Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Adding Linux server to Window Domain

Posted on 2013-12-05
1
Medium Priority
?
559 Views
Last Modified: 2013-12-06
Hi Experts,

I am trying to integrate Window OS and Linux OS together. I came across this situation where I wish to integrate my linux(debian) server into Window Domain. I wish to know how can this be accomplished?

I believed that I needed samba share for sure. I know in smb.conf there is a workgroup section. Do I simply config workgroup to window domain or I need to configure other files as well? Do I need to somehow configure domain controller from window into linux? Anything else that I need?

If I wish to use the AD (active directory) from window with linux Do I need to install the kbr5(kebros) so linux will recognize the user from AD? What else do I need to make it work?
If I need kbr, how can I configure it to make it work with windows?

I've read about winbind. Do I need winbind also? If so, how should I configure it. Thanks
0
Comment
Question by:kisegi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 13

Accepted Solution

by:
Daniel Helgenberger earned 2000 total points
ID: 39700433
Hello,

there are plenty of tutorials to do so. I will point out some in the end.

Here only some considerations for starters:
1. The mode you need for your server would be ADS. Here a sample [global] section with Kerberos (realm=) :
[global]
	security = ADS
        workgroup = YOURDOMAIN
        realm = YOURDOMAIN.COM

Open in new window


2. You need to consider one crucial point: Do any other computes access the linux storage in another way (nfs / direct access)? Do you have other Linux servers? The point here is the GID/UID mapping. If the the storage is isolated to your linux file server, then you can ignore it leave it to the default. Otherwise you might want to use the AD gid number / uid number attributes for your setup.

3. Kerberos is optional. Samba works without it - though I always set this up for convenience. You can for instance add a group policy to map a user's share with the password method. Windows also tries the logon credentials automatically first.

4. There are packages around with do these jobs quiete well without much configuration. Have a look at Likewise / Powerbroker Identity Services (free) for instance. I use this:
http://download1.beyondtrust.com/Technical-Support/Downloads/PowerBroker-Identity-Services-Open-Edition/?Pass=True

5. You will need winbind to do the actual domain joining. Remember, winbind is part of the samba package.

6. As for your link, here is one I googled:
https://wiki.debian.org/AuthenticatingLinuxWithActiveDirectory
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question