Setup of Samba4 4.10 on Ubuntu Server 12.04 LTS and 13.10

Ubuntu Logo

ubuntu-logo14

An Active Directory Domain Controller is a vital tool for business network administrators. It allows the centralized management of all the computers in a business network, whether it’s local, nation or worldwide. You can add a user to the network with all there information, set their limits to features on a computer and they will be able to login to any computer on the business network.

Active Directory Domain Controllers used to be a costly feature exculsive to Microsoft Windows Servers, but with the recent open source release of Samba 4.0 stable all of these features are now avaliable for free. This will allow small businesses and home users to utilize this Active Directory Domain Controllers on a limited budget. Today we will walk you through the steps to setup your own Samba4 Active Directory Domain Controller on Ubuntu

Tips Before we Begin

  • Before setting up your Samba4 domain controller you will want to remove any older versions of Samba 3.x to prevent interference with Samba4, unless you plan on migrating an old NT style Samba3 domain controller to Samba4. ***If this is the case, this tutorial is not for you***
  • If you are starting with a fresh install make sure to enable xattr on any partition that Samba will be running on or accessing. This will be addressed later if you have a currently running install.
  • Resolv.conf is often a source if issues as it typically gets overwritten automatically. If you run into issues down the road make sure that this file hasn’t changed.
  • If you are new to Linux tutorials commands that are typed into the command prompt “aka Bash” will appear in a grey box and will start with “$ “. You can omit the “$” sign and just type that command. See the example below:

$ echo “This is an example of a command to type at the Bash prompt”

  • If the grey box doesn’t contain the “$ ” then apply the contents as described in that step of the process.

Installing Dependancies

1) Install Samba4 dependencies and utilities required for this tutorial with the following command.

$ sudo apt-get install build-essential libacl1-dev libattr1-dev libblkid-dev libgnutls-dev libreadline-dev python-dev python-dnspython gdb pkg-config libpopt-dev libldap2-dev dnsutils libbsd-dev attr krb5-user docbook-xsl libcups2-dev acl

2) The krb5-user package will ask for the following questions, highlighted in bold text. We have included the proper responses in the example below.

Default Realm: test.lan
Default Realm: 127.0.0.1
Administrative Server: 127.0.0.1

FSTAB File Setup

Now that all dependencies for Samba4 are installed we will now configure the /etc/fstab file.
Warning: If you are not farmiliar with the contents of this file read your distrobutions manual. Edit at your own risk!!!

1) Open the /etc/fstab file in your preferred text editor. For this example we will use nano.

$ nano /etc/fstab

2) Within the fstab file you will find your hard drive partition configuration. Add the following parameters if they aren’t present, and you are using ext3/ext4: user_xattr, acl and barrier=1.  If you are using another file system like btrfs then you don’t need to make any changes to your fstab file. View the example below.

UUID=db6f8346-60ca-47b4-8ab2-046337abd834 / ext4 user_xattr,acl,barrier=1,errors=remount-ro 0 1

NOTE: If you are using the btrfs file system no changes need to be made to your fstab file.

3) You must apply these setting to all partitions that Samba4 will access and remount your partition with the following command.

$ mount -a

Download Samba4

We will download the latest version of Samba4 via a program called git. The following command will download the latest stable version.

$ git clone git://git.samba.org/samba.git samba-master

Compile and Install Samba4

Compile and install Samba4 with the following commands.

$ cd samba-master
$ sudo ./configure
$ sudo make
$ sudo make install

Provision Samba4

1) Provisioning the Samba4 Domain Controller creates the configuration files and the Active Directory database. Use the following command to start the process.

$ sudo /usr/local/samba/bin/samba-tool domain provision –use-rfc2307 –interactive

2) The provision command will ask you for some information about your network. Use the following example as a guideline, but modify the info as needed for your network.

Realm [test.local]: TEST.LAN
Domain [S4]: TEST
Server Role (dc, member, standalone) [dc]: dc
DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]: SAMBA_INTERNAL
DNS forwarder IP address (write ‘none’ to disable forwarding) [192.168.2.1]: 8.8.8.8
Administrator password: Ex@mpleP@$$word
Retype password: Ex@mpleP@$$word

You should see output similar to the following example:

Looking up IPv4 addresses
Looking up IPv6 addresses
No IPv6 address will be assigned
Setting up share.ldb
Setting up secrets.ldb
Setting up the registry
Setting up the privileges database
Setting up idmap db
Setting up SAM db
Setting up sam.ldb partitions and settings
Setting up sam.ldb rootDSE
Pre-loading the Samba 4 and AD schema
Adding DomainDN: DC=test,DC=local
Adding configuration container
Setting up sam.ldb schema
Setting up sam.ldb configuration data
Setting up display specifiers
Modifying display specifiers
Adding users container
Modifying users container
Adding computers container
Modifying computers container
Setting up sam.ldb data
Setting up well known security principals
Setting up sam.ldb users and groups
Setting up self join
Adding DNS accounts
Creating CN=MicrosoftDNS,CN=System,DC=test,DC=local
Creating DomainDnsZones and ForestDnsZones partitions
Populating DomainDnsZones and ForestDnsZones partitions
Setting up sam.ldb rootDSE marking as synchronized
Fixing provision GUIDs
A Kerberos configuration suitable for Samba 4 has been generated at /usr/local/samba/private/krb5.conf
Once the above files are installed, your Samba4 server will be ready to use
Server Role: active directory domain controller
Hostname: LinuxServer
NetBIOS Domain: TEST
DNS Domain: TEST.LAN
DOMAIN SID: S-1-5-21-1811932520-1978264231-2890610938

Modify resolv.conf and hosts File

1) Edit your resolv.conf file in nano

$ nano /etc/resolv.conf

2) The following info should be sufficient as long as this system is running only Samba4.

domain test.local
nameserver 192.168.1.2

3) Ubuntu by default will overwrite the /etc/resolv.conf file with updated DHCP and other network services. To prevent this we make the resolv.conf file read only.

$ chattr +i /etc/resolv.conf

Note: This is not the most elegant solution, especially if you are running other services. Other solutions to this issue are out of the scope of this tutorial.

Mangage Kerberos

1) Samba4 has created a krb5.conf for you to use as a replacement for the existing configuration file. Use the following commands to backup the old file and copy the new configuration file.

$ mv /etc/krb5.conf /etc/krb5.conf.bak
$ cp /usr/local/samba/private/krb5.conf /etc/krb5.conf

2) Now you must edit the new krb5.conf file to include your domain realm info.

$ nano /etc/krb5.conf

3) Modify the “default_realm = SAMDOM.EXAMPLE.COM” line to contain your domain info. In our tutorial it is “TEST.LAN”

NOTE: The domain realm MUST be typed in uppercase!

Start Samba

You should now have a functioning Samba4 Domain Controller. Start Your Domain Controller by using the following command. You should now be able to connect your Windows and other device to your Active Directory Domain Controller.

$ sudo ./usr/local/samba/sbin/samba

Add Samba Directories to PATH Variable (optional):

1) Edit your enviromental variables with nano.

$ sudo nano ~/.bashrc

2) Add the following to your .bashrc config file

PATH=$PATH:/usr/local/samba/sbin

PATH=$PATH:/usr/local/samba/bin

Post Setup Tips:

  • Any devices that you will connect to your domain should have the primary DNS of your Samba4 server. (ie:192.168.1.2)
  • If your windows machine doesn’t seem to be connecting to the Samba4 DNS server, try the following command at the Windows command prompt.

ipconfig /flushdns

Ubuntu for phones announced, adding one more mobile OS to the mix

Ubuntu Phone

Ubuntu Phone

Canonical, the company behind the Ubuntu linux Distro, has announced Ubuntu for phones.  Ubuntu for phones seems to use the same Linux kernel that powers the desktop version of ubuntu, but with a touch based UI optimized for mobile phones and tablets.

The major benefit of Ubuntu for Phones is that you will be able to run the same apps on both the Desktop and Phone versions of Ubuntu.  App developers don’t even need to compile a separate version from each platform.  This interoperability between each version of Ubuntu will surely continue to Ubuntu for TV’s and Automobiles.

Not only will this phone run the same apps as the Ubuntu Desktop distro, but it can function as a desktop as well.  Canonical has stated that they would like Ubuntu phones to dock to standard a keyboard, mouse and monitor a la the Motorola Atrix.  Docking the phone will allow users to use the phone as a thin client or to run the standard Ubuntu Unity desktop UI, essentially giving users a full featured PC in their pocket.

Canonical has stated that Ubuntu phones will not available until 2014, but in the mean time any phone that runs Android will do.  Ubuntu for Phones uses the same drivers as the Android platform allowing users to easily run Ubuntu on their current phones.  Not only will Ubuntu run on Android phones, but its only a matter of time until you can run Android apps as well.

One major advantage that Ubuntu for phones seems to have is that native apps will not rely on Java for its apps like Android does, instead apps will run on native code.  Because Java has so much overhead this should mean better performance out of the same hardware that a Android uses. 

In a crowded mobile OS world it’s hard to be optimistic about a new mobile OS, but Ubuntu seems to have a well formulated game plan to take on Android, iOS, Windows Phone and BlackBerry devices.  Ubuntu for Phones looks to be gunning for the coveted #3 spot in the mobile OS world, and may be an a position to become #1 in the future. It looks like 2013 is shaping up to be and intresting year for mobile phone users.

Feature Highlights

  • Uses the same device drivers as Android
  • Can run on any device that runs Android
  • The phone becomes a full PC and thin client when docked
  • Docked phones can feature standard desktop Unity UI
  • Flow naturally from app to app with edge magic
  • Native or HTML5 based apps
  • Apps will work on both Ubuntu Desktop and for Phone without recompiling

Source: http://www.ubuntu.com/devices/phone


Hello Linux Mint 14

Screenshot from 2012-11-28 22:12:40

Everyone’s favorite Ubuntu variation Linux Mint has reached version 14.  Currently Linux Mint comes in two GUI variations MATE, that is based off GNOME 2, and Cinnamon, which is based off GNOME 3 project.  The KDE GUI will inevitably follow in the near future.  Update:  KDE and xfce have been given an RC release.

Overall Linux Mint 14 seems to be as stable as ever with some useful GUI tweaks.  I have been using Linux Mint 14 with the Cinnamon GUI for several hours to complete some work while watching Hulu on my second monitor.  The HD Hulu stream ran with any hiccups while writing this blog entry, browsing the web and work on other websites.  Considering that I am running Linux Mint 14 on a USB pen drive it has been quite stable and snappy.

Linux Mint has always been my preferred Desktop Linux distro, and Linux Mint 14 continues the trend of stability and ease of use on the first boot.  I threw MKV, MP3, WMV and several other media formats at Linux Mint as usual Linux Mint didn’t hesitate to play the files.  For those of you that want to use Linux on your desktop machine, but don’t want to get use to Ubuntus’ Unity GUI give Linux Mint a try.

New features:

  • MATE 1.4 (Fork of GNOME 2)
  • Cinnamon 1.6 (Fork of GNOME 3)
  • MDM
  • Software Manager Updates
  • System Improvements
  • Artwork Improvements
  • Upstream Components

For a complete overview and to see screenshots of the new features, visit: “What’s new in Linux Mint 14“.

This Article was written while running Linux Mint 14.