While I now use Fedora as my main desktop and Rocky Linux as my server OS, there are some things which aren’t in the EPEL. That combined with me not having really used Debian since high school means I usually set up Samba domain controllers on FreeBSD.
To set one up, you need a static IPv4 address, and a static IPv6 address if your network is dual-stack.
When you’re ready, if your DC uses UFS (versus ZFS), you’ll first need to edit /etc/fstab:
/dev/vtbd0s1a / ufs rw,acls 1 1Note, you need the ,acls in order to run a Samba DC, as Samba requires this.
If you haven’t rebooted, run this:
mount -aNow, install Samba:
pkg install samba422Note: newer versions of Samba may have come out. At the time of posting it’s samba422.
Next, create the domain:
samba-tool domain provision --use-rfc2307 --realm=SC.LAN --domain=SC --server-role=dc --dns-backend=SAMBA_INTERNAL --adminpass=PASSWORDReplace SC.LAN with the DC’s realm, and SC with the domain’s NetBIOS name.
Then, enable samba_server and winbindd:
sysrc samba_server_enable=YES
sysrc winbindd_enable=YESNow, enable Samba:
service samba_server startKeep in mind you’ll need your DNS server set to the AD DC’s static IP, or forward DNS zones. I use a MikroTIk core router, and forward DNS there.
If your DNS server or forwarding is set, check if you can resolve it:
# host sc.lan
sc.lan has address 172.20.0.6
sc.lan has IPv6 address 2602:XXX:2::6
#Now, you can add users and groups.
Leave a Reply