Active Directory on Linux
In this video, I show you how to join and create a Windows Active Directory domain on Linux systems. Chapters: 0:00 Introduction 1:43 Creating a new AD forest on a Windows server 6:02 Joining a domain on a Windows PC 9:08 Joining a Windows domain on a Linux (Ubuntu) PC 14:04 Creating a new Windows domain on a Linux (Ubuntu) server 25:41 Some additional samba-tool configuration 34:07 Conclusion Commands to Join a Windows Domain on Linux (Ubuntu): sudo apt install realmd samba sudo hostnamectl ubuntu-pc.drewhowdentech.com sudo realm join --membership-software=samba --client-software=winbind drewhowdentech.com sudo pam-auth-update --enable mkhomedir Commands to Create a Windows Domain on Linux (Ubuntu): sudo apt install samba-ad-dc krb5-user bind9-dnsutils sudo systemctl disable --now smbd nmbd winbind sudo systemctl mask smbd nmbd winbind sudo systemctl unmask samba-ad-dc sudo systemctl enable samba-ad-dc sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.orig sudo samba-tool domain provision --domain drewhowdentech --realm=drewhowdentech.com --server-role=dc --use-rfc2307 --dns-backend=SAMBA_INTERNAL sudo samba-tool user setpassword administrator sudo nano /etc/samba/smb.conf dns forwarder = 1.1.1.1 sudo unlink /etc/resolv.conf sudo nano /etc/resolv.conf nameserver 127.0.0.1 search drewhowdentech.com sudo systemctl disable --now systemd-resolved sudo cp -f /var/lib/samba/private/krb5.conf /etc/krb5.conf sudo systemctl start samba-ad-dc Other samba-tool Commands Used in this Video: Create new domain user: sudo samba-tool user add [USERNAME] (example: sudo samba-tool user add drew) Get group memberships for a domain user: sudo samba-tool user getgroups [USERNAME] (example: sudo samba-tool user getgroups administrator) Add a domain user to a group: sudo samba-tool group addmembers [GROUP NAME] [USERNAME] (example: sudo samba-tool group addmembers 'Administrators' drew) Disable a domain user account: sudo samba-tool user disable [USERNAME] (example: sudo samba-tool user disable administrator) Show current domain password policies: sudo samba-tool domain passwordsettings show Change domain password policies: sudo samba-tool domain passwordsettings set [NEW PASSWORD POLICIES] (example: sudo samba-tool domain passwordsettings set --min-pwd-length=12 --min-pwd-age=0 --max-pwd-age=0 --account-lockout-threshold=10 --account-lockout-duration=60) Unlock a locked domain user account: sudo samba-tool user unlock [USERNAME] (example: sudo samba-tool user unlock drew) Join this channel to get access to perks: https://www.youtube.com/drewhowdentech/join
Download
1 formatsVideo Formats
Right-click 'Download' and select 'Save Link As' if the file opens in a new tab.