This can be done while configuring the samba as
./configure --with-shared-modules=idmap_ad,idmap_rid
This will add support to the samba for the ADS
2. Set the primary DNS values of the underlying machine to the
IP Address of the AD Server
3. Hostname of the Client machine is set to as
e.g. 192.168.1.180 w2k3r2sp2.com mymachine
4. The time on both AD Server and the client should match.
This can be done by configuring the ntp on client pointing
to the AD Server.
5. Configuring smb.conf file as:
[global]
workgroup = W2K3R2SP2 --> WorkGroup Name
realm = W2K3R2SP2.COM --> AD Server's Domain Name
server string = Samba Server Version %v
security = ADS --> Security mode. It *must* be ADS
passdb backend = tdbsam
log file = /var/log/samba/log.%m
max log size = 50
idmap uid = 100-20000 --> UID of group user
idmap gid = 100-20000
template homedir = /home/%U --> User's HOME Directory.
template shell = /bin/bash --> User's Default SHELL
winbind use default domain = Yes
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
6. Start the service smbd and winbindd
7. Test the setting by running the command:
net ads testjoin
8. Join the domain by executing:
net ads join -U administrator
9. The domain users and groups can be viewed as:
wbinfo -u
wbinfo -g
10. Now we can login to the linux machine either by "su" or loggin off and then login as a domain user.
Have a Happy Logging !!!
No comments:
Post a Comment