NTLM аутентификация в Microsoft AD

Server


1. Настройка службы winbindd


[root@server ~]# yum install -y samba-winbind.x86_64

[root@server ~]# chkconfig --level 345 winbind on

[root@server ~]# cp /etc/samba/smb.conf  /etc/samba/smb.conf.orig

[root@server ~]# vi /etc/samba/smb.conf


workgroup = test

realm = test.local
security = domain
auth methods = winbind
password server = adserver.test.local
winbind use default domain = Yes


[root@server ~]# vi /etc/nsswitch.conf

passwd:     files winbind
shadow:     files winbind
group:      files winbind




2. Регистрация службы winbindd в домене


[root@server ~]# net rpc join -U Administrator
Enter Administrator's password:
Joined domain TEST.


На сервере в AD также появился сервер 


3. Запуск службы winbindd

[root@server ~]# service winbind restart


4. Проверка

[root@server ~]# ntlm_auth --username=user1
password: 
NT_STATUS_OK: Success (0x0)

====================================
====================================

SQUID ставить не планирую.

====================================
====================================


[root@server ~]# cp /etc/pam.d/sshd /etc/pam.d/sshd.orig


[root@server ~]# find / -name pam_winbind.so
/lib64/security/pam_winbind.so


[root@server ~]# vi /etc/pam.d/sshd
auth sufficient pam_winbind.so


[root@server ~]# useradd user1

Client

[root@client ~]# ssh user1@server