Académique Documents
Professionnel Documents
Culture Documents
Tutorial search
Samba 4 Domain
Controller
Installation on
CentOS 7
On this page
Installation of Samba 4
Adding the Windows host to
the domain
Installing RSAT tool in
Windows 10
Client authentication with
Samba 4 on CentOS 7
Client authentication with
Samba 4 on CentOS 6
Installation of Samba 4
[
r
o
o
t
@
s
a
m
b
a
4
~
]
#
c
a
t
/
e
t
c
/
h
o
s
t
s
1
2
7
.
0
.
0
.
1
l
o
c
a
l
h
o
s
t
l
o
c
a
l
h
o
s
t
.
l
o
c
a
l
d
o
m
a
in localhost4 localhost4.localdomai
n4
::1 localhost localhost.loc
aldomain localhost6 localhost6.loca
ldomain6
192.168.1.190 samba4.sunil.cc sam
ba4
[root@samba4 ~]#
p_dryrun_mode=ldap_dryrun_mode)
File "/usr/local/samba/lib64/pyth
on2.7/site-packages/samba/provision
/__init__.py", line 2175, in provis
ion
skip_sysvolacl=skip_sysvolacl)
File "/usr/local/samba/lib64/pyth
on2.7/site-packages/samba/provision
/__init__.py", line 1787, in provis
ion_fill
next_rid=next_rid, dc_rid=dc_ri
d)
File "/usr/local/samba/lib64/pyth
on2.7/site-packages/samba/provision
/__init__.py", line 1447, in fill_s
amdb
"KRBTGTPASS_B64": b64encode(krb
tgtpass.encode('utf-16-le'))
File "/usr/local/samba/lib64/pyth
on2.7/site-packages/samba/provision
/common.py", line 55, in setup_add_
ldif
ldb.add_ldif(data, controls)
File "/usr/local/samba/lib64/pyth
on2.7/site-packages/samba/__init__.
py", line 225, in add_ldif
self.add(msg, controls)
[root@samba4 samba]#
--------
#includedir /etc/krb5.conf.d/
--------
[root@samba4 etc]#
7-138/udp --permanent;firewall-cmd
--add-port=139/tcp --permanent; \
firewall-cmd --add-port=389/tcp --p
ermanent;firewall-cmd --add-port=38
9/udp --permanent;firewall-cmd --ad
d-port=445/tcp --permanent; \
firewall-cmd --add-port=464/tcp --p
ermanent;firewall-cmd --add-port=46
4/udp --permanent;firewall-cmd --ad
d-port=636/tcp --permanent; \
firewall-cmd --add-port=1024-5000/t
cp --permanent;firewall-cmd --add-p
ort=3268-3269/tcp --permanent
[root@samba4 ~]# firewall-cmd --rel
oad
[Service]
Type=forking
PIDFile=/usr/local/samba/var/run/sa
mba.pid
ExecStart=/usr/local/samba/sbin/sam
ba
[Install]
WantedBy=multi-user.target
[root@samba4 ~]#
192.168.1.191 remote
management win 10
Installation of packages:
Configure sssd.
[sssd]
domains = sunil.cc
config_file_version = 2
services = nss, pam
[domain/sunil.cc]
ad_domain = sunil.cc
krb5_realm = SUNIL.CC
realmd_tags = manages-system joined
-with-samba
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = Tr
ue
default_shell = /bin/bash
ldap_id_mapping = True
use_fully_qualified_names = True
fallback_homedir = /home/%u@%d
access_provider = ad
[root@centos7 ~]#
Restart sssd.
uid=1570001105(sambauser) gid=15700
00513(domain users) groups=15700005
13(domain users),1570000512(domain
admins),1570000572(denied rodc pass
word replication group)
[root@centos7 ~]#
Installation of packages.
[libdefaults]
default_realm = SUNIL.CC
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
[realms]
SUNIL.CC = {
kdc = samba4.sunil.cc
admin_server = samba4.sunil.cc
}
[domain_realm]
.sunil.cc = SUNIL.CC
sunil.cc = SUNIL.CC
[root@centos6 db]#
domain.
Configure authentication.
[domain/sunil.cc]
id_provider = ad
# Uncomment if service discovery is
not working
# ad_server = server.win.example.co
m
default_shell = /bin/bash
fallback_homedir = /home/%u
[root@centos6 db]#
Validating user.