StefanoStrozzi.it

Join ad Active Directory

impostare ip statico e gateway in /etc/network/interface

comunque una vola avviato eseguire subito:

pcs property set stonith-enabled=false
pcs property set no-quorum-policy=ignore

con debian bisogna usare crmsh

apt-get install crmsh

poi entrare nella configurazione con

crm configure

eseguire i seguenti passi

primitive p_drbd_0 ocf:linbit:drbd params drbd_resource="r0" op monitor interval="10"
ms ms_drbd_0 p_drbd_0 meta master-max="1" master-node-max="1" clone-max="2" clone-node-max="1" notify="true"

rendere esecutivi i comandi

commit

creare l'IP

pcs resource create clstIP IPaddr2 ip="192.168.1.63" cidr_netmask="24" nic="enp1s0" mac="52:54:00:b0:8c:10"

https://github.com/ClusterLabs/pacemaker/blob/master/doc/pcs-crmsh-quick-ref.md

per la gestione del cluster su può usare pcs via web:
https://ip:2224

To domain-join an debian / ubuntu – server you first need to install realmd and its dependencies

sudo apt install -y realmd
sudo apt install -y sssd-tools sssd libnss-sss libpam-sss adcli
sudo apt install -y realmd packagekit

Join the server to your Active Directory-Domain

sudo realm join yourdomain.tld --user administrator

If you need to, replace “administrator” with another authorized user.

If the above command fails:
check if your user has the required permissions
check the password
try the following:

sudo realm join yourdomain.tld --user administrator --install=/

poi per la condivisione

chown "CASA\\ginopino:CASA\\domain users" /direct/

sito prova:
https://linuxtot.com/add-a-simple-samba-file-server-as-a-domain-member/
https://wiki.debian.org/Permissions

per il join al dominio

il file smb.conf

[global]

workgroup = CASA
security = ADS
realm = CASA.INT
vfs objects = acl_xattr
map acl inherit = Yes
store dos attributes = Yes
idmap config * : backend = tdb
idmap config * : range   = 3000-7999
winbind use default domain = true
winbind nss info = rfc2307
winbind enum users = yes
winbind enum groups = yes

verificare krb5.conf
e nsswitch.conf

passwd:         files winbind systemd
group:          files winbind systemd

cambiare password hacluster
eseguire corosync-keygen
copiare sull'altro nodo i file

per il cluster c'è poco da fare, aggiungere solo i nodi al nodelist { }
cambiare il nome del cluster
aggiungere two_node:1 alla sezione del quorum { }

avviare corosync e pacemaker

pcs property set stonith-enabled=false
pcs property set no-quorum-policy=ignore

poi usare crm per aggiungere le risorse

primitive p_drbd_0 ocf:linbit:drbd params drbd_resource="r0" op monitor interval="10"
ms ms_drbd_0 p_drbd_0 meta master-max="1" master-node-max="1" clone-max="2" clone-node-max="1" notify="true"