Komunikacija Linux/Samba servera i AD-a
1. Proveriti da li komunikacija radi :
# wbinfo -u|more
DOMEN+jelena
DOMEN+squid1
DOMEN+aleksa
…..
# wbinfo -g|more
DOMEN+domain computers
DOMEN+domain admins
DOMEN+g-webadmins
…..
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: squid1@MOJ.DOMEN
Valid starting Expires Service principal
01/30/14 08:32:19 01/30/14 08:42:19 krbtgt/MOJ.DOMEN@MOJ.DOMEN
2. Proveriti da li je komunikacija plain-text ili je kriptovana
Paralelno sa izdavanjem komande za autentifikaciju na AD-u, snimati saobraćaj između ta dva hosta (npr sa Wireshark-om) :
# smbclient -L ad.server.ime -U squid1
Enter squid1’s password:
Domain=[DOMEN] OS=[Windows Server 2008 R2 Standard 7601 Service Pack 1] Server=[Windows Server 2008 R2 Standard 6.1]
Sharename Type Comment
——— —- ——-
ADMIN$ Disk Remote Admin
C$ Disk Default share
IPC$ IPC Remote IPC
NETLOGON Disk Logon server share
SYSVOL Disk Logon server share
session request to ad.server.ime (Called name not present)
Domain=[DOMEN] OS=[Windows Server 2008 R2 Standard 7601 Service Pack 1] Server=[Windows Server 2008 R2 Standard 6.1]
Server Comment
——— ——-
Workgroup Master
——— ——-