CentOS 7 Deploy samba share with AD integration

We will use SAMBA and WINBIND to setup shares and to join Microsoft domain

Install all necessary packages using yum manager.

yum -y install samba-winbind
samba-winbind-clients pam_krb5 krb5-workstation mdadm samba
samba-client realmd

Join your windows domain. In our case the name of the domain is lab.local

realm join --user=administrator --client-software=winbind lab.local

Start winbind service and make sure it starts on boot

systemctl start winbind
systemctl enable winbind

Make sure you can list AD domain users and groups

wbinfo -u
wbinfo -g

Edit samba configuration file and add share information

edit smb.conf  

# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.

[global]
	workgroup = LAB
	security = ads
	passdb backend = tdbsam
        printing = cups
        printcap name = cups
        load printers = yes
        cups options = raw
	kerberos method = system keytab
	template homedir = /home/%U@%D
	template shell = /bin/bash
	realm = LAB.LOCAL
	idmap config LAB : range = 2000000-2999999
	idmap config LAB : backend = rid
	idmap config * : range = 10000-999999
	idmap config * : backend = tdb
	winbind use default domain = no
	winbind refresh tickets = yes
	winbind offline logon = yes
	winbind enum groups = no
	winbind enum users = no
[homes]
        comment = Home Directories
        valid users = %S, %D%w%S
        browseable = No
        read only = No
        inherit acls = Yes
[printers]
        comment = All Printers
        path = /var/tmp
        printable = Yes
        create mask = 0600
        browseable = No
[print$]
        comment = Printer Drivers
        path = /var/lib/samba/drivers
        write list = @printadmin root
        force group = @printadmin
        create mask = 0664
        directory mask = 0775
[data]
        comment = Public Stuff
        path = /data
        read only = No
        guest ok = Yes
        browseable = yes

Create share folder

mkdir /data 
chmod 777 /data 
systemctl restart samba