on slackware64 14.2
find /var/log/packages/ | grep samba #slackpkg install samba
The domain provisioning creates some certificates. Therefore, to avoid any issues, use the same name for your dc service as your local FQDN. For example host.example.local
or change your system hostname to dc1.example.local
.
vi /etc/hosts INTERNAL-IP dc1.example.local dc1 pwgen samba-tool domain provision --use-rfc2307 --interactive --option="interfaces=lo INTERNAL-NIC" --option="bind interfaces only=yes" ls -lhF /var/lib/samba/private/tls vi /etc/resolv.conf domain example.local nameserver INTERNAL-IP
Note. some additional tuning may be required for NIS extensions to be enabled.
Disable the provided init scripts (seems outdated, as there is no need to start smbd and nmbd speparately),
ls -lhF /etc/rc.d/rc.samba chmod -x /etc/rc.d/rc.samba
Start the daemon while watching the logs,
tail -n0 -F /var/log/* /var/log/samba/* /usr/sbin/samba pgrep -a samba
and do not forget to enable it at boot time,
vi /etc/rc.d/rc.local echo -n Starting Samba 4 on `grep 'interfaces =' /etc/samba/smb.conf`... /usr/sbin/samba && echo \ Done vi /etc/rc.d/rc.local_shutdown echo -n Shutting down Samba4... pkill samba && echo \ Done chmod +x /etc/rc.d/rc.local_shutdown
Accept local network resolution/forwarding,
host opendns.com #host opendns.com 127.0.0.1
And proceed with some further testing from some client.
Restart the service,
tail -n0 -F /var/log/* /var/log/samba/* pgrep -a samba pkill samba pgrep -a samba /usr/sbin/samba pgrep -a samba
Create a new user quick and dirty,
pwgen samba-tool user add user1
or with some details,
pwgen samba-tool user add user2 --given-name="user2 firstname" --surname="user2 surname" --mail-address=pbraun@nethence.com --login-shell=/bin/bash
and check,
samba-tool user list
review the password policy and statuses,
samba-tool domain passwordsettings show
and eventually changing the policy,
samba-tool domain passwordsettings -h ...
Same DNS and Kerberos setup as for a member. Then joining the domain as DC,
samba-tool domain join example.local DC -U"EXAMPLE\administrator" --dns-backend=SAMBA_INTERNAL --option="interfaces=lo INTERNAL-NIC" --option="bind interfaces only=yes"
To start from scratch,
#pkill samba #removepkg samba #rm -rf /etc/samba/ /var/lib/samba #slackpkg install samba
If you get this msg,
==> /var/log/syslog <== Feb 27 23:49:52 lenovo smbd[5653]: [2018/02/27 23:49:52.355883, 0] ../source3/smbd/server.c:1440(main) Feb 27 23:49:52 lenovo smbd[5653]: server role = 'active directory domain controller' not compatible with running smbd standalone. Feb 27 23:49:52 lenovo smbd[5653]: You should start 'samba' instead, and it will control starting smbd if required Feb 27 23:49:52 lenovo nmbd[5654]: [2018/02/27 23:49:52.402628, 0] ../source3/nmbd/nmbd.c:923(main) Feb 27 23:49:52 lenovo nmbd[5654]: server role = 'active directory domain controller' not compatible with running nmbd standalone. Feb 27 23:49:52 lenovo nmbd[5654]: You should start 'samba' instead, and it will control starting the internal nbt server
==> do not use rc.samba
. Use samba
directly as described above.