28 January, 2012 #Technology #Tutorials

Howto Samba Active Directory Integration

  • RB

Samba Directory Server Integration

Once part of an Active Directory domain, Samba can provide file and print services to AD users.
The simplest way to join an AD domain is to use Likewise-open.
Once part of the domain, enter the following command in the terminal prompt:

sudo apt-get install samba smbfs smbclient 

Since the likewise-open and samba packages use separate secrets.tdb files, a symlink will need to be created in/var/lib/samba:

sudo mv /var/lib/samba/secrets.tdb /var/lib/samba/secrets.tdb.orig
sudo ln -s /etc/samba/secrets.tdb /var/lib/samba

Next, edit /etc/samba/smb.conf changing:

workgroup = EXAMPLE
   security = ads
   realm = EXAMPLE.COM
   idmap backend = lwopen
   idmap uid = 50-9999999999
   idmap gid = 50-9999999999

Restart samba for the new settings to take effect:

sudo restart smbd
sudo restart nmbd

You should now be able to access any Samba shares from a Windows client. However, be sure to give the appropriate AD users or groups access to the share directory.

Accessing a Windows Share

Now that the Samba server is part of the Active Directory domain you can access any Windows server shares

  • To mount a Windows file share enter the following in a terminal prompt:
mount.cifs //fs01.example.com/share mount_point 

It is also possible to access shares on computers not part of an AD domain, but a username and password will need to be provided.

  • To mount the share during boot place an entry in /etc/fstab, for example:
// /mnt/windows cifs auto,username=steve,password=secret,rw 0 0
  • Another way to copy files from a Windows server is to use the smbclient utility. To list the files in a Windows share:
smbclient //fs01.example.com/share -k -c "ls"
  • To copy a file from the share, enter:
smbclient //fs01.example.com/share -k -c "get file.txt" 

This will copy the file.txt into the current directory.

  • To copy a file to the share:
smbclient //fs01.example.com/share -k -c "put /etc/hosts hosts" 

This will copy the /etc/hosts to //fs01.example.com/share/hosts.

The -c option used above allows you to execute the smbclient command all at once. This is useful for scripting and minor file operations. To enter the smb: \> prompt, a FTP like prompt where you can execute normal file and directory commands, simply execute:

smbclient //fs01.example.com/share -k

0 Comments on Howto Samba Active Directory Integration

Leave a Comment

Your email address will not be published. Required fields are marked *

You Might Be Interested In