====== Integrating a Ubuntu Samba file server with Active Directory ======
  - Install the packages: \\ ''apt install realmd samba winbind''
  - Check if an entire FQDN is set: \\ ''hostname -f''
    - If necessary, set one using: \\ ''hostnamectl hostname smb.example.com''
  - Check connectability to AD server: \\ ''realm discover ad.example.com''
  - Join the domain: \\ ''realm join -v --membership-software=samba --client-software=winbind -U //domain_admin// //ad.example.com//''
  - Disable password authentication so only users with authenticated keys may login: \\ Edit ''/etc/ssh/sshd_config'' and set \\ <code>PasswordAuthentication no</code>
  - Allow nsswitch to recognize domain users: \\ Edit ''/etc/nsswitch.conf'' and set the passwd and group options: \\ <code>passwd:     files systemd winbind
group:      files systemd winbind</code>
  - Check if it knows about domain users: \\ ''getent passwd //example.com\\someuser//''
  - Edit ''/etc/samba/smb.conf'' and change these options: \\ <code ini>template homedir = /mnt/samba/home/%U@%D
winbind use default domain = yes

[FDZ]
        path = /mnt/samba/fdz
        comment = Datensaetze
        writable = yes
        guest ok = no</code>
  - Reload SMBD config: \\ ''smbcontrol smbd reload-config''


===== Links =====
  * [[https://ubuntu.com/server/docs/samba-active-directory|ubuntu.com – Member Server in an Active Directory Domain]]
  * [[https://wiki.archlinux.org/title/Active_Directory_integration|Arch – Active Directory Integration]]