Stile EL7: differenze tra le versioni

Da Emigar.
Jump to navigation Jump to search
Riga 2: Riga 2:


==Firewall==
==Firewall==

firewall-cmd --get-services

firewall-cmd --permanent --new-service=oracle
firewall-cmd --permanent --service=oracle --set-description="Listener ports 1521 2483"
firewall-cmd --permanent --service=oracle --add-port=1521/tcp
firewall-cmd --permanent --service=oracle --add-port=2483/tcp
firewall-cmd --permanent --zone=public --add-service=oracle

firewall-cmd --permanent --new-service=NRPE
firewall-cmd --permanent --service=NRPE --set-description="NRPE port 5666"
firewall-cmd --permanent --service=NRPE --add-port=5666/tcp
firewall-cmd --permanent --zone=public --add-service=NRPE

firewall-cmd --permanent --zone=public --add-service=snmp
firewall-cmd --permanent --zone=public --add-service=ntp
firewall-cmd --reload


firewall-cmd --list-services





firewall-cmd --permanent --zone=public --add-service=samba
firewall-cmd --permanent --zone=public --add-service=samba

Versione delle 14:44, 4 set 2017

systemd

Firewall

   firewall-cmd --get-services

   firewall-cmd --permanent --new-service=oracle
   firewall-cmd --permanent --service=oracle --set-description="Listener ports 1521 2483"
   firewall-cmd --permanent --service=oracle --add-port=1521/tcp
   firewall-cmd --permanent --service=oracle --add-port=2483/tcp
   firewall-cmd --permanent --zone=public --add-service=oracle

   firewall-cmd --permanent --new-service=NRPE
   firewall-cmd --permanent --service=NRPE --set-description="NRPE port 5666"
   firewall-cmd --permanent --service=NRPE --add-port=5666/tcp
   firewall-cmd --permanent --zone=public --add-service=NRPE

   firewall-cmd --permanent --zone=public --add-service=snmp
   firewall-cmd --permanent --zone=public --add-service=ntp
   firewall-cmd --reload



   firewall-cmd --list-services




   firewall-cmd --permanent --zone=public --add-service=samba

   firewall-cmd --zone=public --add-port=161/tcp --permanent
   firewall-cmd --zone=public --add-port=161/udp --permanent
   firewall-cmd --zone=public --add-port=1521/tcp --permanent
   firewall-cmd --zone=public --add-port=2483/tcp --permanent
   firewall-cmd --zone=public --add-port=5666/tcp --permanent

   firewall-cmd --reload

Network

    nmcli con add type 802-3-ethernet con-name eno33559296 ifname eno33559296 autoconnect yes ipv4 192.168.8.5/24 gw4 192.168.8.254 ipv4.dns 8.8.8.8 ipv4.dns-search emigar.it save yes

    nmcli con show uuid 3763e4d6-d4d3-4340-bb7f-9e865f8e102e

snmp

nrpe

Active Directory Join

    yum -y install realmd samba samba-common oddjob oddjob-mkhomedir sssd ntpdate ntp adcli
    firewall-cmd --permanent --zone=public --add-service=samba
    firewall-cmd --reload
    ntpdate -u domain-controller.domain.it
    realm discover DOMAIN.IT
    realm join --user=administrator@domain.it DOMAIN.IT
    sed -i -e 's/use_fully_qualified_names = True/use_fully_qualified_names = False/' /etc/sssd/sssd.conf
    systemctl restart sssd

Per consentire la gestione via group policy AD (in /etc/sssd/sssd.conf): 

    ad_gpo_access_control = enforcing
Estratto da "http://www.emigar.com/wiki/index.php?title=Stile_EL7&oldid=5444"