Samba Shares with Active Directory Login on Ubuntu Server 13.04 – Part 1

By | November 13, 2013

This tutorial shows you how to set up a SAMBA server which use Active Directory user and group authentication.

Samba, Winbind, Kerberos and nsswitch configuration allows you to have a Linux machine serving files via SMB, where your authentication and authorization for the files and folders is done via ADS.

—————————————————————————————————————————–

Introduction

The data used in this tutorial:

  • Active Directory Domain:     test.net
  • Realm/workgroup:         TEST
  • Active Directory Server IP:     192.168.1.100 (Also DNS and NTP)

This setup is tested with the following software:

  • Ubuntu Server 13.04
  • Samba 3.6.3
  • Active Directory on Windows Server 2008 mixed with Windows Server 2012.
  • Active Directory on Windows Server 2003 mixed with Windows Server 2008

——————————————————————————————————————————-

Overview

A summary of the steps we are going to do:

  • Install Packages
  • Configure NTP & DNS
  • Configure Kerberos
  • Configure nsswitch
  • Configure Samba
  • Join the Domain
  • Configure Samba shares
  • Test the setup

—————————————————————————————————————————-

Install Packages

On a freshly installed Ubuntu Server 13.04, install the following packages.

sudo apt-get install ntp krb5-user samba smbfs smbclient winbind

krb5, Kerberos will ask some questions about your domain and Administrative user.

———————————————————————————————————–

Configure NTP & DNS

Active Directory (Kerberos in general) is very picky about the system time, so configure NTP to sync the time against your Active Directory NTP server. Edit /etc/ntp.conf:

sudo vi /etc/ntp.conf

server 192.168.1.100

Edit your /etc/resolv.conf file and change the DNS to your Active Directory DNS servers:

sudo vi /etc/resolv.conf

nameserver 192.168.1.100

search test.net