Samba4 AD DC : Install
2015/02/17 |
Configute Samba4 Active Directory Domain Controller.
The Samba4 package provided from official repository does not provide the DC function yet,
so Download Samba4 RPM package from the EnterpriseSAMBA.com ( http://enterprisesamba.com/ )
which is introduced by Samba official site ( https://www.samba.org/ ).
|
|
[1] |
Register your user info on the site below first to download Samba4 RPM package.
https://portal.enterprisesamba.com/ |
[2] |
After registration, access to the URL above again and click 'Login' to login the site.
|
[3] |
After login, remember your username and accesskey which is displayed on the site.
It's necessarry to set in repo file for yum later.
|
[4] |
Scroll down the page and download 'sernet-samba-4.1.repo' for CentOS 6 to your PC or server.
Next, upload it to the server you will install Samba4 and move it under the '/etc/yum.repos.d'.
|
[5] | Set your username and accesskey in repo file. |
[root@smb ~]#
vi /etc/yum.repos.d/sernet-samba-4.1.repo # change to your username and accesskey [sernet-samba-4.1] name=SerNet Samba 4.1 Packages (centos-6) type=rpm-md baseurl=https:// USERNAME:ACCESSKEY @download.sernet.de/packages/samba/4.1/centos/6/gpgcheck=1 gpgkey=https:// USERNAME:ACCESSKEY @download.sernet.de/packages/samba/4.1/centos/6/repodata/repomd.xml.keyenabled=1 |
[6] | Install Samba4. |
[root@smb ~]# yum -y install sernet-samba sernet-samba-ad
|
[7] | Configure Samba AD DC. |
[root@smb ~]# samba-tool domain provision # specify Realm Realm [SRV.WORLD]: SRV.WORLD # specify Domain name Domain [SERVER]: SMB01 # Enter with default because it sets DC Server Role (dc, member, standalone) [dc]: # Enter with default because it uses Built-in DNS DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]: # confirm DNS setting and Enter if it's OK DNS forwarder IP address (write 'none' to disable forwarding) [10.0.0.1]: # set admin password # Do not set trivial password, if you input it, configuration wizard shows error and stops. Administrator password: Retype password: Looking up IPv4 addresses Looking up IPv6 addresses ... ... A Kerberos configuration suitable for Samba 4 has been generated at /var/lib/samba/private/krb5.conf Once the above files are installed, your Samba4 server will be ready to use Server Role: active directory domain controller Hostname: smb NetBIOS Domain: SMB01 DNS Domain: srv.world DOMAIN SID: S-1-5-21-1368991612-3962103640-954018680
[root@smb ~]#
vi /etc/default/sernet-samba # line 7: change SAMBA_START_MODE=" ad "
cp /var/lib/samba/private/krb5.conf /etc/krb5.conf [root@smb ~]# /etc/rc.d/init.d/sernet-samba-ad start Starting SAMBA AD services : [ OK ] [root@smb ~]# chkconfig sernet-samba-ad on [root@smb ~]# chkconfig sernet-samba-smbd off [root@smb ~]# chkconfig sernet-samba-nmbd off [root@smb ~]# chkconfig sernet-samba-winbindd off |
[8] | Raise the domain level to 2008 R2. |
[root@smb ~]#
samba-tool domain level raise --domain-level 2008_R2 --forest-level 2008_R2 Domain function level changed! Forest function level changed! All changes applied successfully! # show domain level [root@smb ~]# samba-tool domain level show Domain and forest function level for domain 'DC=srv,DC=world' Forest function level: (Windows) 2008 R2 Domain function level: (Windows) 2008 R2 Lowest function level of a DC: (Windows) 2008 R2 |