NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Install samba4 on readynasos6 for ad domain controller
Hi After a unique "opportunity" (ie. multiple disk failure), I upgraded my Ultra 4 to ReadyNAS OS 6 and have built an AD domain controller on it. Instructions follow below to get the software insta...
A quick howto for getting your Samba domain working.
Networking
* You'll need to ensure your interface has a static address.
* After you've installed the domain you need to repoint your local DNS resolver at the samba instance.
* Your hosts file needs to be correct.
Just configure the IP address from the readynas web console as part of the initial config.
To update hosts file, open it in an editor eg. vi and add the hostname of the NAS after "localhost". In vi you can just do this: "1,$s/localhost/localhost <nasname>/"
Resolver config we'll leave till after Samba is ready.
Samba setup
Mostly you can use the instructions on the Samba wiki but there are a few extra steps you're likely to want to perform if you want to do other things eg. proxy/website auth, etc.
Make sure your old samba instance is stopped and remove the old config:
Now run the samba-tool domain provisioning:
You'll be asked for your realm; it's taking about the kerberos realm, so its like a domain name. If you own your own, then you can use that but otherwise use something ending with .local so you don't have resolution issues. It needs to be uppercase.
Leave "Domain", "Server role", "DNS backend" at defaults. Set DNS forwarder to whatever your external DNS resolver is.
Next you'll get asked to set the admin password. Record it.
Next update the host kerberos config:
Now we'll fix local dns resolution. Normally you could just update resolv.conf but since the readynas uses connman you'll need to configure that instead. Use connmanctl (as root), which gives you an interactive shell to configure it. The DNS domain you set here needs to be the same as the realm (but lowercase) (or if you went with a non-default option, then use that)
Now set up reverse dns resolution and a reverse entry for your nas. My network is 192.168/16 and nas at 192.168.1.25; i'll just use that in the example. If you have something else then use that instead.
At that point you should definitely have no issue joining machines, running services on your domain, etc.
Networking
* You'll need to ensure your interface has a static address.
* After you've installed the domain you need to repoint your local DNS resolver at the samba instance.
* Your hosts file needs to be correct.
Just configure the IP address from the readynas web console as part of the initial config.
To update hosts file, open it in an editor eg. vi and add the hostname of the NAS after "localhost". In vi you can just do this: "1,$s/localhost/localhost <nasname>/"
Resolver config we'll leave till after Samba is ready.
Samba setup
Mostly you can use the instructions on the Samba wiki but there are a few extra steps you're likely to want to perform if you want to do other things eg. proxy/website auth, etc.
Make sure your old samba instance is stopped and remove the old config:
/etc/init.d/samba stop
rm /etc/samba/smb.conf
Now run the samba-tool domain provisioning:
samba-tool domain provision --use-rfc2307 --function-level=2008_R2 --interactive
You'll be asked for your realm; it's taking about the kerberos realm, so its like a domain name. If you own your own, then you can use that but otherwise use something ending with .local so you don't have resolution issues. It needs to be uppercase.
Leave "Domain", "Server role", "DNS backend" at defaults. Set DNS forwarder to whatever your external DNS resolver is.
Next you'll get asked to set the admin password. Record it.
Realm: <YOUR-DOMAIN>.LOCAL
Domain [<YOUR-DOMAIN>]:
Server Role (dc, member, standalone) [dc]:
DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]:
DNS forwarder IP address (write 'none' to disable forwarding) [192.168.1.1]:
Administrator password:
Retype password:
Next update the host kerberos config:
rm /etc/krb5.conf
ln -s /var/lib/samba/private/krb5.conf /etc/krb5.conf
Now we'll fix local dns resolution. Normally you could just update resolv.conf but since the readynas uses connman you'll need to configure that instead. Use connmanctl (as root), which gives you an interactive shell to configure it. The DNS domain you set here needs to be the same as the realm (but lowercase) (or if you went with a non-default option, then use that)
# connmanctl
connmanctl> config —nameservers 127.0.0.1 —domains <your DNS domain name>
connmanctl> quit
#
Now set up reverse dns resolution and a reverse entry for your nas. My network is 192.168/16 and nas at 192.168.1.25; i'll just use that in the example. If you have something else then use that instead.
samba-tool dns zonecreate <yournasname> 168.192.in-addr.arpa
samba-tool dns add <yournasname> 168.192.in-addr.arpa 25.1 PTR yournas.yourdomain
At that point you should definitely have no issue joining machines, running services on your domain, etc.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
