How to configure Ubuntu Linux server as a Domain Controller, Samba 4 Active Directory Domain Controller on Ubuntu 20.10 Server

By

 How to configure Ubuntu Linux server as a Domain Controller

Samba 4 Active Directory Domain Controller on Ubuntu 20.10 Server

How to install Active Directory on Ubuntu 20.10 LTS


First, assign a static IP to your server. Ubuntu Server uses netplan for network management. Your network configuration will look similar to this:

sudo ls /etc/netplan

sudo vim /etc/netplan/ file name 

---

network:

  ethernets:

    enp0s3:

      dhcp4: no

      addresses:

      - 192.168.1.51/24

      gateway4: 192.168.1.1

      nameservers:

        addresses: [8.8.8.8, 8.8.4.4]

        search: []

  version: 2

---

Apply the network config


sudo netplan apply


Check if time synchronization with an Internet server is working

timedatectl


Update the apt cache

sudo apt update


Change the hostname and update the hosts file

sudo vim /etc/hostname

---

dc1.aryan.com

---

sudo vim /etc/hosts

---

192.168.1.51 dc1.aryan.com dc1

---

sudo reboot



Now, install the SAMBA 4 Active Directory packages

sudo apt -y install samba krb5-config winbind smbclient

---

Kerberos Realm: aryan.com

Kerberos servers for your realm: dc1.aryan.com

Administrative server for your Kerberos realm: dc1.aryan.com


Rename the SAMBA config file

sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.original


Provision the domain controller

sudo samba-tool domain provision

---

Realm [aryan.com]:

Domain [MVCLOUD]:

Server Role (dc, member, standalone) [dc]:

DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]:

DNS forwarder IP address (write 'none' to disable forwarding)  8.8.8.8

Administrator password:

Retype password:


Copy the Kerberos config file

sudo cp /var/lib/samba/private/krb5.conf /etc/


Stop and disable the samba services and the dns resolver service

sudo systemctl disable --now smbd nmbd winbind systemd-resolved


Unmask the SAMBA AD service

sudo systemctl unmask samba-ad-dc


Enable and start the AD service

sudo systemctl enable --now samba-ad-dc


Show the functtional levels of the AD

sudo samba-tool domain level show

---

Domain and forest function level for domain 'DC=mvcloud,DC=tech'


Forest function level: (Windows) 2008 R2

Domain function level: (Windows) 2008 R2

Lowest function level of a DC: (Windows) 2008 R2

Recreate the dns nameserver file


sudo rm -f /etc/resolv.conf


sudo vim /etc/resolv.conf

---

nameserver 127.0.0.1

domain aryan.com


Active Directory is now ready! Try joining a Windows 10 PC to your AD domain.


You may use the samba-tool command to administer AD from the server itself. For example, this is how you create a user:


sudo samba-tool user create user1


Join a computer to the domain and login domain user

Comments

Post a Comment

Popular posts from this blog

How to install and configure OSSEC server and client

By
How to install and configure OSSEC server and client sudo timedatectl set-timezone Asia/Calcutta Asia/Calcutta   1. sudo apt-get update && sudo apt-get upgrade -y 2. sudo apt-get install build-essential libevent-dev zlib1g-dev libssl-dev unzip wget -y 3. sudo apt-get install libpcre2-dev 4. sudo apt-get install libsystemd-dev 5. wget https://github.com/ossec/ossec-hids/archive/3.7.0.tar.gz 6. tar -xvzf 3.7.0.tar.gz 7. cd ossec-hids-3.7.0 8. sudo ./install.sh 9. sudo /var/ossec/bin/ossec-control start   Configure OSSEC nano /var/ossec/etc/ossec.conf Update below <global>     <email_notification>yes</email_notification>     <email_to>root@localhost</email_to>     <smtp_server>127.0.0.1</smtp_server>     <email_from>ossecm@localhost</email_from> </global>   <global>     <emai...
Read more

How to install nuke in windows 10 and windows 11,Installing Nuke on Windows, Install Nuke on Windows

By
  SINGLE MACHINE 1.Install Your Foundry Product 2.Install FLT7 (If you already have our rlm server working and running , jump to step 8)  3.Stop Foundry License Server 4.Copy the cracked rlm.foundry.exe over the original one (C:\Program Files\The Foundry\LicensingTools7.1\bin\RLM\rlm.foundry.exe)  5.Edit xf_foundry.lic replacing desktop 1234567890123456 (host name, Mac-Address)  You can get those informations using rlmutil.exe , a simple dos window ipconfig/all   or you can start Foundry License Utility and choose Diagnostics and Run Diagnostics, you will find your hostname, your mac address (System ID)     PORT is by default 5053 if you dont put any (dont forget to delete the word PORT then if you dont want to specify one) . If you need more infos read RLM manual. 6.Copy the xf_foundry.lic to C:\ProgramData\The Foundry\RLM or C:\Program Files\The Foundry\LicensingTools7.1\bin\RLM\ 7.Restart RLM Server you can do that from services or just with Fo...
Read more

Autodesk Maya 2024 Install Windows 11

By
 1) Install Autodesk Application - Do Not Start it yet  2) Install the Autodesk network license manager (v11.18.0) from crack folder (NLM.msi Update 8)      -Default install is "C:\Autodesk\Network License Manager"     -Stop any running instance (lmgrd, adskflex) if you have one     -Replace adskflex.exe by cracked one   3) Replace the version.dll - \Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingAgent\ 4) Edit lic.dat and change HOSTNAME and MAC to suit your configuration (if you are not sure start LMTOOLS Utility and go to     System Settings, your HOSTNAME and MAC will be listed)    You can change vendor port too and add your previous licenses of course :)    Save lic.dat where you want (we suggest to "C:\Autodesk\Network License Manager" folder) 5) You have 2 options:     1)Start Network License Manager manually :     Run the license manager w...
Read more