Samba4 BDC

From Stadm

Revision as of 10:55, 24 June 2014 by Stadm1 (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Contents

1 Required Packages
2 Kerberos
3 Join DC to domain
4 Transfer Roles
5 nssswitch

Required Packages

Kerberos

make backup of kerberos conf

cp /etc/krb5.conf /etc/krb5.bak

add realm to kerberos file /etc/krb5.conf

cp /usr/local/samba/share/setup/krb5.conf /etc/krb5.conf

change ${REALM} variable to your realm
test that you can kinit

kinit administrator

type password then klist to check if you have ticket

klsit

Join DC to domain

if kerberos is working check that you can see the PDC dns entries
then join DC to domain

samba-tool domain join example.edu DC -Uadministrator --realm=example.edu

should end with

Joined domain EXAMPLE (SID ...) as a DC

Transfer Roles

DNS entries must ne setup before you can transfer roles, samba must be running (check log before for any errors)

*see who has what roles
samba-tool fsmo show

transfer them all(can also transfer individual roles)

samba-tool fsmo transfer --role=all

nssswitch

enumerate users in getent passwd
edit /etc/nssswitch to contain

passwd:     files winbind
shadow:     files
group:      files winbind

Retrieved from "http://wiki-stadm.eri.ucsb.edu/index.php?title=Samba4_BDC&oldid=2439"

Navigation menu