| Join in Windows Active Directory Domain with Samba Winbind. This tutorial needs Windows Active Directory Domain Service in your LAN. This example shows to configure on the environment below.
| |||||||||||
| [1] | Install Winbind. |
| root@smb:~# apt -y install winbind libpam-winbind libnss-winbind krb5-config samba-dsdb-modules samba-vfs-modules # if using DHCP. answer [Yes], if static IP, answer [No] +----------------------+ Samba server and utilities +-----------------------+
| |
| If your computer gets IP address information from a DHCP server on the |
| network, the DHCP server may also provide information about WINS servers |
| ("NetBIOS name servers") present on the network. This requires a change |
| to your smb.conf file so that DHCP-provided WINS settings will |
| automatically be read from /var/lib/samba/dhcp.conf. |
| |
| The dhcp-client package must be installed to take advantage of this |
| feature. |
| |
| Modify smb.conf to use WINS settings from DHCP? |
| |
| <Yes> <No> |
| |
+---------------------------------------------------------------------------+
# specify Realm +------------------+ Configuring Kerberos Authentication +------------------+ | When users attempt to use Kerberos and specify a principal or user name | | without specifying what administrative Kerberos realm that principal | | belongs to, the system appends the default realm. The default realm may | | also be used as the realm of a Kerberos service running on the local | | machine. Often, the default realm is the uppercase version of the local | | DNS domain. | | | | Default Kerberos version 5 realm: | | | | SRV.WORLD________________________________________________________________ | | | | <Ok> | | | +---------------------------------------------------------------------------+ # specify hostname of AD DS +--------------+ Configuring Kerberos Authentication +---------------+
| Enter the hostnames of Kerberos servers in the SRV.WORLD |
| Kerberos realm separated by spaces. |
| |
| Kerberos servers for your realm: |
| |
| fd3s.srv.world____________________________________________________ |
| |
| <Ok> |
| |
+--------------------------------------------------------------------+
# specify hostname of AD DS +------------------+ Configuring Kerberos Authentication +------------------+ | Enter the hostname of the administrative (password changing) server for | | the SRV.WORLD Kerberos realm. | | | | Administrative server for your Kerberos realm: | | | | fd3s.srv.world___________________________________________________________ | | | | <Ok> | | | +---------------------------------------------------------------------------+ |
| [2] | Configure Winbind. |
| root@smb:~# vi /etc/samba/smb.conf # line 29: change NetBIOS Name to AD DS’s one and add like follows workgroup = FD3S01
realm = SRV.WORLD security = ads idmap config * : backend = tdb idmap config * : range = 3000-7999 idmap config FD3S01 : backend = rid idmap config FD3S01 : range = 10000-999999 template homedir = /home/%U template shell = /bin/bash winbind use default domain = true winbind offline logon = false root@smb:~# vi /etc/nsswitch.conf # line 7: add like follows passwd: files systemd winbind group: files systemd winbind root@smb:~# vi /etc/pam.d/common-session # add to the end if you need (auto create a home directory at initial login) session optional pam_mkhomedir.so skel=/etc/skel umask=077 root@smb:~# vi /etc/resolv.conf # change DNS to refer to AD nameserver 10.0.0.100 |
| [3] | Join in Windows Active Directory Domain. |
| # join in Active Directory (net ads join -U [AD’s admin user]) root@smb:~# net ads join -U Administrator Enter Administrator’s password: root@smb:~# systemctl restart winbind # show domain users info root@smb:~# wbinfo -u administrator # try to switch to an AD user root@smb:~# su – serverworld Creating directory ‘/home/serverworld’. id uid=11103(serverworld) gid=10513(domain users) groups=10513(domain users),11103(serverworld) |
Bakusou Kyoudai Lets & Go Eternal Wings atau biasa disebut dengan Game Tamiya PS1 merupakan permainan balap mobil Mini…
WhatsApp Status kembali mendapatkan fitur baru. Setelah cukup lama diuji coba, WhatsApp akhirnya merilis fitur 'Add…
Chatbot AI saat ini sudah umum dipakai menjadi asisten digital. Tapi menurut Mark Zuckerberg, AI juga bisa…
Polytron jadi merek Indonesia yang terjun dalam industri mobil listrik. Polytron disebut-sebut bakal menjadi mobil…
Fastino, startup kecerdasan buatan asal Amerika Serikat, memamerkan model AI barunya yang ditujukan untuk bisnis. Menariknya, model AI…
Sopan terhadap AI seperti ChatGPT mungkin dilakukan beberapa orang karena memang mirip bicara pada manusia. Namun siapa…