Skip to content

Instantly share code, notes, and snippets.

@cmbaughman

cmbaughman/win_network_linux.md

Created November 8, 2023 14:17
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cmbaughman/6ac609d731c34289f2a605399f3e5cb9 to your computer and use it in GitHub Desktop.
Save cmbaughman/6ac609d731c34289f2a605399f3e5cb9 to your computer and use it in GitHub Desktop.
Download ZIP
Notes on Ubuntu as a replacement for Windows AD DC server
Raw
win_network_linux.md

Ubuntu as a replacement for Windows Network server

Set up an Ubuntu Server as a standalone Windows network server. In this scenario, we'll assume that you want to replace an existing Windows domain server with the Ubuntu server. Here are the steps:

  1. Install Ubuntu Server:

    • Start by downloading the Ubuntu Server ISO image from the official Ubuntu website.
    • Create a bootable USB drive or mount the ISO on your server.
    • Follow the installation prompts to install Ubuntu Server. During installation, choose the appropriate options for language, keyboard layout, and network configuration.

  2. Configure Network Settings:

    • After installation, ensure that your Ubuntu server has a static IP address within your existing network range. You can set this up during installation or later using the /etc/netplan configuration files.
    • Make sure the hostname of your Ubuntu server is unique and doesn't conflict with other machines on the network.

  3. Install Samba:

    • Samba is a software suite that allows Linux servers to share files and printers with Windows clients. Install Samba on your Ubuntu server: 
      sudo apt update
sudo apt install samba
    • During installation, you'll be prompted to set up a workgroup name. Choose a workgroup name that matches your existing Windows network (usually "WORKGROUP").

  4. Configure Samba Shares:

    • Edit the Samba configuration file (/etc/samba/smb.conf) using a text editor (e.g., nano or vim): 
      sudo nano /etc/samba/smb.conf
    • Define your shared folders by adding sections like this: 
      [SharedFolder]
path = /path/to/shared/folder
read only = no
guest ok = yes
    • Replace /path/to/shared/folder with the actual path to the folder you want to share.
    • Save the file and exit.

  5. Create Samba Users:

    • Create Samba users who will have access to the shared folders: 
      sudo smbpasswd -a username
    • Replace username with the desired username.

  6. Restart Samba:

    • Restart the Samba service to apply the changes: 
      sudo systemctl restart smbd

  7. Test Access from Windows:

    • On a Windows machine, open File Explorer and enter the Ubuntu server's IP address or hostname in the address bar (e.g., \\192.168.1.10 or \\ubuntuserver).
    • You should see the shared folders. Access them using the Samba username and password you created earlier.

  8. Decommission the Existing Domain Server:

    • Once you've verified that the Ubuntu server is working as expected, you can decommission the existing Windows domain server.
    • Update DNS settings on client machines to point to the new Ubuntu server for domain resolution.

Use Samba as an AD Domain Controller

How to set up your Ubuntu Server to take over Active Directory (AD) and name services. We'll cover two approaches: using Samba as an AD domain controller and integrating with AD using SSSD.

Option 1: Using Samba as an AD Domain Controller

  1. Install Samba:

    • Install Samba on your Ubuntu server: 
      sudo apt update
sudo apt install samba

  2. Configure Samba:

    • Edit the Samba configuration file (/etc/samba/smb.conf) to define shared folders and other settings.
    • Create Samba users who will have access to shared resources.

  3. Promote Samba to an AD Domain Controller:

    • Run the following command to configure Samba as an AD controller: 
      sudo samba-tool domain provision --use-rfc2307 --interactive
    • Accept the default REALM and Domain settings.

  4. Test Access from Windows:

    • On a Windows machine, access shared folders using the Samba username and password.

Option 2: Integrating with AD using SSSD

  1. Install SSSD:

    • Install the System Security Services Daemon (SSSD) on your Ubuntu server: 
      sudo apt install sssd

  2. Configure SSSD:

    • Edit the SSSD configuration file (/etc/sssd/sssd.conf) to specify AD settings.
    • Set up Kerberos authentication and LDAP for user and group information.

  3. Join the AD Domain:

    • Use the realm command to join the AD domain: 
      sudo realm join AD_DOMAIN
    • Replace AD_DOMAIN with your actual AD domain name.

  4. Test Authentication:

    • Verify that users can authenticate against AD using SSSD: 
      sudo su - AD_USER
    • Replace AD_USER with an actual AD username.

Remember to adjust firewall rules, DNS settings, and permissions as needed. Choose the approach that best fits your requirements and environment. 🍌

For more detailed instructions, refer to the official documentation:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment