asked on
Working Samba 4 NT4 style PDC on Centos 7 - How to upgrade to AD PDC
Hi !
I have a working configuration of Samba 4.1.1 on Centos 7. Samba is now configured as an old style NT4 PDC and all works very fine. Now I would like do upgrade the Samba configuration to Active Directory DC server. I have then installed, for this purpose, the Centos 7 packages samba-dc and samba-dc-libs:
Name : samba-dc
Arch : x86_64
Version : 4.1.1
Release : 37.el7_0
Size : 964
Repo : installed
From repo : sl-security
Summary : Samba AD Domain Controller
URL : http://www.samba.org/
License : GPLv3+ and LGPLv3+
Description : The samba-dc package provides AD Domain Controller functionality
Name : samba-dc-libs
Arch : x86_64
Version : 4.1.1
Release : 37.el7_0
Size : 964
Repo : installed
From repo : sl-security
Summary : Samba AD Domain Controller Libraries
URL : http://www.samba.org/
License : GPLv3+ and LGPLv3+
Description : The samba4-dc-libs package contains the libraries needed by the DC to
link against the SMB, RPC and other protocols.
My smb.conf looks like this:
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[global]
workgroup = LATTARI
server string = LATTARI - FILEMON1 PDC
interfaces = lo, enp3s6
bind interfaces only = Yes
log file = /var/log/samba/log.%m
max log size = 50
load printers = No
printcap name = /dev/null
disable spoolss = Yes
add user script = /usr/sbin/useradd "%u" -n -g users
delete user script = /usr/sbin/userdel "%u"
add group script = /usr/sbin/groupadd "%g"
delete group script = /usr/sbin/groupdel "%g"
delete user from group script = /usr/sbin/userdel "%u" "%g"
add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome -s /bin/false "%u"
logon script = %u.bat
logon path = \\%L\Profiles\%u
logon drive = H:
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
wins support = Yes
idmap config * : backend = tdb
invalid users = apache, bin, daemon, adm, sync, shutdown, halt, mail, news, uucp, operator
admin users = root, @admin
hosts allow = 127.0.0.1, 192.168.0.0/24
printing = bsd
print command = lpr -r -P'%p' %s
lpq command = lpq -P'%p'
lprm command = lprm -P'%p' %j
[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0700
directory mask = 0700
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
print ok = Yes
browseable = No
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
[Profiles]
path = /home/samba/Profiles
read only = No
create mask = 0600
directory mask = 0700
profile acls = Yes
browseable = No
My question is: how to proceed now to configure Samba as AD PDC server using the installed packages?
I have a working configuration of Samba 4.1.1 on Centos 7. Samba is now configured as an old style NT4 PDC and all works very fine. Now I would like do upgrade the Samba configuration to Active Directory DC server. I have then installed, for this purpose, the Centos 7 packages samba-dc and samba-dc-libs:
Name : samba-dc
Arch : x86_64
Version : 4.1.1
Release : 37.el7_0
Size : 964
Repo : installed
From repo : sl-security
Summary : Samba AD Domain Controller
URL : http://www.samba.org/
License : GPLv3+ and LGPLv3+
Description : The samba-dc package provides AD Domain Controller functionality
Name : samba-dc-libs
Arch : x86_64
Version : 4.1.1
Release : 37.el7_0
Size : 964
Repo : installed
From repo : sl-security
Summary : Samba AD Domain Controller Libraries
URL : http://www.samba.org/
License : GPLv3+ and LGPLv3+
Description : The samba4-dc-libs package contains the libraries needed by the DC to
link against the SMB, RPC and other protocols.
My smb.conf looks like this:
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions
[global]
workgroup = LATTARI
server string = LATTARI - FILEMON1 PDC
interfaces = lo, enp3s6
bind interfaces only = Yes
log file = /var/log/samba/log.%m
max log size = 50
load printers = No
printcap name = /dev/null
disable spoolss = Yes
add user script = /usr/sbin/useradd "%u" -n -g users
delete user script = /usr/sbin/userdel "%u"
add group script = /usr/sbin/groupadd "%g"
delete group script = /usr/sbin/groupdel "%g"
delete user from group script = /usr/sbin/userdel "%u" "%g"
add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome -s /bin/false "%u"
logon script = %u.bat
logon path = \\%L\Profiles\%u
logon drive = H:
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
wins support = Yes
idmap config * : backend = tdb
invalid users = apache, bin, daemon, adm, sync, shutdown, halt, mail, news, uucp, operator
admin users = root, @admin
hosts allow = 127.0.0.1, 192.168.0.0/24
printing = bsd
print command = lpr -r -P'%p' %s
lpq command = lpq -P'%p'
lprm command = lprm -P'%p' %j
[homes]
comment = Home Directories
valid users = %S
read only = No
create mask = 0700
directory mask = 0700
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
print ok = Yes
browseable = No
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
[Profiles]
path = /home/samba/Profiles
read only = No
create mask = 0600
directory mask = 0700
profile acls = Yes
browseable = No
My question is: how to proceed now to configure Samba as AD PDC server using the installed packages?
LinuxLinux DistributionsActive Directory
Last Comment
Lelio Michele Lattari