I have recently setup a Samba Server that will act as a Domain Controller. This
is in my home LAN right now. My plan is to use a similar setup at my office
once I get a better handle on the ins and outs of running Samba as a AD.
My OS is CentOS 6.5. My LAN is reasonably simple, a few Windows 7 machines and
some Windows XP machines. One Fedora client as well. I have followed
instructions based on 2 guides:
http://www.akrupp.ch/domain-controller-active-directory-with-samba4-rc1-and-centos-6-5/
https://folgaizer.wordpress.com/2013/12/12/samba4-on-centos-6-4/
Samba appears to be working just fine, along with acting as a domain controller
etc. I can manage the server with RAST and add users etc. Dynamic DNS updates
are working also. One sticking point is that the Samba Server itself is not
'visible' on any of my clients. In "Network" on my Windows 7
machines and Network Neighborhood on the XP machines. On my Linux client
(Fedora 20) it is also not visible. I can however reach the server on any
system by using UNC \\Server<file:///\\Server>. That works fine.
My smb.conf is (XXX in place of my actual domain):
# Global parameters
[global]
workgroup = XXX
realm = XXX.COM
netbios name = SERVER
server role = active directory domain controller
server services = rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbind,
ntp_signd, kcc, dnsupdate, smb
dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr, netlogon,
lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey,
dnsserver, winreg, srvsvc
idmap_ldb:use rfc2307 = yes
wins support = true
server string = Samba Server Version %v
log level = 3
winbind nss info = rfc2307
idmap config MYDOMAIN: range = 10000-20000
idmap config MYDOMAIN: backend = ad
idmap_ldb:use rfc2307 = yes
[netlogon]
path = /usr/local/samba/var/locks/sysvol/XXX.com/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
[320GB]
writeable = yes
path = /mnt/320GB
[500GB]
writeable = yes
path = /mnt/500GB
[750GB]
writeable = yes
path = /mnt/750GB
[1TB]
writeable = yes
path = /mnt/1TB