Configure Samba4 as Domain Controller
I’ll show how to configure Samba4 in centos 7 as a domain controller in the domain.
1- Edit /etc/hosts put IP, FQDN name and NetBIOS name.
/etc/hosts
192.168.0.6.128 samba4.lss.local samba4
3- Install dependencies
yum install perl gcc libacl-devel libblkid-devel gnutls-devel readline-devel python-devel gdb pkgconfig krb5-workstation zlib-devel setroubleshoot-server libaio-devel setroubleshoot-plugins\
policycoreutils-python libsemanage-python setools-libs-python setools-libs popt-devel libpcap-devel sqlite-devel libidn-devel libxml2-devel libacl-devel libsepol-devel libattr-devel keyutils-libs-devel\
cyrus-sasl-devel cups-devel bind-utils libxslt docbook-style-xsl openldap-devel pam-devel bzip2 vim nano wget -y
4- Download the last version from samba site.
cd /tmp/
wget https://download.samba.org/pub/samba/stable/samba-4.6.0.tar.gz
5- Install, this command have a delay between 15 to 30 minutes, depending on the configuration of your server.
tar -zxvf samba-4.6.0.tar.gz
cd samba-4.6.0
./configure –enable-debug –enable-selftest –with-ads –with-systemd –with-winbind
make && make install
6- Edit /etc/krb5.conf, comment the line below.
#includedir /etc/krb5.conf.d/
7- Run the configurator
cd /usr/local/samba/bin
samba-tool domain provision –use-rfc2307 –interactive
8 – Open the ports for correct operation.
firewall-cmd –add-port=53/tcp –permanent;firewall-cmd –add-port=53/udp –permanent;firewall-cmd –add-port=88/tcp –permanent;firewall-cmd –add-port=88/udp –permanent; \
firewall-cmd –add-port=135/tcp –permanent;firewall-cmd –add-port=137-138/udp –permanent;firewall-cmd –add-port=139/tcp –permanent; \
firewall-cmd –add-port=389/tcp –permanent;firewall-cmd –add-port=389/udp –permanent;firewall-cmd –add-port=445/tcp –permanent; \
firewall-cmd –add-port=464/tcp –permanent;firewall-cmd –add-port=464/udp –permanent;firewall-cmd –add-port=636/tcp –permanent; \
firewall-cmd –add-port=1024-5000/tcp –permanent;firewall-cmd –add-port=3268-3269/tcp –permanentfirewall-cmd –reload
9- Create a service for initialization together the system.
nano /etc/systemd/system/samba.service
[Unit]
Description= Samba 4 Active Directory
After=syslog.target
After=network.target[Service]
Type=forking
PIDFile=/usr/local/samba/var/run/samba.pid
ExecStart=/usr/local/samba/sbin/samba[Install]
WantedBy=multi-user.target
10- Enable and start samba service
systemctl enable samba
systemctl start samba
Ready!!!
The server is ready to work!Neste tutorial mostro como configurar do Samba4 no centos 7, para que funcione como controlador de dominio no dominio.
1- Editar o arquivo /etc/hosts e colocar IP do servidor, nome com FQDN e nome netbios.
/etc/hosts
192.168.0.6.128 samba4.lss.local samba4
3- Instalando as dependencias
yum install perl gcc libacl-devel libblkid-devel gnutls-devel readline-devel python-devel gdb pkgconfig krb5-workstation zlib-devel setroubleshoot-server libaio-devel setroubleshoot-plugins\
policycoreutils-python libsemanage-python setools-libs-python setools-libs popt-devel libpcap-devel sqlite-devel libidn-devel libxml2-devel libacl-devel libsepol-devel libattr-devel keyutils-libs-devel\
cyrus-sasl-devel cups-devel bind-utils libxslt docbook-style-xsl openldap-devel pam-devel bzip2 vim nano wget -y
4- Baixar a versao mais nova diretamente do site do samba.
cd /tmp/
wget https://download.samba.org/pub/samba/stable/samba-4.6.0.tar.gz
5- Instale o samba, este comando pode demorar entre 15 a 30 minutos, depende do configuracao do seu servidor.
tar -zxvf samba-4.6.0.tar.gz
cd samba-4.6.0
./configure –enable-debug –enable-selftest –with-ads –with-systemd –with-winbind
make && make install
6- Edite o arquivo /etc/krb5.conf, e comente a linha, conforme abaixo
#includedir /etc/krb5.conf.d/
7- Executar o configurador.
cd /usr/local/samba/bin
samba-tool domain provision –use-rfc2307 –interactive
8 – Liberando as portas necessarias para o correto funcionamento
firewall-cmd –add-port=53/tcp –permanent;firewall-cmd –add-port=53/udp –permanent;firewall-cmd –add-port=88/tcp –permanent;firewall-cmd –add-port=88/udp –permanent; \
firewall-cmd –add-port=135/tcp –permanent;firewall-cmd –add-port=137-138/udp –permanent;firewall-cmd –add-port=139/tcp –permanent; \
firewall-cmd –add-port=389/tcp –permanent;firewall-cmd –add-port=389/udp –permanent;firewall-cmd –add-port=445/tcp –permanent; \
firewall-cmd –add-port=464/tcp –permanent;firewall-cmd –add-port=464/udp –permanent;firewall-cmd –add-port=636/tcp –permanent; \
firewall-cmd –add-port=1024-5000/tcp –permanent;firewall-cmd –add-port=3268-3269/tcp –permanentfirewall-cmd –reload
9- Criar o servico para inicializar junto ao sistema.
nano /etc/systemd/system/samba.service
[Unit]
Description= Samba 4 Active Directory
After=syslog.target
After=network.target[Service]
Type=forking
PIDFile=/usr/local/samba/var/run/samba.pid
ExecStart=/usr/local/samba/sbin/samba[Install]
WantedBy=multi-user.target
10- Habilitar e iniciar o servico criado.
systemctl enable samba
systemctl start samba
Pronto, o servidor ja esta pronto para trabalhar com controlador de dominio, agora só adcionar no dominio as estacoes windows, lembrando de sempre apontar o dns da estacao windows para o servidor samba.
Deixe uma resposta