Samba 4 Domain Controller on Ubuntu 14.04 LTS

1. Configure network with a static ip address

$sudo nano /etc/network/interfaces

auto eth0
iface eth0 inet static
address 192.168.0.35
gateway 192.168.0.1
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
dns-nameservers 192.168.0.1 114.114.114.114 8.8.8.8dns-search szhnbc.com

2. Name your domain controller

$sudo hostname rd-server
$sudo echo "rd-server" > /etc/hostname
$sudo nano /etc/hosts

127.0.0.1 localhost
127.0.1.1 rd-server.szhnbc.com RD-Server
192.168.0.35 rd-server.szhnbc.com rd-server

$sudo apt-get update && apt-get upgrade
$sudo reboot

3. Install packages ntp, acl, samba + tools

$apt-get install ntp acl samba krb5-user smbclient

在安装Kerberos时,会提示输入相关信息

Your realm: SZHNBC.COM
Kerberos servers for your realm: rd-server.szhnbc.com
Administrative server: rd-server.szhnbc.com

4. Configure samba

Remove automatically created configuration  

$sudo rm /etc/samba/smb.conf

Configure samba with samba-tool

$sudo samba-tool domain provision --realm szhnbc.com --domain szhnbc --adminpass Password123 --server-role=dc

注意:如果设置安全比较低的密码,会导致命令失败。

安装成功信息:

Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up share.ldb
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
Adding DomainDN: DC=szhnbc,DC=com
Adding configuration container
Setting up sam.ldb schema
Setting up sam.ldb configuration data
Setting up display specifiers
Modifying display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up well known security principals
Setting up sam.ldb users and groups
Setting up self join
Adding DNS accounts
Creating CN=MicrosoftDNS,CN=System,DC=szhnbc,DC=com
Creating DomainDnsZones and ForestDnsZones partitions
Populating DomainDnsZones and ForestDnsZones partitions
Setting up sam.ldb rootDSE marking as synchronized
Fixing provision GUIDs
A Kerberos configuration suitable for Samba 4 has been generated at /var/lib/samba/private/krb5.conf
Once the above files are installed, your Samba4 server will be ready to use
Server Role:           active directory domain controller
Hostname:              rd-server
NetBIOS Domain:        SZHNBC
DNS Domain:            szhnbc.com
DOMAIN SID:            S-1-5-21-1719461813-2380486383-56883530

5. Configure DNS

对于大型,复杂的网络部署,建议你应该使用BIND,但在我的实际环境中,内建的DNS已经足够用了。

$sudo nano /etc/samba/smb.conf
dns forwarder = 8.8.8.8
allow dns updates = nonsecure
$sudo nano /etc/network/interfaces
dns-nameservers 192.168.0.35
$sudo reboot now

6. Test your new domain controller

$ host -t SRV _ldap._tcp.szhnbc.com.
_ldap._tcp.szhnbc.com has SRV record 0 100 389 rd-server.szhnbc.com.
$ host -t SRV _kerberos._udp.szhnbc.com.
_kerberos._udp.szhnbc.com has SRV record 0 100 88 rd-server.szhnbc.com.
$ host -t A rd-server.szhnbc.com.
rd-server.szhnbc.com has address 192.168.0.35$ kinit administrator
Password for [email protected]:
Warning: Your password will expire in 41 days on Fri Jan 23 11:48:22 2015$ klist
Ticket cache: FILE:/tmp/krb5cc_999
Default principal: [email protected]

Valid starting     Expires            Service principal
12/12/14 13:04:09  12/12/14 23:04:09  krbtgt/[email protected]
        renew until 12/13/14 13:04:01
[email protected]-SERVER:~$ smbclient -L localhost -U%
Domain=[SZHNBC] OS=[Unix] Server=[Samba 4.1.6-Ubuntu]

        Sharename       Type      Comment
        ---------       ----      -------
        netlogon        Disk
        sysvol          Disk
        IPC$            IPC       IPC Service (Samba 4.1.6-Ubuntu)
Domain=[SZHNBC] OS=[Unix] Server=[Samba 4.1.6-Ubuntu]

        Server               Comment
        ---------            -------

        Workgroup            Master
        ---------            -------
        HAICHUAN             YANGXINFENG
        MSHOME               RD-SERVER
        WORKGROUP            HC-JXS
$ smbclient //localhost/netlogon -U‘administrator‘
Enter administrator‘s password:
Domain=[SZHNBC] OS=[Unix] Server=[Samba 4.1.6-Ubuntu]
smb: \> quit

7. Manage your new domain controller

Recommended way of managing your server is to use "Remote Server Administration Tools", which you can install on Windows 7 desktop pc as a feature.

You can also manage users & groups with samba-tool

samba-tool user add john --surname=Smith --given-name=John
samba-tool group add test_group
samba-tool group addmembers test_group john

samba-tool user list
getent passwd john
id john

  

  

  

  

  

时间: 2024-08-28 14:51:44

Samba 4 Domain Controller on Ubuntu 14.04 LTS的相关文章

Install CUDA 6.0 on Ubuntu 14.04 LTS

Ubuntu 14.04 LTS is out, loads of new features have been added. Here are some procedures I followed to install CUDA 6.0 on my DELL Inspiron. First of all, Ubuntu need to be installed successfully, and the necessary libs are also need to installed: su

Ubuntu 14.04 LTS 安装Docker

Docker官方是有很详细的安装文档(https://docs.docker.com/engine/installation/ubuntulinux/),这里做了一个Ubuntu 14.04 LTS中文版的. 系统要求 64位 $ file /sbin/init /sbin/init: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Lin

Ubuntu 14.04 LTS中Chromium不能使用flash的解决方案

安装过Ubuntu 14.04 LTS的人都知道,这个系统下会有两个浏览器,一个firefox,一个chromium.chromium的flash是有问题的. 之前小编有需要用flash的时候就切换到火狐去,没想到一次升级之后,火狐在看百度网盘视频的时候总是跳转到一个nfdnserror9.wo.com.cn这样的网址,真是气死我了,于是为了能继续看动漫的小编就开始解决flash这个问题了. 1.解决方案来源 How to Install Pepper Flash in Ubuntu 14.04

Ubuntu 14.04 LTS 64bit 编译SDL的问题

http://blog.csdn.net/jhting/article/details/38523945 Ubuntu 14.04 LTS 64bit 编译SDL的问题 分类: C/C++2014-08-12 23:33 423人阅读 评论(0) 收藏 举报 SDL 之前在32位的LINUX中编译是没什么问题的. SDL1.2 需要安装的包: xorg-dev  (执行apt-get install xorg-dev,不安装这个包提示XSHm.h头文件无法找到) 在 make 时提示 _XDat

U盘安装Ubuntu 14.04 LTS正式版

Ubuntu 14.04 LTS正式版发布,而且提供五年的支持和维护服务.Ubuntu 14.04是Ubuntu开发团队历经五年的心血之作.许多新手都喜欢把Linux安装文件刻录成光盘再安装,而安装好之后就浪费了,所以太浪费了,那我们能不能用U盘来安装最新的Ubuntu 14.04正式版呢?答案是可以的,而且非常简单. 相关阅读:U盘操作系统安装工具- Universal USB Installer最新版 http://www.linuxidc.com/Linux/2011-01/31350.h

Ubuntu 14.04 LTS中怎样安装fcitx中文输入法

Ubuntu 14.04 LTS中自带的iBus输入法有多么的难用,这个不用我来说,今后你会看到各种吐嘈会像滔滔江水连绵不绝的.这里我们不抱怨,我们自己来着手解决中国人自 己的Linux中文输入法问题.Fcitx是当之无愧的最好的中文输入法(框架),真的非常感谢作者——当然是中国人,不然谁给你写这头痛的东西.当 Linux走进平常百姓家的时候,我确信Fcitx的贡献起码也得有好几个百分点呀! 方法/步骤 1 一,安装fcitx,这么好的软件,ubuntu软件中心肯定是找得到的,但还是命令来得快一

Drupal8系列(四):主题制作之搭建框架-Ubuntu 14.04 LTS

Drupal8的主题制作准备工作已经完成了,那么我们接下来就开始正式制作主题了! 一.生成主题的Compass框架 首先我们先进入到Druapl8的主题目录: cd /var/www/druapl8/themes 然后利用Compass生成主题框架: compass create firehare --css-dir=css --images-dir=img --javascripts-dir=js -r bootstrap-sass --using bootstrap 在上述命令中fireha

【转】基于Ubuntu 14.04 LTS编译Android4.4.2源代码

原文网址:http://blog.csdn.net/gobitan/article/details/24367439 基于Ubuntu 14.04 LTS编译Android4.4.2源代码 Dennis Hu 2014-4-21 环境准备: 基本环境:ubuntu-14.04-desktop-64bit LTS(裸机或者Windows下虚拟机安装均可,12.04也可以,但10.04目前不支持了) 其他要求:空闲磁盘空间100G以上,代码部分接近10G,其他为git和编译中间和目标文件准备 ===

Ubuntu 14.04 LTS 安装 LNMP Nginx\PHP5 (PHP-FPM)\MySQL

之前在Ubuntu12.04上搭建过PHP开发环境,按照这里http://budongzhenren.blog.51cto.com/2288320/991365安装的.但是系统换成14.04后,再用这个方法安装一直不成功,让我很郁闷,折腾了好久,后来才发现在12.04上安装Nginx,默认的网站根目录在 /usr/share/nginx/www,而在14.04上,默认的网站根目录是 /usr/share/nginx/html. 在Ubuntu14.04上搭建PHP环境的步骤参考这里:http:/