(1)我们必须建立AD帐号在linux的虚里目录,由于AD帐号过多的状况下我们一个个建立会浪费很多时间, 所以我们可以利用命令来快速建立
在root目录下,建立mknthome.awk
[root@linux2 ~]# vi mknthome.awk
?容如下
#!/bin/awk
BEGIN {
FS = “:”
uidmin = 16777000
uidmax = 33550000
}
{
if ($3 >= uidmin && $3 <= uidmax ) {
print “\nmake directory “ $6 “\nchown “ $3 “.” $4 “ “ S6
system ( “mkdir -p “ $6 “ ;chown “ $3 “.” $4 “ “ $6 )
}
}
(2)开始建立目录
[root@linux2 ~]# getent passwd | awk -f mknthome.awk
这时你会看到画面自动帮你建立帐号了,如果没有请检查mknthome有无错误.
(3)开始整合帐号(我没有做)
依照我们的需求来修改ssh smtp dovecot 等文件
目录非别在 /etc/pam.d./sshd /etc/pam.d/smtp /etc/pam.d/dovecot
先修改 ssh
[root@linux2 /]# vi /etc/pam.d/sshd
#%PAM-1.0
auth sufficient pam_winbind.so ---加入这行
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
account required pam_stack.so service=system-auth
account sufficient pam_winbind.so ---加入这行
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
修改 smtp
[root@linux2 /]# vi /etc/pam.d/smtp
#%PAM-1.0
auth sufficient pam_winbind.so ---加入这行
auth required pam_stack.so service=system-auth
account sufficient pam_winbind.so ---加入这行
account required pam_stack.so service=system-auth
修改 dovecot
[root@linux2 /]# vi /etc/pam.d/dovecot
#%PAM-1.0
auth sufficient pam_winbind.so ---加入这行
auth required pam_nologin.so
auth required pam_stack.so service=system-auth
account sufficient pam_winbind.so ---加入这行
account required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
