CentOS 6
Sponsored Link

Samba4 AD DC : Install
2015/02/17
 
Configute Samba4 Active Directory Domain Controller.
The Samba4 package provided from official repository does not provide the DC function yet, so Download Samba4 RPM package from the EnterpriseSAMBA.com ( http://enterprisesamba.com/ ) which is introduced by Samba official site ( https://www.samba.org/ ).
[1]
Register your user info on the site below first to download Samba4 RPM package.
https://portal.enterprisesamba.com/
[2]
After registration, access to the URL above again and click 'Login' to login the site.
[3]
After login, remember your username and accesskey which is displayed on the site. It's necessarry to set in repo file for yum later.
[4]
Scroll down the page and download 'sernet-samba-4.1.repo' for CentOS 6 to your PC or server. Next, upload it to the server you will install Samba4 and move it under the '/etc/yum.repos.d'.
[5] Set your username and accesskey in repo file.
[root@smb ~]#
vi /etc/yum.repos.d/sernet-samba-4.1.repo
# change to your username and accesskey

[sernet-samba-4.1]
name=SerNet Samba 4.1 Packages (centos-6)
type=rpm-md
baseurl=https://
USERNAME:ACCESSKEY
@download.sernet.de/packages/samba/4.1/centos/6/
gpgcheck=1
gpgkey=https://
USERNAME:ACCESSKEY
@download.sernet.de/packages/samba/4.1/centos/6/repodata/repomd.xml.key
enabled=1
[6] Install Samba4.
[root@smb ~]#
yum -y install sernet-samba sernet-samba-ad
[7] Configure Samba AD DC.
[root@smb ~]#
samba-tool domain provision

# specify Realm

Realm [SRV.WORLD]:
SRV.WORLD

# specify Domain name

Domain [SERVER]:
SMB01

# Enter with default because it sets DC

Server Role (dc, member, standalone) [dc]:
# Enter with default because it uses Built-in DNS

DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]:
# confirm DNS setting and Enter if it's OK

DNS forwarder IP address (write 'none' to disable forwarding) [10.0.0.1]:
# set admin password

# Do not set trivial password, if you input it, configuration wizard shows error and stops.

Administrator password:
Retype password:
Looking up IPv4 addresses
Looking up IPv6 addresses
...
...
A Kerberos configuration suitable for Samba 4 has been generated at /var/lib/samba/private/krb5.conf
Once the above files are installed, your Samba4 server will be ready to use
Server Role:           active directory domain controller
Hostname:              smb
NetBIOS Domain:        SMB01
DNS Domain:            srv.world
DOMAIN SID:            S-1-5-21-1368991612-3962103640-954018680

[root@smb ~]#
vi /etc/default/sernet-samba
# line 7: change

SAMBA_START_MODE="
ad
"
[root@smb ~]#
cp /var/lib/samba/private/krb5.conf /etc/krb5.conf

[root@smb ~]#
/etc/rc.d/init.d/sernet-samba-ad start

Starting SAMBA AD services : [ OK ]
[root@smb ~]#
chkconfig sernet-samba-ad on

[root@smb ~]#
chkconfig sernet-samba-smbd off

[root@smb ~]#
chkconfig sernet-samba-nmbd off

[root@smb ~]#
chkconfig sernet-samba-winbindd off

[8] Raise the domain level to 2008 R2.
[root@smb ~]#
samba-tool domain level raise --domain-level 2008_R2 --forest-level 2008_R2

Domain function level changed!
Forest function level changed!
All changes applied successfully!
# show domain level

[root@smb ~]#
samba-tool domain level show

Domain and forest function level for domain 'DC=srv,DC=world'

Forest function level: (Windows) 2008 R2
Domain function level: (Windows) 2008 R2
Lowest function level of a DC: (Windows) 2008 R2
 
Tweet