Join Samba 3 to Your Active Directory Domain - Page 2

If you're dependent on Active Directory but want the power and economy of Samba, too, our guide to joining Samba 3 to an Active Directory domain will show you how to interoperate your way to central management and single-sign on.

 By Carla Schroder
Page 2 of 3   |  Back to Page 1
Print Article

Configure Samba

This example smb.conf shows a basic setup for a printer server and home shares. Shares are configured in the usual manner, only the global section changes when you join to an AD domain.

# Global parameters
workgroup = BIGSERVER
realm = DOMAIN.NET
preferred master = no
server string = Samba file and print server
security = ADS
encrypt passwords = yes
log level = 3
log file = /var/log/samba/%m
max log size = 50
winbind separator = +
printcap name = cups
printing = cups
idmap uid = 10000-20000
idmap gid = 10000-20000

comment = Home Directories
valid users = %S
read only = No
browseable = No

comment = All Printers
browseable = no
printable = yes
guest ok = yes

The workgroup is the name of your AD domain. Server string is a comment describing the server, make this anything you want. Log level runs from 0, for no logging, to 10, extreme logging. See man smbd.conf for the rest.

Save your changes and run

$ testparm

This checks smb.conf for syntax errors. Any errors must be corrected before going ahead. Then start up Samba:

# /etc/init.d/samba start

Finally, join your Samba machine to Active Directory:

# net ads join -U Administrator
Administrator's password:
Joined 'SAMBA1' to realm 'DOMAIN.NET.'

Hurrah! Success. The Samba box will now appear as a machine account under "Computers" in your AD console. Now stop Samba until the final steps are completed.

This article was originally published on Mar 3, 2005
Get the Latest Scoop with Networking Update Newsletter