Joining a Linux Client to a Linux Samba Active Directory Domain Controller
#linuxclient
#joindomain
#linux #Samba #ActiveDirectory
#Linux
#Ubuntu
#OpenSource
#LinuxServer
#SysAdmin
#Samba
#ActiveDirectory
#SambaADDC
#DomainController
#SambaDomainController
#TechTutorial
#LinuxTutorial
#ServerSetup
#ittraining
===============================================
Configuration:
How to join Samba AD DC from Linux Client
🧩 1️⃣ Prerequisites on the Client
a) Set hostname
hostnamectl set-hostname client1.gennexs.local
or
vim /etc/hostname
Replace client1 with your desired client hostname.
b) Update /etc/hosts
vim /etc/hosts
Add:
192.168.200.10 dc.gennexs.local dc
192.168.200.10 g-client1.gennexs.local g-client1
(if not using DNS, or to ensure redundancy)
c) Configure /etc/resolv.conf
Point to your DC for DNS:
rm -f /etc/resolv.conf
vim /etc/resolv.conf
Add:
nameserver 192.168.200.10
search gennexs.local
domain gennexs.local
reboot
🧩 2️⃣ Install required packages
apt update
apt install krb5-user samba winbind libpam-winbind libnss-winbind smbclient -y
During krb5-user install:
• Default realm: GENNEXS.LOCAL
• Kerberos servers: dc.gennexs.local
• Admin server: dc.gennexs.local
🧩 3️⃣ Configure /etc/krb5.conf
Add content with:
[libdefaults]
default_realm = GENNEXS.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = true
[realms]
GENNEXS.LOCAL = {
kdc = dc.gennexs.local
admin_server = dc.gennexs.local
}
[domain_realm]
.gennexs.local = GENNEXS.LOCAL
gennexs.local = GENNEXS.LOCAL
🧩 4️⃣ Configure /etc/samba/smb.conf
Backup the default:
mv /etc/samba/smb.conf /etc/samba/smb.conf.bak
Create a new:
vim /etc/samba/smb.conf
[global]
workgroup = GENNEXS
security = ADS
realm = GENNEXS.LOCAL
log file = /var/log/samba/%m.log
log level = 1
winbind use default domain = true
winbind offline logon = true
winbind nss info = rfc2307
idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config GENNEXS : backend = rid
idmap config GENNEXS : range = 10000-999999
template shell = /bin/bash
template homedir = /home/%U
🧩 5️⃣ Configure NSS to recognize AD users
Edit /etc/nsswitch.conf:
passwd: compat winbind
group: compat winbind
shadow: compat winbind
🧩 6️⃣ Join the client to the domain
First test Kerberos:
kinit Administrator
Enter the AD administrator password.
Check with:
klist
You should see a valid ticket.
Now join the domain:
net ads join -U Administrator
Видео Joining a Linux Client to a Linux Samba Active Directory Domain Controller канала Chaxiong Yukonhiatou
#joindomain
#linux #Samba #ActiveDirectory
#Linux
#Ubuntu
#OpenSource
#LinuxServer
#SysAdmin
#Samba
#ActiveDirectory
#SambaADDC
#DomainController
#SambaDomainController
#TechTutorial
#LinuxTutorial
#ServerSetup
#ittraining
===============================================
Configuration:
How to join Samba AD DC from Linux Client
🧩 1️⃣ Prerequisites on the Client
a) Set hostname
hostnamectl set-hostname client1.gennexs.local
or
vim /etc/hostname
Replace client1 with your desired client hostname.
b) Update /etc/hosts
vim /etc/hosts
Add:
192.168.200.10 dc.gennexs.local dc
192.168.200.10 g-client1.gennexs.local g-client1
(if not using DNS, or to ensure redundancy)
c) Configure /etc/resolv.conf
Point to your DC for DNS:
rm -f /etc/resolv.conf
vim /etc/resolv.conf
Add:
nameserver 192.168.200.10
search gennexs.local
domain gennexs.local
reboot
🧩 2️⃣ Install required packages
apt update
apt install krb5-user samba winbind libpam-winbind libnss-winbind smbclient -y
During krb5-user install:
• Default realm: GENNEXS.LOCAL
• Kerberos servers: dc.gennexs.local
• Admin server: dc.gennexs.local
🧩 3️⃣ Configure /etc/krb5.conf
Add content with:
[libdefaults]
default_realm = GENNEXS.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = true
[realms]
GENNEXS.LOCAL = {
kdc = dc.gennexs.local
admin_server = dc.gennexs.local
}
[domain_realm]
.gennexs.local = GENNEXS.LOCAL
gennexs.local = GENNEXS.LOCAL
🧩 4️⃣ Configure /etc/samba/smb.conf
Backup the default:
mv /etc/samba/smb.conf /etc/samba/smb.conf.bak
Create a new:
vim /etc/samba/smb.conf
[global]
workgroup = GENNEXS
security = ADS
realm = GENNEXS.LOCAL
log file = /var/log/samba/%m.log
log level = 1
winbind use default domain = true
winbind offline logon = true
winbind nss info = rfc2307
idmap config * : backend = tdb
idmap config * : range = 3000-7999
idmap config GENNEXS : backend = rid
idmap config GENNEXS : range = 10000-999999
template shell = /bin/bash
template homedir = /home/%U
🧩 5️⃣ Configure NSS to recognize AD users
Edit /etc/nsswitch.conf:
passwd: compat winbind
group: compat winbind
shadow: compat winbind
🧩 6️⃣ Join the client to the domain
First test Kerberos:
kinit Administrator
Enter the AD administrator password.
Check with:
klist
You should see a valid ticket.
Now join the domain:
net ads join -U Administrator
Видео Joining a Linux Client to a Linux Samba Active Directory Domain Controller канала Chaxiong Yukonhiatou
Комментарии отсутствуют
Информация о видео
8 ч. 49 мин. назад
00:47:42
Другие видео канала
