CentOS 7 Deploy samba share with AD integration
Posted On April 3, 2019
We will use SAMBA and WINBIND to setup shares and to join Microsoft domain
Install all necessary packages using yum manager.
yum -y install samba-winbind samba-winbind-clients pam_krb5 krb5-workstation mdadm samba samba-client realmd
Join your windows domain. In our case the name of the domain is lab.local
realm join --user=administrator --client-software=winbind lab.local
Start winbind service and make sure it starts on boot
systemctl start winbind systemctl enable winbind
Make sure you can list AD domain users and groups
wbinfo -u wbinfo -g
Edit samba configuration file and add share information
edit smb.conf
# See smb.conf.example for a more detailed config file or
# read the smb.conf manpage.
# Run 'testparm' to verify the config is correct after
# you modified it.
[global]
workgroup = LAB
security = ads
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
kerberos method = system keytab
template homedir = /home/%U@%D
template shell = /bin/bash
realm = LAB.LOCAL
idmap config LAB : range = 2000000-2999999
idmap config LAB : backend = rid
idmap config * : range = 10000-999999
idmap config * : backend = tdb
winbind use default domain = no
winbind refresh tickets = yes
winbind offline logon = yes
winbind enum groups = no
winbind enum users = no
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @printadmin root
force group = @printadmin
create mask = 0664
directory mask = 0775
[data]
comment = Public Stuff
path = /data
read only = No
guest ok = Yes
browseable = yes
Create share folder
mkdir /data chmod 777 /data systemctl restart samba