CentOS – Samba Integration With DNS (PART 29)

LAB 29: SAMBA INTEGRATION WITH DNS

1/ On the server DC2012, type:

ifconfig /all

Observe or make sure that DNS is pointing to 10.0.0.10 which is the SAMBA Server.

Promote the server DC2012 to a Domain Controller. During the promotion process, Active Directory requires DNS Service and we can see the DNS check is OK while promoting. This is because the promotion process detects DNSSRV as a DNS Server on the network at this point.

On the DNSSRV type

cd /named
ll –t

You will see new *.jnl files created. Now restart DNS service:

service named restart
ll –t
vi _msdcs.dalaris.com to check new records

Check that the following files exist:

Check the filw _sites.dalaris.com by typing:
cat _sites.dalaris.com

Also check the file _tcp.dalaris.com
cat _tcp.dalaris.com
 
3/ Client join
Choose an XP machine to test. Use DNS as the Linux DNSSRV.
Change DNS value to 10.0.0.10
Join the XP client machine to the domain dalaris.com

On DNSSRV, type the commands:

cat dalaris.db zone.
ll

On the Domain Controller DC2012, launch Group Policy Editor.

Turn off password complexity; then update the GPO by typing this at the command prompt:

gpupdate /force

Create new OU
and Create new user under it
Log into Windows XP as the new user.

On the Linux Server, restart DNS Service

service named restart
ll
cat dalaris.db

You will see client1 A record in this file. Type:

ll –t

You will see the timestamp of the dalaris.db file.

 
4/ Join Linux to Microsoft Active Directory Domain.
On the Samba server,

cd .
rpm –qa | grep –I krb
(By default you should already have these packages installed).
vi /etc/krb5.conf
:set nu

 [libdefaults]
default_realm = DALARIS.LOCAL

 [realms]
DALARIS.LOCAL = {
kdc = DC2012.dalaris.local:88    #this is the server name
admin_server = DC2012.dalaris.local:749
default_domain = dalaris.local
}

 [domain_realm]
.DC2012.dalaris.local = DALARIS.LOCAL
DC2012.dalaris.local = DALARIS.LOCAL
:x

Now type kinit administrator
If there is an error – Resource unavailable, then try:

ifconfig 
vi /etc/resolve.conf
search = dalaris.com
nameserver = 10.0.0.10 (itself)

When it prompts for a password, enter Pass1234

vi /etc/krb5.conf
#dns_lookup_realm = false.
#dns_lookup_kdc = false

Check time on both DC2012 and linux making sure they are the same.

date –s "09/222/2014 10:00:00"
vi /etc/krb5.conf

On DC2012, access the Samba server to change from User to Domain.
service httpd restart
service smb restart

Browse

http://10.0.0.10:901

Click Advanced.
Change Realm = DALARIS.LOCAL
Security = ADS
WORKGROUP = DALARIS
Commit Changes.

Status / Restart Samba: service samba restart
Click View to look at the configuration file.

Join the domain by using the following command:

net ads join –U administrator
Password: Pass1234

If it fails, enter the following command:

kinit administrator
net ads join –U administrator