Setting up a samba-ad-dc: Difference between revisions
m (fix formatting) |
m (more formatting, fixed typo, cleaned up file path names) |
||
| Line 9: | Line 9: | ||
= Edit hosts file = | = Edit hosts file = | ||
You need to modify | You need to modify your {{Path|/etc/hosts}} file to look similar to this. | ||
127.0.0.1 localhost.localdomain localhost | 127.0.0.1 localhost.localdomain localhost | ||
| Line 15: | Line 15: | ||
= Create smb.conf = | = Create smb.conf = | ||
Alpine doesn't provide an example configuration file in the package so you'll need to create one. | Alpine doesn't provide an example configuration file in the package so you'll need to create one at {{Path|/etc/samba/smb.conf}}. | ||
[global] | [global] | ||
| Line 40: | Line 40: | ||
= Configure resolv.conf = | = Configure resolv.conf = | ||
Modify your /etc/resolv.conf to include your new domain as a search domain and point to itself as the first nameserver. | Modify your {{Path|/etc/resolv.conf}} to include your new domain as a search domain and point to itself as the first nameserver. | ||
search example.com | search example.com | ||
| Line 47: | Line 47: | ||
= Configure Kerberos = | = Configure Kerberos = | ||
You need to replace krb5.conf with a link to the one generated by samba. | You need to replace krb5.conf with a link to the one generated by samba. | ||
{{Cmd|ln -sf / | {{Cmd|ln -sf /var/lib/samba/private/krb5.conf /etc/krb5.conf}} | ||
= Install new init script = | = Install new init script = | ||
As of 3/31/2016 and Alpine 3.3.3, the included samba init script doesn't support starting it as a domain controller. Modify your /etc/init.d/samba script like the one below. | As of 3/31/2016 and Alpine 3.3.3, the included samba init script doesn't support starting it as a domain controller. Modify your {{Path|/etc/init.d/samba}} script like the one below. | ||
#!/sbin/openrc-run | #!/sbin/openrc-run | ||
Revision as of 00:27, 1 April 2016
NOTES: In all examples below, teplace EXAMPLE with your NetBIOS domain name in caps, example.com with your DNS domain name, HOSTNAME with your system's host name in caps, and hostname with your system's host name.
Refer to the Active Directory naming FAQ before choosing your domain name.
Installation
Install packages:
apk add samba-dc krb5
Edit hosts file
You need to modify your /etc/hosts file to look similar to this.
127.0.0.1 localhost.localdomain localhost 10.1.1.10 hostname.example.com hostname
Create smb.conf
Alpine doesn't provide an example configuration file in the package so you'll need to create one at /etc/samba/smb.conf.
[global]
server role = domain controller
workgroup = EXAMPLE
realm = example.com
netbios name = HOSTNAME
passdb backend = samba4
idmap_ldb:use rfc2307 = yes
[netlogon]
path = /var/lib/samba/sysvol/example.com/scripts
read only = No
[sysvol]
path = /var/lib/samba/sysvol
read only = No
Provision your Samba domain
Answer the questions with your domain information:
samba-tool domain provision --use-rfc2307 --interactive
Use the SAMBA_INTERNAL DNS option. When asked for a forwarder IP, choose your internet DNS server. You can use your ISP or other public services (like Google) here.
Configure resolv.conf
Modify your /etc/resolv.conf to include your new domain as a search domain and point to itself as the first nameserver.
search example.com nameserver 10.1.1.10
Configure Kerberos
You need to replace krb5.conf with a link to the one generated by samba.
ln -sf /var/lib/samba/private/krb5.conf /etc/krb5.conf
Install new init script
As of 3/31/2016 and Alpine 3.3.3, the included samba init script doesn't support starting it as a domain controller. Modify your /etc/init.d/samba script like the one below.
#!/sbin/openrc-run
extra_started_commands="reload"
DAEMON=${SVCNAME#samba.}
SERVER_ROLE=`samba-tool testparm --parameter-name="server role" 2>/dev/null | tail -1`
if [ "$SERVER_ROLE" = "active directory domain controller" ]; then
daemon_list="samba"
elif [ "$DAEMON" != "samba" ]; then
daemon_list=$DAEMON
fi
depend() {
need net
after firewall
}
start_samba() {
start-stop-daemon --start --quiet --exec /usr/sbin/samba --
}
stop_samba() {
start-stop-daemon --stop --quiet --pidfile /var/run/samba/samba.pid
}
start_smbd() {
start-stop-daemon --start --quiet --exec /usr/sbin/smbd -- \
${smbd_options:-"-D"}
}
stop_smbd() {
start-stop-daemon --stop --quiet --pidfile /var/run/samba/smbd.pid
}
start_nmbd() {
start-stop-daemon --start --quiet --exec /usr/sbin/nmbd -- \
${nmbd_options:-"-D"}
}
stop_nmbd() {
start-stop-daemon --stop --quiet --pidfile /var/run/samba/nmbd.pid
}
start_winbindd() {
start-stop-daemon --start --quiet --exec /usr/sbin/winbindd -- \
$winbindd_options
}
stop_winbindd() {
start-stop-daemon --stop --quiet --pidfile /var/run/samba/winbindd.pid
}
start() {
for i in $daemon_list; do
ebegin "Starting $i"
start_$i
eend $?
done
}
stop() {
for i in $daemon_list; do
ebegin "Stopping $i"
stop_$i
eend $?
done
}
reload() {
for i in $daemon_list; do
ebegin "Reloading $i"
killall -HUP $i
eend $?
done
}
Configure the Samba service
Run these two commands to start the service on boot and to start the service right now.
rc-update add samba
rc-service samba start