Samba Winbind
2015/11/08 |
Join in Windows Active Directory Domain with Samba Winbind.
This tutorial needs Windows Active Directory Domain Service in your LAN.
This example shows to configure on the environment below.
|
|||||||||
[1] | Install Winbind. |
[root@smb ~]# dnf -y install samba-winbind samba-winbind-clients pam_krb5
|
[2] | Configure Winbind. |
# change DNS setting to AD's one [root@smb ~]# nmcli c modify eno16777736 ipv4.dns 10.0.0.100 [root@smb ~]# nmcli c down eno16777736; nmcli c up eno16777736 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/1) authconfig \ --enablekrb5 \ --krb5kdc=fd3s.srv.world \ --krb5adminserver=fd3s.srv.world \ --krb5realm=FD3S.SRV.WORLD \ --enablewinbind \ --enablewinbindauth \ --smbsecurity=ads \ --smbrealm=FD3S.SRV.WORLD \ --smbservers=fd3s.srv.world \ --smbworkgroup=FD3S01 \ --winbindtemplatehomedir=/home/%U \ --winbindtemplateshell=/bin/bash \ --enablemkhomedir \ --enablewinbindusedefaultdomain \ --update getsebool: SELinux is disabled |
[3] | Join in Windows Active Directory Domain. |
# join in Active Directory ( net ads join -U [AD's admin user]) [root@smb ~]# net ads join -U Administrator Enter Serverworld's password: ldb: unable to stat module /usr/lib64/samba/ldb : No such file or directory Using short domain name -- FD3S01 Joined 'SMB' to dns domain 'fd3s.srv.world' DNS update failed: NT_STATUS_UNSUCCESSFUL # show domain info [root@smb ~]# net ads info LDAP server: 10.0.0.100 LDAP server name: fd3s.fd3s.srv.world Realm: FD3S.SRV.WORLD Bind Path: dc=FD3S,dc=SERVER,dc=WORLD LDAP port: 389 Server time: Mon, 09 Nov 2015 22:12:19 JST KDC server: 10.0.0.100 Server time offset: -1 # verify it's possible to switch to an AD user [root@smb ~]# su - Serverworld Creating home directory for serverworld. [serverworld@smb ~]$ |