tailieunhanh - Linux Server Hacks Volume Two phần 2

Bộ ba này đặt quyền truy cập cho các nhóm được gán cho tập tin. (Nhóm được thảo luận trong phần "treo ra trong các nhóm", sau này trong chương này.) Bộ ba thứ ba bao gồm các nhân vật thứ tám, thứ chín và thứ mười trong danh sách định dạng tập tin dài. | 40 modify your etc file to specify that the system obtains password and group information from the Windows domain controller. Correct entries would be the following passwd files winbind group files winbind This tells the name service switch to first check the local password and group files on the client system for authentication information and then check the winbindd daemon. This enables you to create local accounts when necessary giving these local accounts priority while still using Windows domain authentication for most accounts. . Integrating the PAM into System Authentication Unless you re using a Linux distribution such as Red Hat which provides a graphical tool for configuring system authentication system-config-auth shown in Figure 1-1 you ll need to manually modify the PAM configuration files for services that will authenticate using your Windows domain controller. At a minimum this is the login configuration file etc login and probably also the PAM configuration file for SSH logins etc sshd . Here s a sample PAM configuration file that uses Windows authentication to enable logins auth sufficient lib security auth required lib security auth required lib security service system-auth use_ _first_pass auth required lib security account required lib security service system-auth password required lib security service system-auth session required lib security service system-auth session optional lib security debug Figure 1-1. Red Hat s graphical application for configuring Windows authentication 40 41 Note that this PAM configuration file accepts Windows authentication as being sufficient to enable a login but then falls through to the standard Linux authentication sequence if this fails. This enables you to use a mixture of central authentication through the Windows domain controller and local .

TỪ KHÓA LIÊN QUAN