Create an Active Directory Infrastructure with Samba4 on Ubuntu – Part 1

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.95/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Matei Cezar

I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

34 Responses

  1. Sharif Qaysari says:

    Hello everyone !

    I have passed the all the procedure to setup the Samba as ADDC and it was successful. now I am trying to integrate the Samba with OpenLdap, I’ve searched a lot in google but have found no any guide or documentation about setting up OpenLDAP with Samba backed on Ubuntu 16.04.

    could you please help to setup that or reference any resource?

    • Matei Cezar says:

      That’s because Samba4 has LDAP ad schema integrated. If you can’t find it in official samba docs, than it’s not officially supported.

  2. jokerZD says:

    This works super.

    Windows server upon Linux stability what else to say and you “bonus” possibilities here, mdadm, rsync.

  3. Paulo says:

    Excellent guide!!! Congratulations. I really need part 14. and also 13. When
    will be your publication? Thank you.

  4. corpusdilecti says:

    I’m running to an issue with resolving my domain name. I can ping the FQDN and Host, but not the domain name. Here is my setup:

    Hostname:

    adc1

    Hosts file:

    127.0.0.1 localhost
    127.0.1.1 adc1.tirnanog.local adc1

    # The following lines are desirable for IPv6 capable hosts
    ::1 localhost ip6-localhost ip6-loopback
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters

    /etc/network/interfaces

    # This file describes the network interfaces available on your system
    # and how to activate them. For more information, see interfaces(5).

    source /etc/network/interfaces.d/*

    # The loopback network interface
    auto lo
    iface lo inet loopback

    # Wired network connection
    auto eno1
    iface eno1 inet static
    address 192.168.1.200
    netmask 255.255.255.0
    broadcast 192.168.1.254
    gateway 192.168.1.1
    dns-nameservers 127.0.0.1 192.168.1.200 192.168.1.1
    dns-search tirnanog.local

    /etc/resolv.conf

    # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
    # DO NOT EDIT THIS FILE BY HAND — YOUR CHANGES WILL BE OVERWRITTEN
    nameserver 127.0.0.1
    search tirnanog.local

    When I try to ping, these are the results that I get:

    [email protected]:/# ping -c3 tirnanog.local
    ping: unknown host tirnanog.local

    [email protected]:/# ping -c3 adc1.tirnanog.local
    PING adc1.tirnanog.local (127.0.1.1) 56(84) bytes of data.
    64 bytes from adc1.tirnanog.local (127.0.1.1): icmp_seq=1 ttl=64 time=0.049 ms
    64 bytes from adc1.tirnanog.local (127.0.1.1): icmp_seq=2 ttl=64 time=0.060 ms
    64 bytes from adc1.tirnanog.local (127.0.1.1): icmp_seq=3 ttl=64 time=0.061 ms

    — adc1.tirnanog.local ping statistics —
    3 packets transmitted, 3 received, 0% packet loss, time 1998ms
    rtt min/avg/max/mdev = 0.049/0.056/0.061/0.010 ms

    [email protected]:/# ping -c3 adc1.tirnanog.local
    PING adc1.tirnanog.local (127.0.1.1) 56(84) bytes of data.
    64 bytes from adc1.tirnanog.local (127.0.1.1): icmp_seq=1 ttl=64 time=0.052 ms
    64 bytes from adc1.tirnanog.local (127.0.1.1): icmp_seq=2 ttl=64 time=0.061 ms
    64 bytes from adc1.tirnanog.local (127.0.1.1): icmp_seq=3 ttl=64 time=0.062 ms

    — adc1.tirnanog.local ping statistics —
    3 packets transmitted, 3 received, 0% packet loss, time 1998ms
    rtt min/avg/max/mdev = 0.052/0.058/0.062/0.007 ms

    Can anyone give me a hand and let me know what I’m doing wrong? I have a good feeling it is something to do with the dns-nameservers, but I’ve tried changing them a few time in /etc/network/interfaces and I can’t seem to get anything to work.

    By the way, this is what I’m running:

    Distributor ID: Ubuntu
    Description: Ubuntu 16.04.2 LTS
    Release: 16.04
    Codename: xenial

    Please, let me know if there is any other info needed. Thanks!

    • corpusdilecti says:

      Well! It seems I didn’t install/configure DNS before starting this tutorial.. that would have helped :)

    • Matei Cezar says:

      If your machine is a Samba4 DC then remove 127.0.1.1 adc1.tirnanog.local from hosts file and point to adc1 only before provisioning the domain.

      I see you have three DNS entries on interfaces file, use only dns-nameservers 127.0.0.1 and other DNS server provisioned on your domain if that’s the case after you’ve provisioned the samba domain.

  5. Hannes van Vuuren says:

    Thanks a lot for this article! After going through the domain provision process a few times this seems to me the most solid article about the process. There is plenty of outdated information around the net, and Samba wiki is often confusing (if not outright down on a given day).

  6. unknowen says:

    Hello,

    I have reached to the step below and I have encountered one failure! any idea, please?

    $ sudo samba-tool domain provision --use-rfc2307 -interactive
    

    Usage: samba-tool domain provision [options]

    samba-tool domain provision: error: no such option: -i

  7. Dave says:

    Hi guys.

    After running through the guide in the office, I took the server on site to a client with a different network.

    When changing the IP address and DNS entries the lookup of domain.local returns the IP address the box had in our office.
    Tried flushing the DNS and a bunch of things and nothing has worked so far.

    How would I get around this?

    • Matei Cezar says:

      You must manually update all IP’s addresses on your machine (hosts, network interfaces, samba IP forwarders, resolvers ) and samba DNS records to fit new IP range.

      • Dave says:

        Where do I edit the samba dns records and IP forwarders? In the smb.conf file?

        Where do i edit the resolvers as well. I have set the rest, I have also set the IP’s in the smb.conf file.

  8. Dave says:

    Hi there,

    I have set up an active directory domain controller according to your guide in a test environment in our office.

    When I took it on site to a different IP range, I changed the IP address. Changed the DNS according to the site. When i ping the domain name it returns the old IP address. When I do an NSlookup it also returns the IP address I had set up the machine on in the office.

    I have set it up on Ubuntu 16.10

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *