Cloud & Networking
Reader small image

You're reading from  Linux Networking Cookbook

Product typeBook
Published inJun 2016
Publisher
ISBN-139781785287916
Edition1st Edition
Tools
Ubuntu Server
Concepts
Networking
Right arrow
Authors (2):
Agnello Dsouza
Agnello Dsouza
author image
Agnello Dsouza


Read more about Agnello Dsouza

Gregory Boyce
Gregory Boyce
author image
Gregory Boyce

Gregory Boyce is a technologist with nearly 20 years' experience using and managing Linux systems. When he's not at work or spending time with his wife and two daughters, he plays around with new technologies. Gregory has spent the last 15 years working at Akamai Technologies, where he has worked in roles ranging from Network Operations, Internal IT, Information Security, Software Testing, and Professional Services. Currently, he heads up the Linux OS team that manages Akamai's custom Linux operating system, which runs on their massively distributed customer-facing network.
Read more about Gregory Boyce

View More author details
Right arrow

Chapter 6. Directory Services

In this chapter, we will cover:

  • Configuring Samba as an Active Directory compatible directory service

  • Joining a Linux box to the domain

Introduction

If you have worked in corporate environments, then you are probably familiar with a directory service such as Active Directory. What you may not realize is that Samba, originally created to be an open source implementation of Windows file sharing (SMB/CIFS), can now operate as an Active Directory compatible directory service. It can even act as a Backup Domain Controller (BDC) in an Active Directory domain. In this chapter, we will configure Samba to centralize authentication for your network services. We will also configure a Linux client to leverage it for authentication and set up a RADIUS server, which uses the directory server for authentication.

Configuring Samba as an Active Directory compatible directory service

As of Samba 4.0, Samba has the ability to act as a primary domain controller (PDC) in a manner that is compatible with Active Directory.

How to do it…

Installing on Ubuntu 14.04:

  1. Configure your system with a static IP address and update /etc/hosts to point to that IP address rather than localhost.

  2. Make sure that your time is kept up to date by installing an NTP client:

    sudo apt-get install ntp

  3. Pre-emptively disable smbd/nmbd from running automatically:

    sudo bash -c 'echo "manual" > /etc/init/nmbd.override'
sudo bash –c 'echo "manual" > /etc/init/smbd.override'

  4. Install Samba and smbclient:

    sudo apt-get install samba smbclient

  5. Remove stock smb.conf:

    sudo rm /etc/samba/smb.conf

  6. Provision the domain:

    sudo samba-tool domain provision --realm ad.example.org --domain example --use-rfc2307 --option="interfaces=lo eth1" --option="bind interfaces only=yes" --dns-backend BIND9_DLZ

  7. Save the randomly generated admin password.

  8. Symlink...

Joining a Linux box to the domain

In order to participate in an AD style domain, you must have the machine joined to the domain using Administrator credentials. This will create the machine's account within the database, and provide credentials to the system for querying the ldap server.

How to do it…

  1. Install Samba, heimdal-clients, and winbind:

    sudo apt-get install winbind

  2. Populate /etc/samba/smb.conf:

    [global]
    workgroup = EXAMPLE
    realm = ad.example.org
    security = ads
    idmap uid = 10000-20000
    idmap gid = 10000-20000
    winbind enum users = yes
    winbind enum groups = yes
    template homedir = /home/%U
    template shell = /bin/bash
    winbind use default domain = yes

  3. Join the system to the domain:

    sudo net ads join -U Administrator

  4. Configure the system to use winbind for account information in /etc/nsswitch.conf:

    passwd:         compat winbind
group:          compat winbind

How it works…

Joining a Linux box to an AD domain, you need to utilize winbind that provides a PAM...

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 12 of 19
Next Chapter
You have been reading a chapter from
Linux Networking Cookbook
Published in: Jun 2016Publisher: ISBN-13: 9781785287916
© 2016 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at €14.99/month. Cancel anytime

Authors (2)

author image
Agnello Dsouza


Read more about Agnello Dsouza

author image
Gregory Boyce

Gregory Boyce is a technologist with nearly 20 years' experience using and managing Linux systems. When he's not at work or spending time with his wife and two daughters, he plays around with new technologies. Gregory has spent the last 15 years working at Akamai Technologies, where he has worked in roles ranging from Network Operations, Internal IT, Information Security, Software Testing, and Professional Services. Currently, he heads up the Linux OS team that manages Akamai's custom Linux operating system, which runs on their massively distributed customer-facing network.
Read more about Gregory Boyce

Personalised recommendations for you

Based on your interests and search pattern

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions Exam Ref AZ-700 is an all-encompassing guide to the AZ-700 exam and contains all the information you need to succeed in the world of virtual networking with Azure. With this book, you will be fully prepared for the exam and the world of cloud networking.

BookAug 2023524 pages
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

The Microsoft 365 Security, Compliance, and Identity Administration is a comprehensive guide that helps you employ Microsoft 365's robust suite of features and empowers you to optimize your administrative tasks.

BookAug 2023630 pages
Zero Trust Overview and Playbook Introduction

Zero Trust Overview and Playbook Introduction

Get started on Zero Trust with this step-by-step playbook and learn everything you need to know for a successful Zero Trust journey with tailored guidance for every role, covering strategy, operations, architecture, implementation, and measuring success. This book will become an indispensable reference for everyone in your organization.

BookOct 2023240 pages
The Self-Taught Cloud Computing Engineer

The Self-Taught Cloud Computing Engineer

This self-study book helps you master multiple clouds, including AWS, Azure, and GCP, and serves as a roadmap to becoming a certified cloud computing expert. The book will guide you to develop a professional cloud career by helping you build a broad cloud knowledge base, developing hands-on cloud computing skills, and getting cloud certified.

BookSep 2023472 pages
Technology Operating Models for Cloud and Edge

Technology Operating Models for Cloud and Edge

This book will help you build and create ownership of a technology operating model, as well as connect your leadership with engineering and operations, keeping your internal and external customers in mind. It provides practical tips on why, where, and how to make the cloud and edge platform paradigm sing for you, your team, and your organization.

BookAug 2023228 pages
Azure Architecture Explained

Azure Architecture Explained

Azure is the preferred platform to build mission-critical and secure apps. This book provides comprehensive coverage of essential Azure products, services, and solutions vital for every solution architect's success. Elevate your knowledge and master the critical components of Azure to excel in your role with Azure Architecture Explained.

BookSep 2023446 pages
Pentesting Active Directory and Windows-based Infrastructure

Pentesting Active Directory and Windows-based Infrastructure

This practical guide helps you explore the pentesting of Microsoft infrastructure in detail, and enhances your offensive skillset by showing you the different ways to perform security assessment. This book will help blue teamers and IT engineers get up to speed with possible security issues they may encounter in their Windows environments.

BookNov 2023360 pages
Practical Ansible

Practical Ansible

In Practical Ansible, you'll work with the latest release of Ansible and learn to solve complex issues quickly with the help of task-oriented scenarios. You'll start by installing and configuring Ansible to automate monotonous and repetitive IT tasks and get to grips with concepts such as playbooks, inventories, plugins, collections, and network modules.

BookSep 2023420 pages
Windows 11 for Enterprise Administrators

Windows 11 for Enterprise Administrators

Microsoft’s launch of Windows 11 is a step toward satisfying the enterprise administrator’s needs for better management and enhanced user experience customization. This book provides the enterprise administrator with the knowledge needed to fully utilize the advanced feature set of Windows 11 Enterprise.

BookOct 2023286 pages
The Linux DevOps Handbook

The Linux DevOps Handbook

This book is for software and IT professionals seeking knowledge on Linux systems and DevOps practices. This book will provide you with guidance and tools to learn and gain proficiency in managing Linux-based infrastructures and knowledge of DevOps.

BookNov 2023428 pages2