1. Install the following packages
yum install samba*yum install krb5-libs krb5-workstation2. Configuration Kerberos /etc/krb5.conf
[logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = YOURDOMAIN dns_lookup_realm = false dns_lookup_kdc = false ticket_lifetime = 24h renew_lifetime = 7d forwardable = true [realms] YOURDOMAIN = { kdc = dns-name-your-domain-controller}[domain_realm] .yourdomain = YOURDOMAIN yourdomain = YOURDOMAIN
3. Configuration samba /etc/samba/smb.conf
[global]
workgroup = DOMAIN
password server = dns-name-your-domain-controller
realm = YOURDOMAIN
preferred master = no
security = ads
dns proxy = yes
idmap config * : range = 16777216-33554431
template shell = /bin/bash
kerberos method = secrets only
winbind use default domain = true
winbind offline logon = true
server string = Samba Server
passdb backend = tdbsam
load printers = no
show add printer wizard = no
printcap name = /dev/null
log file = /var/log/samba/%m.log
loglevel = 3
max log size = 1000
map to guest = Never
encrypt passwords = yes
guest account = nobody
restrict anonymous = 1
server signing = mandatory
local master = no
domain master = no
wins support = no
keepalive = 30
dead time = 5
preserve case = yes
default case = lower
case sensitive = no
short preserve case = yes
host msdfs = no
unix extensions = no
wide links = yes
follow symlinks = yes
posix locking = no
[homes]
comment = Home Directories
browseable = no
create mask = 0755
writable = yes4. Add Server to Domain
net ads join -S dns-name-your-domain-controlle -U account-admin-for-active-director5. Edit file /etc/nsswitch.conf and restart samba and winbind and test it.
passwd: files winbind
shadow: files winbind
group: files winbindSubscribe by Email
Follow Updates Articles from This Blog via Email
No Comments