Creating a Windows AD using Samba 4 on Ubuntu 22.04
HTML-код
- Опубликовано: 9 ноя 2022
- In this video we explore the cost effective solution of running a Windows Active Directory on Linux using Samba 4, Then we connect to it from a Window and Linux client
All commands are available here:
links.considerednormal.com/Ia...
#activedirectory #samba4 #ubuntu 
Наука
Warning for people setting this up .... never use something.local as your domain name. ".local" is reserved by the ietf and used by multicast DNS. I learned this the hard way so you don't have to.
.lan is great ?
Yes. .LAN is fine.@@annako5240
I tend to use .internal, .local and bonjour don't play nice.
In case you didn’t know, the ICANN proposes to use .internal… It was published recently - you can check it out here: itp.cdn.icann.org/en/files/root-system/identification-tld-private-use-24-01-2024-en.pdf
oof i scrolled down too late RIP
Great tutorial sir. Works 100%.
Just for those who have ufw in their system, you need to open ports 53 for DNS and 135 for the Domain Controller
I found this out the hard way. I had pihole running in my test VM 😃
you made my night!
thank you very much for this great description!
greetings from bavaria
I have been looking for a video like this for ages. Thank you very much for this.
Thank you very very much. It is the first time, when I've launched AD in my Ubuntu server and this is the video that showed me the right way to do that!
By the way, after I've installed RSAT, the icons didn't apper in the control panel.
And I cannot create any samba group in WebMin anymore.
thank you for this video! this video really helped me!
Thank you for your time.
Excellent Tutorial!! Thank you!
Great Tutorial Thank you man
Totally worth my subscription!!!
I would love to see a video setting up a mail server hosted locally with a VPS serving as a proxy / VPN gateway
Sorry for the late reply. Intriguing idea. Might make it happen
Thanks you, men! 😀
thank you so much for this :)
Grazie, tutorial eccezionale.
For what it's worth, I just followed this with Ubuntu 24.04 and it worked great.
Nathan Fillion doing tech guides, nice!
Thank you for this great tutorial. 2 question tho. If I added a user, how to assign a location (on the server?) for the home dir? And how to also have shares? Or should another samba server be built seperate for shares?
Greating
You have explained every step very clearly. Thanks for making such a useful vedeo!
Can you maybe create a video where you'll explain how to update sabma to the latest version?
That is a possibility for a future video, for sure.
Thank you for creating this amazing tutorial.
Do you have any plans to create a domain joined file server via Ubuntu or Debian? Specifically, one that can have its shares managed via ACL? That is something I have not been able to find a good tutorial for.
A nice idea. Currently my VM server is offline, bit the dust about a month after I created this tutorial. But once it is back up I might take a run at this.
This is a really awesome tutorial. Thank you so much for adding this. Can you use this, or similar methodology to join an existing Windows domain?
I have not tried on Ubuntu. I know Fedora has native joining capability, although I personally have never tried it. Not sure about other distros. I don't have a windows server readily available to test. If I ever manage to get one, I will definitely test this out.
@@considerednormal You can use windows server evaluation to test that
Hi nice work sir.. i try after failed before, but how to make replicate this AD ?
Upon searching multiple tutorial in creating ad this is the best and easiest, i hope you can make also tutorial on how to make a file server or activate the file server after creating the ad, i tried but there seems an error.
Thank you for the kind words and thank you for the idea. That might be my next video
any way to encrypt the DNS with this solution?
I'm stucked at the administrator login after adding the computer to the dns
AD Users groups working, but Group policy not working.
Please note that RSTAT only installs if system language is ENGLISH
No
If I follow this, would this also work in Fedora instead of Ubuntu? I already know to use dnf instead of apt EDIT : nvm, you are also showing Fedora at the end ;)
I have pfsense in my LAN acting as a DNS server. Do I still need to set my samba AD as the DNS for Windows LAN clients that will the domain?
Yes you should, because it keeps records of all the machines by name automatically they get added to the DNS when you join the domain.
make your ad domains recursive resolver your pfsense firewall
My DNS Address is configured correctly but I can ping the server domain.
Did you allow ICMP through your firewall?
I cannot get past the domain provisioning. It keeps telling me invalid DNS backend
You might wanna take a look at the following documentation to help fix it. wiki.samba.org/index.php/Changing_the_DNS_Back_End_of_a_Samba_AD_DC
@@considerednormal I got past that part now, however I ran into another issue. the DC and kerberos is not being found when host -t is run.
so I domain join and it worked but its not resolving names like windows based one was
Sadly with most proprietary paid software. The open source replacements are limited compared to the counterpart they replace. You need to compare your needs to what each offers and choose the right solution that suits your needs.
In windows 11, for the ping cmds I get:
Ping request could not find host dc1.cn.lan. Please check the name and try again.
Ping request could not find host cn.lan. Please check the name and try again.
Any suggestions?
Configure the DNS on your computer with the ip of the domain controller
Would you be able to configure a read only domain controller similarly?
Sadly I do not have an answer for this.
@@considerednormal I appreciate the quick response. This video blew my mind how straightforward it was! I would love to be able to setup small Linux boxes as rodc machines in remote offices. Guess I’ll have to wait for someone smarter than I to test it on Linux.
Is this an actual Microsoft ADDC or an ldap from another company?
sorry sir... when i unlink resolv.conf and touch resolv.conf .. apt update is failure
and when i disable systemd-resolv apt update is failure too
why ? please help me
What are the contents of your resolv.conf?
@@considerednormal I have the same issue and follow the tutorial as is . . the only different is I am on a 192.168.1.0/24 subnet
Great video. Can't accss the link, it asks for user/password.
Sorry about that, try again, it should be fixed.
can i use commands of ubuntu on mint?
If I am not mistaken Mint is an Ubuntu based flavour, so the commands should work out of the box.
If you are using the LMDE version, which is Debian based, the commands should still run as well, as Ubuntu is based on Debian.
Will windows 11 work ?
It should. I did not test it personally, but it should work much the same way in regards to joining the domain. But I cannot speak on the part of controlling the policies and such with windows tools as I did not investigate what tools are available for Win11
Yew bun too? Oo bun too? Nothing matters...
thanks for wasting 7 hours of my life with this.