Domínio | HOSTNAME | IP | Sistema |
---|---|---|---|
srvproxy | 192.168.0.64 | GNU/Linux Ubuntu 20.04.2 LTS (download) | |
HOMEOFFICE | srvAD | 192.168.0.193 | WIndows Server 2019 |
homeoffice.local | |||
HOMEOFFICE.LOCAL | |||
O objetivo deste post é explicar os procedimentos para ingressar máquina Linux no domínio AD (Windows) ou Samba 4.
Atualização do sistema:
$ sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get dist-upgrade -y && sudo apt-get clean && sudo reboot
Instalando pacotes necessários:
Instalação dos pacotes: (na tela que irá aparecer apenas clique em ‘OK’)
# apt-get install vim ntp ntpdate samba libnss-winbind acl attr winbind krb5-config
Hosts
# vim /etc/hosts
127.0.0.1 localhost
192.168.0.64 srvproxy.homeoffice.local srvproxy
hostname -f
resposta:
srvproxy.homeoffice.local
Ajustando o resolv.conf
# systemctl disable systemd-resolved && systemctl stop systemd-resolved && unlink /etc/resolv.conf
# vim /etc/resolv.conf
search homeoffice.local
domain homeoffice.local
# Controlador de dominio
nameserver 192.168.0.193
# DNS
nameserver 8.8.8.8
host -t A homeoffice.local
Resposta:
homeoffice.local has address 192.168.0.193
Data/Hora
# dpkg-reconfigure tzdata

Samba
# cp /etc/samba/smb.conf{,.original}
# vim /etc/samba/smb.conf
[global]
workgroup = HOMEOFFICE
realm = HOMEOFFICE.LOCAL
netbios name = srvproxy
security = ADS
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
Kerberos
# cp /etc/krb5.conf{,.original}
# vim /etc/krb5.conf
[libdefaults]
default_realm = HOMEOFFICE.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
[realms]
homeoffice.local = {
kdc = srvAD.HOMEOFFICE.LOCAL
admin_server = srvAD.HOMEOFFICE.LOCAL
}
Reinicializando o Samba
# /etc/init.d/smbd restart
Ingressando no domínio
# net ads join -U Administrador
Resposta:
Enter Administrador’s password:
Using short domain name — HOMEOFFICE
Joined ‘SRVPROXY’ to dns domain ‘homeoffice.local’
Winbind
# cp /etc/nsswitch.conf{,.original}
# vim /etc/nsswitch.conf
Alterar:
passwd: compat
group: compat
shadow: compat
Para:
passwd: compat winbind
group: compat winbind
shadow: compat winbind
# systemctl restart winbind
DICAS
Veja a seguir algumas dicas que vão lhe ajudar
Listando usuários
wbinfo -u
wbinfo --user-info=joserf
Listando grupos
wbinfo -g