How to make an Active Directory Domain controller using Ubuntu 16.04 Server and Samba4
1. Set password for root: through following method.
sudo passwd root
Enter the password of User (Ex: Vikram)
Enter the new password
Retype the new password
(Here I've used same password User and Root)
2. For switch user enter the command of su and enter the password of root
3. Check the IP Address through ifconfig command,
4. Change the IP address as static,
vi /etc/network/interfaces
5. Change the Localhost IP and Hostname as following screenshot
6. Restart the server, after login switch to Root user su.
update and upgrade the default packages through following command.
apt-get update && apt-get upgrade -y
7. After update, Enter the following command for software package installation: sudo apt-get install git build-essential libacl1-dev libattr1-dev libblkid-dev libgnutls-dev libreadline-dev python-dev python-dnspython gdb pkg-config libpopt-dev libldap2-dev dnsutils libbsd-dev attr krb5-user docbook-xsl libcups2-dev libpam0g-dev ntp -y
8. Configuring the Kerberos Authentication
1. Default Kerberos version 5 realm: UTP.LOCAL
2. Kerberos servers for your realm: utpserver
3. Administrative Server for your kerberos realm: utpserver
9. Enter the following command.
git clone -b v4-1-stable git://git.samba.org/samba.git samba4
10. cd samba4
11. ./configure --enable-debug --enable-selftest
12. make
13. make install
14. /usr/local/samba/bin/samba-tool domain provision --realm=utp.local --domain=utp --adminpass="UTPServer123" --server-role=dc --dns-backend=SAMBA_INTERNAL
16. /usr/local/samba/bin/smbclient //localhost/netlogon -UAdministrator%UTPServer123" -c 'ls'
17. echo domain utp.local >> /etc/resolve.conf
18. vi /usr/local/samba/etc/smb.conf
change the dns forwarder IP
19. vi /usr/local/samba/share/setup/krb5.conf
modify the default realm = utp.local
20.mkdir -m 770 /Users
chmod g+s /Users
chown root:users /Users
kinit administrator@UTP.LOCAL
klist -c
21. vi /usr/local/samba/etc/smb.conf
Modify the conf file as shown in following screenshot.
22. /usr/local/samba/bin/samba-tool user setexpiry administrator --noexpiry
After joining the desktop to the Domain, login with the Domain user ID.
For Windows 7: https://www.microsoft.com/en-ca/download/details.aspx?id=7887
For Windows 8: https://www.microsoft.com/en-ca/download/details.aspx?id=28972
For Windows 8.1: https://www.microsoft.com/en-ca/download/details.aspx?id=39296
1. After the installation of Remote Server Administration Tool go to the Programs and Features window and select Turn Windows features on or off.
2. Select the check box as marked on the screenshot
3. Manage the Domain users through Administrative tools.
Following screenshots are showing the Installation of Ubuntu 16.04 Server.
Choose the OpenSSH Server package
After restarting the server, Login with created user credentials.
sudo passwd root
Enter the password of User (Ex: Vikram)
Enter the new password
Retype the new password
(Here I've used same password User and Root)
2. For switch user enter the command of su and enter the password of root
3. Check the IP Address through ifconfig command,
4. Change the IP address as static,
vi /etc/network/interfaces
5. Change the Localhost IP and Hostname as following screenshot
6. Restart the server, after login switch to Root user su.
update and upgrade the default packages through following command.
apt-get update && apt-get upgrade -y
7. After update, Enter the following command for software package installation: sudo apt-get install git build-essential libacl1-dev libattr1-dev libblkid-dev libgnutls-dev libreadline-dev python-dev python-dnspython gdb pkg-config libpopt-dev libldap2-dev dnsutils libbsd-dev attr krb5-user docbook-xsl libcups2-dev libpam0g-dev ntp -y
8. Configuring the Kerberos Authentication
1. Default Kerberos version 5 realm: UTP.LOCAL
2. Kerberos servers for your realm: utpserver
3. Administrative Server for your kerberos realm: utpserver
9. Enter the following command.
git clone -b v4-1-stable git://git.samba.org/samba.git samba4
10. cd samba4
11. ./configure --enable-debug --enable-selftest
12. make
13. make install
14. /usr/local/samba/bin/samba-tool domain provision --realm=utp.local --domain=utp --adminpass="UTPServer123" --server-role=dc --dns-backend=SAMBA_INTERNAL
Restart the server
15. su
cd samba4
usr/local/samba/sbin/samba -V
usr/local/samba/bin/smbclient -V
usr/local/samba/bin/smbclient -L localhost -U%
16. /usr/local/samba/bin/smbclient //localhost/netlogon -UAdministrator%UTPServer123" -c 'ls'
17. echo domain utp.local >> /etc/resolve.conf
18. vi /usr/local/samba/etc/smb.conf
19. vi /usr/local/samba/share/setup/krb5.conf
modify the default realm = utp.local
20.mkdir -m 770 /Users
chmod g+s /Users
chown root:users /Users
kinit administrator@UTP.LOCAL
klist -c
21. vi /usr/local/samba/etc/smb.conf
Modify the conf file as shown in following screenshot.
22. /usr/local/samba/bin/samba-tool user setexpiry administrator --noexpiry
Join the client desktop to the created Domain through following steps.
Managing the Domain through Remote Server Administration Tool
Download and install the Remote Server Administration Tools through following link. For Windows 7: https://www.microsoft.com/en-ca/download/details.aspx?id=7887
For Windows 8: https://www.microsoft.com/en-ca/download/details.aspx?id=28972
For Windows 8.1: https://www.microsoft.com/en-ca/download/details.aspx?id=39296
1. After the installation of Remote Server Administration Tool go to the Programs and Features window and select Turn Windows features on or off.
2. Select the check box as marked on the screenshot
3. Manage the Domain users through Administrative tools.
