dc01.yamaha.corp hostmaster.yamaha.corp 4 900 600 86400 3600' -U Administrator