On Wed, 30 Aug 2017 12:48:09 -0300 Flávio Silveira via samba <samba at lists.samba.org> wrote:> Hi Louis > > On 30/08/2017 10:28, L.P.H. van Belle via samba wrote: > > Hai, > > First I want to thank you for maintaining a debian repo with updated > packages, made my life much easier! > > > If you have a small network, yes, a DC only is not recommended, but > > if configured correcly it works fine. I see you have only one linux > > server, so i can assum only windows clients. Then, i say yes, setup > > an AD DC as fileserver. > > Do you have any pointers on which wiki tutorial I should follow to > get things started? >Follow the DC wiki page: https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller There is even a section: Using the Domain Controller as a File Server This will send you to: https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member Where you will need to read this section: Configuring the Name Service Switch Which will refer you to: https://wiki.samba.org/index.php/Libnss_winbind_Links This will tell you how to set up the libnns_winbind links Having said all that, you can do it all by installing samba attr winbind libpam-winbind libpam-krb5 libnss-winbind krb5-config krb5-user ntp dnsutils ldb-tools set up ntp as per the wiki: https://wiki.samba.org/index.php/Time_Synchronisation provision the domain, run 'pam-auth-update' ensure everything is checked and tab to <OK> and press enter, now start 'samba' It should just work. Rowland
On 30/08/2017 13:16, Rowland Penny via samba wrote:> On Wed, 30 Aug 2017 12:48:09 -0300 > Flávio Silveira via samba <samba at lists.samba.org> wrote: > >> Hi Louis >> >> On 30/08/2017 10:28, L.P.H. van Belle via samba wrote: >>> Hai, >> First I want to thank you for maintaining a debian repo with updated >> packages, made my life much easier! >> >>> If you have a small network, yes, a DC only is not recommended, but >>> if configured correcly it works fine. I see you have only one linux >>> server, so i can assum only windows clients. Then, i say yes, setup >>> an AD DC as fileserver. >> Do you have any pointers on which wiki tutorial I should follow to >> get things started? >> > Follow the DC wiki page: > > https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller > > There is even a section: Using the Domain Controller as a File Server > > This will send you to: > > https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member > > Where you will need to read this section: > > Configuring the Name Service Switch > > Which will refer you to: > > https://wiki.samba.org/index.php/Libnss_winbind_Links > > This will tell you how to set up the libnns_winbind links > > Having said all that, you can do it all by installing > > samba attr winbind libpam-winbind libpam-krb5 libnss-winbind > krb5-config krb5-user ntp dnsutils ldb-tools > > set up ntp as per the wiki: > > https://wiki.samba.org/index.php/Time_Synchronisation > > provision the domain, run 'pam-auth-update' ensure everything is > checked and tab to <OK> and press enter, now start 'samba' > > It should just work. > > Rowland >I can't thank you enough for this, great walk through! I will probably have more questions during the setup, but I have only one left for now: Will it create any issues if I do it within the current network or do you recommend doing in network lab? Regards, Flavio Silveira
On Wed, 30 Aug 2017 14:12:09 -0300 Flávio Silveira via samba <samba at lists.samba.org> wrote:> > > On 30/08/2017 13:16, Rowland Penny via samba wrote: > > On Wed, 30 Aug 2017 12:48:09 -0300 > > Flávio Silveira via samba <samba at lists.samba.org> wrote: > > > >> Hi Louis > >> > >> On 30/08/2017 10:28, L.P.H. van Belle via samba wrote: > >>> Hai, > >> First I want to thank you for maintaining a debian repo with > >> updated packages, made my life much easier! > >> > >>> If you have a small network, yes, a DC only is not recommended, > >>> but if configured correcly it works fine. I see you have only one > >>> linux server, so i can assum only windows clients. Then, i say > >>> yes, setup an AD DC as fileserver. > >> Do you have any pointers on which wiki tutorial I should follow to > >> get things started? > >> > > Follow the DC wiki page: > > > > https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller > > > > There is even a section: Using the Domain Controller as a File > > Server > > > > This will send you to: > > > > https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member > > > > Where you will need to read this section: > > > > Configuring the Name Service Switch > > > > Which will refer you to: > > > > https://wiki.samba.org/index.php/Libnss_winbind_Links > > > > This will tell you how to set up the libnns_winbind links > > > > Having said all that, you can do it all by installing > > > > samba attr winbind libpam-winbind libpam-krb5 libnss-winbind > > krb5-config krb5-user ntp dnsutils ldb-tools > > > > set up ntp as per the wiki: > > > > https://wiki.samba.org/index.php/Time_Synchronisation > > > > provision the domain, run 'pam-auth-update' ensure everything is > > checked and tab to <OK> and press enter, now start 'samba' > > > > It should just work. > > > > Rowland > > > > I can't thank you enough for this, great walk through!No problem.> > I will probably have more questions during the setup, but I have only > one left for now:Any questions, just ask, the only stupid question is the one you don't ask ;-)> > Will it create any issues if I do it within the current network or do > you recommend doing in network lab? >I would do a test run first, that way, if there are any questions, you can ask them and errors wont affect anything. There is just one thing I missed, you will probably want homedirs for the users, to get them created automatically the first time a user connects, you will need to add this line to /etc/pam.d/common-session session required pam_mkhomedir.so skel=/etc/skel/ umask=0022 Rowland