Aggiungere un Domain Member Server Samba

Il modo più semplice è creare un Member Server in cui gli account locali vengono creati al bisogno.

• Installare Samba sul nuovo server (importante la libreria, altrimenti non autentica):

sudo aptitude install samba winbind libnss-winbind

• Creare il file Samba minimo:

sudoedit /etc/samba/smb.conf

[global]
        workgroup = DOMAINNAME
        netbios name = SERVERNAME
        security = DOMAIN
        server string = ServerName
        log file = /var/log/samba/smbd
        idmap config * : backend = tdb
        idmap config * : range = 3000-7999
        add user script = /usr/sbin/useradd -m '%u'
        add machine script = /usr/sbin/useradd -M '%u'
        add group script = /usr/sbin/groupadd '%g'
        load printers = no
        printing = cups
        printcap name = /dev/null
        disable spoolss = yes

[ShareName]
        path = /path/to/directory
        comment = Share Description
        read only = No
        browseable = No

• Impostare la risoluzione dei nomi windows

sudoedit /etc/nsswitch.conf

passwd:         compat winbind
group:          compat winbind

• Fare il join del dominio:

sudo net rpc join -U administrator

Joined domain DOMAINNAME.

• Riavviare i daemons:

systemctl enable smbd.service
systemctl enable winbind.service
systemctl restart smbd.service
systemctl restart winbind.service

• Verificare la risoluzione dei nomi:

getent passwd DOMAINNAME\\Administrator

DOMAINNAME\administrator:*:3000:3005:Administrator:/home/DOMAINNAME/administrator:/bin/false

• Accedere con smbclient:

 smbclient '\\192.168.1.1\myshare' -U administrator -W DOMAINNAME

• Setting up Samba as a Domain Member - SambaWiki
• Troubleshooting Samba Domain Members - SambaWiki
• Chapter 7. Adding Domain Member Servers and Clients:NT4/Samba Domain with Samba Domain Member Server without NSS Support