1. Configure network with a static ip address

$sudo nano /etc/network/interfaces

auto eth0

iface eth0 inet static

address 192.168.0.35

gateway 192.168.0.1

netmask 255.255.255.0

network 192.168.0.0

broadcast 192.168.0.255

dns-nameservers 192.168.0.1 114.114.114.114 8.8.8.8
dns-search szhnbc.com

2. Name your domain controller

$sudo hostname rd-server

$sudo echo "rd-server" > /etc/hostname

$sudo nano /etc/hosts

127.0.0.1 localhost
127.0.1.1 rd-server.szhnbc.com RD-Server
192.168.0.35 rd-server.szhnbc.com rd-server

$sudo apt-get update && apt-get upgrade

$sudo reboot

3. Install packages ntp, acl, samba + tools

$apt-get install ntp acl samba krb5-user smbclient

在安装Kerberos时,会提示输入相关信息

Your realm: SZHNBC.COM

Kerberos servers for your realm: rd-server.szhnbc.com

Administrative server: rd-server.szhnbc.com

4. Configure samba

Remove automatically created configuration  

$sudo rm /etc/samba/smb.conf

Configure samba with samba-tool

$sudo samba-tool domain provision --realm szhnbc.com --domain szhnbc --adminpass Password123 --server-role=dc

注意:如果设置安全比较低的密码,会导致命令失败。

安装成功信息:

Looking up IPv4 addresses

Looking up IPv6 addresses

No IPv6 address will be assigned

Setting up share.ldb

Setting up secrets.ldb

Setting up the registry

Setting up the privileges database

Setting up idmap db

Setting up SAM db

Setting up sam.ldb partitions and settings

Setting up sam.ldb rootDSE

Pre-loading the Samba  and AD schema

Adding DomainDN: DC=szhnbc,DC=com

Adding configuration container

Setting up sam.ldb schema

Setting up sam.ldb configuration data

Setting up display specifiers

Modifying display specifiers

Adding users container

Modifying users container

Adding computers container

Modifying computers container

Setting up sam.ldb data

Setting up well known security principals

Setting up sam.ldb users and groups

Setting up self join

Adding DNS accounts

Creating CN=MicrosoftDNS,CN=System,DC=szhnbc,DC=com

Creating DomainDnsZones and ForestDnsZones partitions

Populating DomainDnsZones and ForestDnsZones partitions

Setting up sam.ldb rootDSE marking as synchronized

Fixing provision GUIDs

A Kerberos configuration suitable for Samba  has been generated at /var/lib/samba/private/krb5.conf

Once the above files are installed, your Samba4 server will be ready to use

Server Role:           active directory domain controller

Hostname:              rd-server

NetBIOS Domain:        SZHNBC

DNS Domain:            szhnbc.com

DOMAIN SID:            S------

5. Configure DNS

对于大型,复杂的网络部署,建议你应该使用BIND,但在我的实际环境中,内建的DNS已经足够用了。

$sudo nano /etc/samba/smb.conf
dns forwarder = 8.8.8.8

allow dns updates = nonsecure
$sudo nano /etc/network/interfaces
dns-nameservers 192.168.0.35
$sudo reboot now

6. Test your new domain controller

$ host -t SRV _ldap._tcp.szhnbc.com.

_ldap._tcp.szhnbc.com has SRV record    rd-server.szhnbc.com.

$ host -t SRV _kerberos._udp.szhnbc.com.

_kerberos._udp.szhnbc.com has SRV record    rd-server.szhnbc.com.

$ host -t A rd-server.szhnbc.com.

rd-server.szhnbc.com has address 192.168.0.35$ kinit administrator

Password for administrator@SZHNBC.COM:

Warning: Your password will expire in  days on Fri Jan  :: $ klist

Ticket cache: FILE:/tmp/krb5cc_999

Default principal: administrator@SZHNBC.COM

Valid starting     Expires            Service principal

// ::  // ::  krbtgt/SZHNBC.COM@SZHNBC.COM

        renew until // ::

benny@RD-SERVER:~$ smbclient -L localhost -U%

Domain=[SZHNBC] OS=[Unix] Server=[Samba 4.1.-Ubuntu]

        Sharename       Type      Comment

        ---------       ----      -------

        netlogon        Disk

        sysvol          Disk

        IPC$            IPC       IPC Service (Samba 4.1.-Ubuntu)

Domain=[SZHNBC] OS=[Unix] Server=[Samba 4.1.-Ubuntu]

        Server               Comment

        ---------            -------

        Workgroup            Master

        ---------            -------

        HAICHUAN             YANGXINFENG

        MSHOME               RD-SERVER

        WORKGROUP            HC-JXS

$ smbclient //localhost/netlogon -U'administrator'

Enter administrator's password:

Domain=[SZHNBC] OS=[Unix] Server=[Samba 4.1.-Ubuntu]

smb: \> quit

7. Manage your new domain controller

Recommended way of managing your server is to use "Remote Server Administration Tools", which you can install on Windows 7 desktop pc as a feature.

You can also manage users & groups with samba-tool

samba-tool user add john --surname=Smith --given-name=John
samba-tool group add test_group
samba-tool group addmembers test_group john

samba-tool user list
getent passwd john
id john

  

  

  

  

  

Samba 4 Domain Controller on Ubuntu 14.04 LTS的更多相关文章

  1. Install CUDA 6.0 on Ubuntu 14.04 LTS

    Ubuntu 14.04 LTS is out, loads of new features have been added. Here are some procedures I followed ...

  2. Ubuntu 14.04 LTS 安装Docker

    Docker官方是有很详细的安装文档(https://docs.docker.com/engine/installation/ubuntulinux/),这里做了一个Ubuntu 14.04 LTS中 ...

  3. 完整卸载 kubuntu-desktop from Ubuntu 14.04 LTS

    系统 ubuntu 14.04 LTS 64Bit 目的:卸载kubuntu-desktop 方法一: sudo apt-get remove libkde3support4 k3b-data ntr ...

  4. Ubuntu 14.04 LTS 更新源大全

    Ubuntu 14.04 LTS 系统更新源汇总 如何使用这些系统更新源?---三步走 首先备份源列表: sudo cp /etc/apt/sources.list /etc/apt/sources. ...

  5. Ubuntu 14.04 LTS 下 android 2.3.5 源码编译过程

    Ubuntu 14.04 LTS 下 android 2.3.5 源码编译过程   在新的Ubuntu 64位系统下去编译早期的安卓源码是会出现很多问题的,因为64位系统在安装完成后,很多32位的兼容 ...

  6. Ubuntu 14.04 LTS 64bit 编译SDL的问题

    http://blog.csdn.net/jhting/article/details/38523945 Ubuntu 14.04 LTS 64bit 编译SDL的问题 分类: C/C++2014-0 ...

  7. Ubuntu 14.04 LTS 与Kylin

    现在是安装了Ubuntu 14.04 LTS 但是通过安装ubuntukylin 这个包居然实现了Kylin--原来这个自主研发还这么方便-呵呵 sudo apt-get install ubuntu ...

  8. 【转】基于Ubuntu 14.04 LTS编译Android4.4.2源代码

    原文网址:http://blog.csdn.net/gobitan/article/details/24367439 基于Ubuntu 14.04 LTS编译Android4.4.2源代码       ...

  9. VM Depot 中国上的 Bitnami 镜像更新至 Ubuntu 14.04 LTS

     发布于 2014-08-13 作者 陈 忠岳 随着越来越多中国本地镜像源源不断地加入,  VM Depot 中国站点也在日益壮大(http://msopentech.com/?p=865871) ...

随机推荐

  1. js 测试

    今天js测试题目: 被基础题目虐暴......惨不忍睹 1. var num = 2; switch(num){ case 1: console.log("1"); case 2: ...

  2. kuangbin_SegTree D (POJ 2528)

    讲道理我之前暂时跳过染色的题是因为总觉得有什么很高端的算法来query 直到我做了F题(ZOJ 1610)才发现就是个暴力统计.....也对 也就几万个长度单位而已.... F就不po上来了 选了有点 ...

  3. unity行为树制作AI简单例子(2)

    继续昨天的工程,给Monster添加一个空物体命名为AI,在AI添加脚本BehaviorTree,然后就可以打开行为树编辑器进行编辑了 先写好自定义的节点脚本,下面是一个寻找漫游点的行为节点脚本 us ...

  4. EL表达式有无双引号的区别

    最近做项目时发现原来对EL表达式理解太浅,通过一个springMVC项目,加深了对其的理解,下面总结一下,如发现有不对之处,请批评指正: 1.在单独的js文件中,EL表达式无效,如:var type= ...

  5. VS2010遇到fatal error C1083: 无法打开预编译头文件:“xxx.pch”: No such file or directory

    对C++和VS2010非常不熟悉,但是无奈赶着项目,只能看了点基础就上手,然后就碰到这个问题了. 原因分析: http://bbs.csdn.net/topics/340191697?page=1 编 ...

  6. 井间数据polarization analysis 相关概念

    1. 垂直分量上记录到的数据,无法记录SH波?这个有待考证,先记录于此~ 两点需要注意:1.层状介质中,P波和深度方向(Z轴)组成入射面;2.SH的定义为垂直于入射面的S波分量. 2.VSP的观测方式 ...

  7. 更新日志(建议升级到2016.12.17) && 更新程序的方法

    更新程序的方法: 1,在控制面板里点击备份当前数据库文件到磁盘,把当天获取的信息从内存写到磁盘/存储卡.2,下载最新版的源码 wget -O "infopi.zip" " ...

  8. 判断ie版本

    (function(){ var browser=navigator.appName var b_version=navigator.appVersion var version=b_version. ...

  9. 怎么使用CDR中排列对象功能

    通过将对象发送到其他对象的前面或者后面,可以更改图层或页面上对象的堆叠顺序,还可以将对象按堆叠顺序精确定位,并且可以反转多个对象的堆叠顺序.本教程将详解CorelDRAW中排列对象各按钮功能. 1. ...

  10. Centos下安装和配置SVN

    1.安装SVN服务 #检查现有版本 rpm -qa subversion #如果存储旧版本,卸载旧版本SVN yum remove subversion #安装SVN yum install subv ...