Total de visualizações de página

segunda-feira, 25 de abril de 2016

Samba AD DC : Install


Samba AD DC : Install
2015/02/18
 
Configute Samba Active Directory Domain Controller.
The Samba package provided from official repository does not provide the DC function yet, so Download Samba RPM package from the EnterpriseSAMBA.com ( http://enterprisesamba.com/ ) which is introduced by Samba official site ( https://www.samba.org/ ).
[1]
Register your user info on the site below first to download Samba RPM package.
https://portal.enterprisesamba.com/
[2]
After registration, access to the URL above again and click 'Login' to login the site.
[3]
After login, remember your username and accesskey which is displayed on the site. It's necessarry to set in repo file for yum later.
[4]
Scroll down the page and download 'sernet-samba-4.1.repo' for CentOS 7 to your PC or server. Next, upload it to the server you will install Samba4 and move it under the '/etc/yum.repos.d'.
[5]Set your username and accesskey in repo file.
[root@smb ~]# 
vi /etc/yum.repos.d/sernet-samba-4.1.repo
# change to your username and accesskey

[sernet-samba-4.1]
name=SerNet Samba 4.1 Packages (centos-7)
type=rpm-md
baseurl=https://
USERNAME:ACCESSKEY
@download.sernet.de/packages/samba/4.1/centos/7/
gpgcheck=1
gpgkey=https://
USERNAME:ACCESSKEY
@download.sernet.de/packages/samba/4.1/centos/7/repodata/repomd.xml.key
enabled=1
[6]Install Samba.
[root@smb ~]# 
yum -y install sernet-samba sernet-samba-ad
[7]Configure Samba AD DC.
[root@smb ~]# 
samba-tool domain provision 

# specify Realm

Realm [SERVER.WORLD]: 
SERVER.WORLD 

# specify Domain name

Domain [SERVER]: 
SMB01 

# Enter with default because it sets DC

Server Role (dc, member, standalone) [dc]:
# Enter with default because it uses Built-in DNS

DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]:
# confirm DNS setting and Enter if it's OK

DNS forwarder IP address (write 'none' to disable forwarding) [10.0.0.1]:
# set admin password

# Do not set trivial password, if you input it, configuration wizard shows error and stops.

Administrator password:
Retype password:
Looking up IPv4 addresses
Looking up IPv6 addresses
...
...
A Kerberos configuration suitable for Samba 4 has been generated at /var/lib/samba/private/krb5.conf
Once the above files are installed, your Samba4 server will be ready to use
Server Role:           active directory domain controller
Hostname:              smb
NetBIOS Domain:        SMB01
DNS Domain:            server.world
DOMAIN SID:            S-1-5-21-1554426047-3808867033-1778000025
[root@smb ~]# 
vi /etc/default/sernet-samba
# line 7: change

SAMBA_START_MODE="
ad
"
[root@smb ~]# 
cp /var/lib/samba/private/krb5.conf /etc/krb5.conf 

[root@smb ~]# 
systemctl start sernet-samba-ad 

[root@smb ~]# 
chkconfig sernet-samba-ad on 

[root@smb ~]# 
chkconfig sernet-samba-smbd off 

[root@smb ~]# 
chkconfig sernet-samba-nmbd off 

[root@smb ~]# 
chkconfig sernet-samba-winbindd off 
[8]Raise the domain level to 2008 R2.
[root@smb ~]# 
samba-tool domain level raise --domain-level 2008_R2 --forest-level 2008_R2 

Domain function level changed!
Forest function level changed!
All changes applied successfully!
# show domain level

[root@smb ~]# 
samba-tool domain level show 

Domain and forest function level for domain 'DC=server,DC=world'

Forest function level: (Windows) 2008 R2
Domain function level: (Windows) 2008 R2
Lowest function level of a DC: (Windows) 2008 R2
Postado por às
Marcadores:

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)