LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-06-2013, 01:16 PM   #1
wluna
LQ Newbie
 
Registered: Jul 2011
Posts: 3

Rep: Reputation: Disabled
Unhappy CentOS 6.4 installing Samba and SWAT to joing a Windws 2008 AD


Hi everybody,
I am new to linux, and I have been trying to configure Samba 3.9 to join an Active Directory Domain. However, I have not been successful. I have researched on Google and I tried doing the installation and configureation of the samba.conf file but I cant not get it to work. Also I tried installing SWAT but no evail either. Can somebody poit me to a site or give me some instructions on best practice to configure Samba. It seems that there are many ways of doing the configuration but I cannot get it to work. I have done some reading alos on the samba.org site but there instructions seem to be for someone with more experience. Any help will be greatly appreciated.
 
Old 08-06-2013, 04:49 PM   #2
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 2,404

Rep: Reputation: Disabled
There's a lot of outdated information out there, so if you just Google you may end up following a tutorial or HowTo that doesn't actually work. Fortunately, adding Samba 3 to a Windows domain isn't difficult at all:
  1. Make sure name resolution works. You must be able to ping windows_server.ad.domain from the CentOS server.
  2. Kerberos must work. The command kinit ad_username@AD.DOMAIN should prompt you for a password. The AD domain name must be in all caps. Afterwards, klist should show a ticket issued by the krbtgt account.
  3. Make sure the "security" setting in smb.conf is "ADS" (security = ads)
  4. Make sure the "realm" setting in smb.conf refers to your AD domain (realm = AD.DOMAIN)
  5. The "workgroup" setting in smb.conf should be the NetBIOS name of the AD domain (workgroup = ADDOMAIN)
  6. Finally, join the Samba 3.x server to the AD domain with the following command: net ads join -U ad_user@AD.DOMAIN
You should now see a computer account object for the Samba server in the default container in AD (the "Computers" container at the root level, unless you've changed the default setting).
 
Old 08-07-2013, 10:51 AM   #3
prayag_pjs
Senior Member
 
Registered: Feb 2008
Location: Pune - India
Distribution: Fedora,RedHat,CentOS,Gentoo
Posts: 1,138
Blog Entries: 4

Rep: Reputation: 147Reputation: 147
If possible try Samba4.

http://wiki.samba.org/index.php/Samba_AD_DC_HOWTO
 
Old 08-07-2013, 10:58 AM   #4
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 2,404

Rep: Reputation: Disabled
Quote:
Originally Posted by prayag_pjs View Post
That article describes how to provision a new domain, but the OP already has a Windows 2008 R2 server acting as a domain controller in an existing AD domain.

Setting up Samba 4 as a DC in an existing Windows AD domain will break GPOs and login scripts unless one installes rsync (or a similar program) on both the Windows DC and the Samba DC to keep sysvol synchronized, as Samba currently does not support the DFS-R protocol (and may not support it for some time, as it isn't even on the roadmap).
 
1 members found this post helpful.
Old 08-07-2013, 11:12 AM   #5
prayag_pjs
Senior Member
 
Registered: Feb 2008
Location: Pune - India
Distribution: Fedora,RedHat,CentOS,Gentoo
Posts: 1,138
Blog Entries: 4

Rep: Reputation: 147Reputation: 147
Sorry my mistake.
 
Old 08-15-2013, 04:45 PM   #6
wluna
LQ Newbie
 
Registered: Jul 2011
Posts: 3

Original Poster
Rep: Reputation: Disabled
Thank you for the replies to my post; however, the instructions from Ser Olmy were clear but were not enough to get my samba server client to join the domain. It needed more information. Also the other replies pointed to Samba Wiki, which I had already visited prior to submitting my post but the instructions in the sambawiki are either too advance or vague they need more detail information and update the current steps because some of those don't apply anymore. The way I was able to resolve my issue was by copying a smb.conf file from one of the Linux Samba servers that my company has and edit the file to my server.
 
Old 08-16-2013, 03:06 AM   #7
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 2,404

Rep: Reputation: Disabled
Quote:
Originally Posted by wluna View Post
Thank you for the replies to my post; however, the instructions from Ser Olmy were clear but were not enough to get my samba server client to join the domain. It needed more information. Also the other replies pointed to Samba Wiki, which I had already visited prior to submitting my post but the instructions in the sambawiki are either too advance or vague they need more detail information and update the current steps because some of those don't apply anymore. The way I was able to resolve my issue was by copying a smb.conf file from one of the Linux Samba servers that my company has and edit the file to my server.
My post didn't really contain instructions as much as a list of steps required to join a Samba 3 server to a domain. The procedure as listed is actually quite complete (and tried and tested many times), assuming the sever already has the proper DNS and IP settings. Each step should either have succeeded or resulted in an error message, tha latter indicating that a setting is either missing or incorrect.

Depending on your setup, a (small) number of additional Samba settings may be required, such as idmap and winbind parameters. In addition, if AD users are to be given access right to shared files and/or be allowed to log in to the Linux server, changes to /etc/nsswitch.conf, /etc/fstab or /etc/pam.d/system-auth may be required.

While copying /etc/smb.conf from a working system may have made it possible to join the Samba server to the domain, you still don't know why it now works, and neither will anybody else reading this "solved" post later. Posting any error messages you may have gotten while performing the aforementioned steps would have made it possible to identify and correct any settings that were either missing or wrong.
 
Old 08-21-2013, 04:35 PM   #8
wluna
LQ Newbie
 
Registered: Jul 2011
Posts: 3

Original Poster
Rep: Reputation: Disabled
Hi Ser Olmy,
Thank you for your respond, I agree copying the configuration from one samba server to the Linux computer that I was configuring was not the correct way to learn. There are a lot of things that I still don’t understand about the samba configuration. I have gone to http://wiki.samba.org/index.php/Samba_AD_DC_HOWTO to see the configuration steps but some of those steps produce results that I am not really trying to accomplish or don’t work for me. I would like to ask you if you can write some basic steps to configure a Linux {CentOS 6.4} computer to be a member server in a Windows 2008 domain, enable domain users to login to the Linux computer using their Windows Domain credentials and create a home directory. In addition, create a share directory and enable it for the Windows computers in the domain to connect to the share. Please advice or pint me to a site that has the steps to do that configuration on Samba
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Samba-swat file in Centos 9.3 rohitkanojia Linux - Newbie 1 09-24-2012 03:42 AM
Problems installing Samba-SWAT Dolphin2005 Linux - Newbie 1 11-18-2005 06:43 PM
XP cannot joing Samba PDC kowerchuk Linux - Networking 2 12-03-2003 02:36 PM
Installing Swat from Samba Tyir Linux - Newbie 13 10-13-2003 04:36 PM
Samba Help? Installing Swat? Alinuxnoob Linux - Software 11 04-19-2002 09:49 PM


All times are GMT -5. The time now is 06:19 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration