Set up Link to heading

  • Virtual machines:
AD DC ServerClient
OSUbuntu 16.04.3 LTSCentOS 6.9
Hostnamesambacentos
IP address10.0.0.100/2410.0.0.200/24
  • Domain name: flemingcollege.ca
  • Reaml: FLEMINGCOLLEGE.CA

1. Open smb.conf and krb5.conf file on AD DC Server to save information. Link to heading

root@samba:~$ cat /etc/krb5.conf
[libdefaults]
        default_realm = FLEMINGCOLLEGE.CA
        dns_lookup_realm = false
        dns_lookup_kdc = true

root@samba:~$ cat /etc/samba/smb.conf
[global]
        workgroup = FLEMINGCOLLEGE
        realm = FLEMINGCOLLEGE.CA
        netbios name = SAMBA
        server role = active directory domain controller
        dns forwarder = 8.8.8.8

2. Install and configure Winbind on Client. Link to heading

[root@centos ~]$ yum -y install samba-winbind samba-winbind-clients pam_krb5 krb5-libs

[root@centos ~]$ chkconfig winbind on

[root@centos ~]$ vi /etc/sysconfig/network-scripts/ifcfg-eth0
# Change the DNS to AD's one
DNS1=10.0.0.100

[root@centos ~]$ vi /etc/resolv.conf
# Change the domain and DNS to AD's one
domain flemingcollege.ca
nameserver 10.0.0.100

# Restart network service
[root@centos ~]$ service network restart

# Take information from AD Server
[root@centos ~]$ authconfig \
--enablekrb5 \
--krb5kdc=samba.flemingcollege.ca \ # Information from krb5.conf
--krb5adminserver=samba.flemingcollege.ca\
--krb5realm=FLEMINGCOLLEGE.CA\
--enablewinbind \
--enablewinbindauth \
--smbsecurity=ads \
--smbrealm=FLEMINGCOLLEGE.CA\ # Information from smb.conf
--smbservers=SAMBA \
--smbworkgroup=FLEMINGCOLLEGE \
--winbindtemplatehomedir=/home/%U \
--winbindtemplateshell=/bin/bash \
--enablemkhomedir \
--enablewinbindusedefaultdomain \
--update

Starting Winbind services: [ OK ]

3. Edit hostname for client identity before joining in domain. Link to heading

[root@centos ~]$ vi /etc/hosts
# Add lines (127.0.0.1 hostname.domain.local hostname.domain.com hostname)
127.0.0.1       centos.flemingcollege.ca   centos
10.0.0.100     samba.flemingcollege.ca   samba

# Check hostname again
[root@centos ~]$ hostname -f
centos.flemingcollege.ca

4. Synchronize time with AD DC Server. Link to heading

[root@centos ~]$ yum -y install ntpdate

[root@centos ~]$ chkconfig ntpdate on

[root@centos ~]$ ntpdate 10.0.0.100
20 Oct 21:29:41 ntpdate[18757]: adjust time server 10.0.0.100 offset 0.002364 sec
 
[root@centos ~]$ service ntpdate start
ntpdate: Synchronizing with time server: [  OK  ]

5. Join in AD DC Server. Link to heading

# Join in AD (net ads join -U [AD's admin user])

[root@centos ~]$ net ads join -U Administrator
Using short domain name -- FLEMINGCOLLEGE
Joined 'CENTOS' to dns domain 'flemingcollege.ca'.
 
# Display AD users list
[root@centos ~]$ wbinfo -u
administrator
krbtgt
ubuntu
guest

# Switch to a user in AD
[root@centos ~]$ su - ubuntu
Creating directory '/home/ubuntu'.