SLES 15
Sponsored Link

Samba : Samba Winbind2019/01/23
 
Join in Windows Active Directory Domain with Samba Winbind.
This tutorial needs Windows Active Directory Domain Service in your LAN.
This example shows to configure on the environment below.
Domain Server : Windows Server 2016
NetBIOS Name : FD3S01
Domain Name : srv.world
Realm : SRV.WORLD
Hostname : fd3s.srv.world
[1] Install Winbind.
smb:~ #
zypper -n install samba-winbind
[2] Configure Winbind.
smb:~ #
vi /etc/krb5.conf
# line 9: uncomment and change to your own Realm name

    default_realm = SRV.WORLD
# line 13: add AD Host

[realms]
    SRV.WORLD = {
        kdc = fd3s.srv.world
        admin_server = fd3s.srv.world
    }
smb:~ #
vi /etc/samba/smb.conf
# line 5: change workgroup to AD DS NetBIOS name and also change like follows

   workgroup = FD3S01

   password server = fd3s.srv.world
   realm = SRV.WORLD
   security = ads
   idmap config * : range = 16777216-33554431
   template homedir = /home/%U
   template shell = /bin/bash
   winbind use default domain = true
   winbind offline logon = false
smb:~ #
vi /etc/nsswitch.conf
# line 25: add

passwd: compat winbind
group:  compat winbind
shadow: compat winbind
smb:~ #
vi /etc/pam.d/common-session
# add to the end if you need (auto create a home directory at initial login)

session optional        pam_mkhomedir.so skel=/etc/skel umask=077
smb:~ #
vi /etc/sysconfig/network/config
# line 195: change DNS to AD Host

      NETCONFIG_DNS_STATIC_SERVERS="10.0.0.100"
smb:~ #
systemctl restart wickedd wicked wickedd-nanny

[3] Join in Windows Active Directory Domain.
# join in Active Directory (net ads join -U [AD's admin user])

smb:~ #
net ads join -U Administrator

Enter Administrator's password:
Using short domain name -- FD3S01
Joined 'SMB' to dns domain 'srv.world'
No DNS domain configured for smb. Unable to perform DNS Update.
DNS update failed: NT_STATUS_INVALID_PARAMETER
smb:~ #
systemctl restart winbind nscd

smb:~ #
systemctl enable winbind nscd
# show domain users info

smb:~ #
wbinfo -u

administrator
guest
defaultaccount
serverworld
krbtgt
# try to switch to an AD user

smb:~ #
id serverworld

uid=16777216(serverworld) gid=16777216(domain users) groups=16777216(domain users)
smb:~ #
su - serverworld

Creating directory '/home/serverworld'.
serverworld@smb:~>
Matched Content