How to Manage Samba4 AD Infrastructure from Linux Command Line – Part 2

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.95/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Matei Cezar

I’am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

19 Responses

  1. Arjit says:
    getent passwd | grep TECMINT
    TECMINT\administrator:*:0:100::/home/TECMINT/administrator:/bin/false
    TECMINT\cifs_user:*:3000018:100:cifs user:/home/TECMINT/cifs_user:/bin/false
    TECMINT\del_user:*:3000017:100:del user:/home/TECMINT/del_user:/bin/false
    TECMINT\krbtgt:*:3000019:100::/home/TECMINT/krbtgt:/bin/false
    TECMINT\guest:*:3000011:100::/home/TECMINT/guest:/bin/false
    

    As mentioned above default shell for all user is /bin/false instead of /bin/bash.

    Please let me know how can i update it.

  2. Thameera Nawaratna says:

    Thanks for the very useful article. I would like to know how to set the user password expiration warning (number of days) with samba-tool? Can we set it in domain level?

  3. iwan says:

    Can i get home directory where first login on samba via windows machine?

    I can see my homes where login with user ad-dc, but i can access it because actually homes directory didn’t create on Linux server. home user actually create where i login direct Linux use command.

    This input/output for example :

    [email protected]:~$ su - test1
    Password:
    Creating directory '/data/samba/SERVER/test1'.
    [email protected]:~$
    

    Thanks!

    • Matei Cezar says:

      That’s the normal behaviour to create a home directory for a user when you first log on onto the Linux machine.

  4. mike says:

    How can I change home directory “/home/$DOMAIN” ?
    I would like to use, my own.
    Thanks!

    • Matei Cezar says:

      Why you need to change standard path from /home to other path? It can be done by editing smb.conf file and the following statement:

      template homedir = /your/path/%D/%U

      where %D represents the domain part and %U the username part.

      • mike says:

        Well the point is, when user is created, user home dir is created in the /home/domain/user.
        I would like to use something diferent, like /srv/samba/homes/%U.
        Thanks!

  5. Bounty says:

    thanks for the tutorial. I can’t get the last part working “Login in Linux with an Active Directory User” because the su and id command do not find the users. The getent command is working… Any ideas ?
    Thanks

    • Matei Cezar says:

      Maybe you should precede the username with the domain part, such as: DOMAIN\your_domain_user

      • Bounty says:

        This is not working :

        orca:/usr/local/samba/var # getent passwd
        ...
        MAIRIE\test:*:3000019:100:test testt:/home/test:/bin/bash
        orca:/usr/local/samba/var # id MAIRIE\test
        id: ‘MAIRIEtest’: no such user
        orca:/usr/local/samba/var # id MAIRIE\\test
        id: ‘MAIRIE\\test’: no such user
        orca:/usr/local/samba/var # id 'MAIRIE\test'
        id: ‘MAIRIE\\test’: no such user
        
  6. david says:

    Why do you have only modify /etc/pam.d/common-password file and not /etc/pam.d/common-account, /etc/pam.d/common-auth, /etc/pam.d/common-session ?
    Thanks for your response.

  7. david says:

    # getent passwd | grep TECMINT
    # getent group | grep TECMINT

    These lines are not functional because we must add these lines in /etc/samba/smb.conf

    winbind enum users = yes
    winbind enum groups = yes

  8. Matei Cezar says:

    On the next series of tutorials we will cover integrating Linux and Windows machines into Samba4 AD DC.

  9. nugroho says:

    It is A nice tutorial. I’m curious about joining linux machine to samba4 active directory controller.
    Please put more information which setting is in client section/side and which one is in server section/side.

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *