Samba Shares with Active Directory Login on Ubuntu Server 13.04 – Part 1

By | November 13, 2013

This tutorial shows you how to set up a SAMBA server which use Active Directory user and group authentication.

Samba, Winbind, Kerberos and nsswitch configuration allows you to have a Linux machine serving files via SMB, where your authentication and authorization for the files and folders is done via ADS.



The data used in this tutorial:

  • Active Directory Domain:
  • Realm/workgroup:         TEST
  • Active Directory Server IP: (Also DNS and NTP)

This setup is tested with the following software:

  • Ubuntu Server 13.04
  • Samba 3.6.3
  • Active Directory on Windows Server 2008 mixed with Windows Server 2012.
  • Active Directory on Windows Server 2003 mixed with Windows Server 2008



A summary of the steps we are going to do:

  • Install Packages
  • Configure NTP & DNS
  • Configure Kerberos
  • Configure nsswitch
  • Configure Samba
  • Join the Domain
  • Configure Samba shares
  • Test the setup


Install Packages

On a freshly installed Ubuntu Server 13.04, install the following packages.

sudo apt-get install ntp krb5-user samba smbfs smbclient winbind

krb5, Kerberos will ask some questions about your domain and Administrative user.


Configure NTP & DNS

Active Directory (Kerberos in general) is very picky about the system time, so configure NTP to sync the time against your Active Directory NTP server. Edit /etc/ntp.conf:

sudo vi /etc/ntp.conf


Edit your /etc/resolv.conf file and change the DNS to your Active Directory DNS servers:

sudo vi /etc/resolv.conf