You are not allowed to perform this action
integratesambawithactivedirectory
Integrating a Ubuntu Samba file server with Active Directory
- Install the packages:
apt install realmd samba winbind - Check if an entire FQDN is set:
hostname -f- If necessary, set one using:
hostnamectl hostname smb.example.com
- Check connectability to AD server:
realm discover ad.example.com - Join the domain:
realm join -v –membership-software=samba –client-software=winbind -U domain_admin ad.example.com - Disable password authentication so only users with authenticated keys may login:
Edit/etc/ssh/sshd_configand set
PasswordAuthentication no
- Allow nsswitch to recognize domain users:
Edit/etc/nsswitch.confand set the passwd and group options:
passwd: files systemd winbind group: files systemd winbind
- Check if it knows about domain users:
getent passwd example.com\\someuser - Edit
/etc/samba/smb.confand change these options:
template homedir = /mnt/samba/home/%U@%D winbind use default domain = yes [FDZ] path = /mnt/samba/fdz comment = Datensaetze writable = yes guest ok = no
- Reload SMBD config:
smbcontrol smbd reload-config
Links
integratesambawithactivedirectory.txt · Last modified: by wolfo