Version 1 (modified by 11 years ago) ( diff ) | ,
---|
This page is meant to give a platform to develop and to collect infos and hints for the way to setup an AD-DC using Samba 4.
Prerequisites
OpenLDAP
The build instructions in the book are pretty fine.
NTP
The switch --enable-ntp-signd
must be added
BIND (DNS)
The Samba4 comes with an internal DNS server, too. Its up to us which way to go, using Bind or the internal DNS. AFAIK, when using Bind, the instructions in the book should be ok. For the later Samba4 build add
options_dns="--dns-backend=SAMBA_INTERNAL --with-dnsupdate"
Kerberos
As for now, it's the best way to have no Kerberos installation around. Samba4 comes with an own Heimdal-based Kerberos implementation. Even Samba4 compiles fine against MIT-Krb5, the AD controller functionality gets disabled. This is not what we want to have.
Miscellaneous
For testing, I add following options
options_misc="--with-ads --with-ldap --with-swat --with-winbind --enable-gnutls"
Building Samba4
CPPFLAGS="-I/usr/include/tirpc" CFLAGS="-I/usr/include/tirpc" \ LINKFLAGS="-ltirpc" \ ./configure --prefix=/usr \ --sysconfdir=/etc \ --localstatedir=/var \ --with-piddir=/run \ --enable-fhs \ --enable-nss-wrapper \ --enable-socket-wrapper \ --disable-rpath-install \ $options_dns $options_misc && make && make install
Setting up the domain
./setup-domain ...