I'm not able to join Windows 10 to Samba Active Directory. Please help to this issue. Samba Active Directory to Windows 10 client system are both communication. But not able to join.
What is the version of Samba have you installed and on which distribution ? Is it necessary the server distribution that have to be used for the configuration ?
Good video, thanks. I too was trying to work through their guide, except on 18.04 LTS. Comparing to you helped me figure what was normal, and where my problem was at. I hadn't correctly disabled resolvconf, so resolv.conf changed after reboot. One thing to share with you, is when I got stuck with the krb5.conf file, I used 'updatedb' followed by 'locate krb5.conf' to quickly figure out where it was hiding.
Not to be critical, really, but maybe the Linux command 'find' may have helped locate the brb5.conf file. Besides that however, I really learned a LOT from this video and I look forward to watching many more that you upload (I subscribed).
@@RocketCityTech Believe me I know how it goes when the camera is running. I forgot how 'pwd' worked the first time I did something in a Unix-variant in one of my videos. BTW, I am seeing you video right now for the 3rd time - great work - Thanks for making it.
Thankyou for the tutorial. But i face the problem. When execute samba-tool domain provision --interactive The command line is running normal except "Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs. Help me please, thanks bro.
Tried this today on Ubuntu Server 18.04 (the installation instructions are now updated) and it worked a charm. Had a few small issues but nothing I couldn't work around using Google (18.04 server uses a different default network manager). Will test if my main rig can join my domain tomorrow. Thanks.
I name my servers after random shit to keep things obscure to outside eyes. My "organization" is a communal hose with three roommates and I'm the only admin there will ever be. The roommates know how to access Jellyfin and the NAS, but if someone I don't know gets on the network for whatever reason and decide they want to mess with my stuff, they won't know what they're looking at based on hostnames.
Thanks so much for this video. I've been using Samba4 for a number of years in our small domain, and these tips help. I can confirm that the basic functions of samba AD work fine, and I've been able to install samba ad on ubuntu 18.04 successfully as well, which have a few differences from ubuntu 16.04, and should carry forward to 20.04.
@@RocketCityTech Yes, I manage a couple dozen win10 clients. You get all the important security and deployment parts of AD for smaller workgroups. We deploy software, files, printers and security from any admin logon. Great learning tool for AD, we've had a couple of interns manage it, helped them in their careers.
@@zincfive Indeed, if someone can deploy AD this way and be successful in managing it, they are probably exercising parts of their brains they never knew they had.
Hey, is there a tutorial on making a samba file server and joining it to an AD to make roaming user profiles. Thats a high requested Feature in our enviroment. Thx
Make sure you have also used curso.tec in other steps where I have used ad.testcompany.com Instead of ad.testcompany.com you will just use curso.tec without the ad. Good luck, thanks for watching!
This Video worked, but only until you restart your Server. After that, kerberos and ldap were not reachable. Whats the Problem an do you have a Solution for that Problem?
Sorry for delayed response. Hmm, interesting, not sure what is going on there but it could just be that you need a startup script to run on boot to get the services running. If I remember correctly, Samba has bootup scripts on their website for different Linux distros, you may want to check there. Thanks for watching.
Hi, I'm looking to set a DC up on a Raspberry Pi 4, running Ubuntu Server 20.10 or using Raspberry Pi OS (Debian). Would that version of Ubuntu work or no?
@@RocketCityTech Yes! I use it as my main (and only) DC in my home network. It’s great! I can use it like a standard windows server - it’s my file server, print server, of course AD, and also I was looking to host Plex on it. I did have to use the desktop version of Ubuntu on the raspi because i couldn’t figure out how to get the Static IP to work and also i had loads of DNS issues. No issues now tho - haven’t really had to do much as it just works. I usually reboot the server like once a month! Got a 1tb hard drive and a 2tb hard drive connected and use it as my personal cloud too - remote access to the files. Thanks so much for this tutorial - i would be completely lost without it.
Great video, enabled me to progress past various points where I had got stuck. Have you made any other videos to explain how to add/maintian users to complete this subject?
I have a question, i want both internet connection and connection between my Ubuntu server and Windows 10 workstation. How can i set up two network adapters in virtual box and Ubuntu so i can achieve this?
Sir, I have a question. First of all, I enjoy your videos. Thank you for posting. I would like to build a Linux network, consisting of Domain Controller, Email Server, Web Server, Backup Server, and OS deployment server (similar to WDS/WADK), SOLELY for the purposes of reverse engineering malware and penetration testing, as I’m preparing to take an exam. With a Windows-based DC, I would have to build two DCs for a setup like this. Is that required for a Linux-based setup? Also, what are some considerations that I should have for DMZ setup, as well as remote access? Any help shall be appreciated.
I've been running this type of setup for 2+ yrs and haven't had any major issues. Debian Jessie for the ADC, setup on Stretch or Ubuntu 18.04 requires different changes regarding DNS for Forward lookup and root hints. Windows 10 and the lastest build varients will not respond to GPO's made for mapped drives, however I'm running Samba 4.2.14, where as Samba 4.9 is now available so I'm curious to see if many adaptations have been added to suit changes on the Windows landscape.
I believe the drives aren't mapping possibly because of dropped support for SMB 1 in Windows 10 and you can either upgrade the server or enable SMB 1 support in Win 10. Just a thought.
@@RocketCityTech Hi, yes I'm familiar with that change, however I should have been more specific. If manually mapped, theirs no issues, and I've confirmed the SMB version is above 2.1 between Server and Windows client. The issue is automatically mapping drives via GPO.... When tested against a Win7/Server 08, or Win8/8.2/Server 12 machine, everything works fine..... Initially it worked with Win 10 in earlier builds too till something changed after the Win10 Creators update as I recall
Along the lines of what you mentioned though, I'm wondering if it is related to the enforcement of higher SMB versions, and if this could need adjusting within the DC, if theirs a parameter to do so. That being said, I may try lowering the SMB version in Win10 just to see if they auto-map again.
@@kylecurry6841 yeah that's exactly what I would do just to see if it makes any difference at all. If not, there could be issues that are resolved in an updated Samba version.
I only put into hostnames things which are very unlikely to change. Naming a server win-srv-2016 is bad because at some point it will be upgraded to 2019 so it creates more work and irritates people. Calling a server dc1 is OK because usually a DC stays a DC.
Can you ping the server from the client using the server's IP address? If not, there is a bigger issue than DNS. If so, then yep, you have a DNS issue.
Hello! Ah, yes the dark secrets of Samba4 print servers and GPO would be a fun video. I can say from experience, it can be a headache! Thanks for watching!
Hi there. Highly appreciate your content and I tried the same way with the same setup. Only difference is that I used Ubuntu 16.04.07 instead of 16.04.05 At the final step when I install #apt install krb5-user , it was little different and asked to type kerberos realm and I just skipped and automatically assign a name same as my Local host name. Then when I try #kinit Administrator and even if I type the correct password, error message : kinit : preauthentication failed while getting initial credentials. It would be a great help if you can help me with this
Thank you sir for this wonderful video. My Boss has handed over to me an HPE ProLiant DL380 Gen10 Server to setup a linux Domain Controller to authenticate windows clients and users. I have been reading on samba as a preferred choice. I have seen a couple of videos on setting up samba Active Directory on ubuntu. I had a look on the samba wiki and there seem to be some changes on the ubuntu distribution specific package installation as compared to your video. Can you kindly do another tutorial on setting up the current samba AD on the current stable version of ubuntu server. Thank you.
Naming servers after Starwars characters... every time I've been called out to deal with a ransomware attack it seems that the servers are always named in some wacky "oh look how cheeky I am" way. Most of the time these cats quit once the crap hits the fan and the poor dude that has to come in and untangle the mess has to weed through a bunch of pop culture references to get the company going again. Seems to be a correlation between how poorly set up and how poorly named a domain is lol
Ver descriptive and helpful for a newbie in this. Thank you for the time spent
Dude, thanks a lot for this video, I'm getting thrown into the deep end with this stuff and this really helps.
Well, when i have set up the bridge network card i had no internet on my Linux so i couldn't install anything.. I had to change back to NAT.
I'm not able to join Windows 10 to Samba Active Directory. Please help to this issue. Samba Active Directory to Windows 10 client system are both communication. But not able to join.
What is the version of Samba have you installed and on which distribution ? Is it necessary the server distribution that have to be used for the configuration ?
Good video, thanks.
I too was trying to work through their guide, except on 18.04 LTS. Comparing to you helped me figure what was normal, and where my problem was at. I hadn't correctly disabled resolvconf, so resolv.conf changed after reboot.
One thing to share with you, is when I got stuck with the krb5.conf file, I used 'updatedb' followed by 'locate krb5.conf' to quickly figure out where it was hiding.
Great comment, thanks for watching.
awesome, you clearly stated what your issue was and how you fixed it, will help me when I set mine up
Not to be critical, really, but maybe the Linux command 'find' may have helped locate the brb5.conf file. Besides that however, I really learned a LOT from this video and I look forward to watching many more that you upload (I subscribed).
Not sure why I didn't use it, would have been way easier. Thanks for watching!
@@RocketCityTech Believe me I know how it goes when the camera is running. I forgot how 'pwd' worked the first time I did something in a Unix-variant in one of my videos. BTW, I am seeing you video right now for the 3rd time - great work - Thanks for making it.
Thankyou for the tutorial.
But i face the problem.
When execute samba-tool domain provision --interactive
The command line is running normal except
"Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs.
Help me please, thanks bro.
same problem here, anybody has a solution or something?
Tried this today on Ubuntu Server 18.04 (the installation instructions are now updated) and it worked a charm. Had a few small issues but nothing I couldn't work around using Google (18.04 server uses a different default network manager). Will test if my main rig can join my domain tomorrow. Thanks.
Awesome, glad to hear and thanks for sharing!!
Can you help me do it. I'm trying but i am facing some issues.
I name my servers after random shit to keep things obscure to outside eyes. My "organization" is a communal hose with three roommates and I'm the only admin there will ever be. The roommates know how to access Jellyfin and the NAS, but if someone I don't know gets on the network for whatever reason and decide they want to mess with my stuff, they won't know what they're looking at based on hostnames.
Thanks so much for this video. I've been using Samba4 for a number of years in our small domain, and these tips help. I can confirm that the basic functions of samba AD work fine, and I've been able to install samba ad on ubuntu 18.04 successfully as well, which have a few differences from ubuntu 16.04, and should carry forward to 20.04.
Very awesome to hear. Gotta love using RSAT toolkit connected to a Linux server! Thanks for watching!
@@RocketCityTech Yes, I manage a couple dozen win10 clients. You get all the important security and deployment parts of AD for smaller workgroups. We deploy software, files, printers and security from any admin logon. Great learning tool for AD, we've had a couple of interns manage it, helped them in their careers.
@@zincfive Indeed, if someone can deploy AD this way and be successful in managing it, they are probably exercising parts of their brains they never knew they had.
Hey, is there a tutorial on making a samba file server and joining it to an AD to make roaming user profiles. Thats a high requested Feature in our enviroment. Thx
1:19:37 i type host -t SRV _ldap._tcp.CURSO.TEC and it output: connection timed out; no servers could be reached. any help shall be appreciated.
i use bind for dns
Make sure you have also used curso.tec in other steps where I have used ad.testcompany.com Instead of ad.testcompany.com you will just use curso.tec without the ad.
Good luck, thanks for watching!
@@RocketCityTech I love u
This Video worked, but only until you restart your Server. After that, kerberos and ldap were not reachable. Whats the Problem an do you have a Solution for that Problem?
Sorry for delayed response. Hmm, interesting, not sure what is going on there but it could just be that you need a startup script to run on boot to get the services running. If I remember correctly, Samba has bootup scripts on their website for different Linux distros, you may want to check there. Thanks for watching.
Hi, I'm looking to set a DC up on a Raspberry Pi 4, running Ubuntu Server 20.10 or using Raspberry Pi OS (Debian). Would that version of Ubuntu work or no?
Did you get this setup going? That would be awesome. Thanks for watching!
@@RocketCityTech Yes! I use it as my main (and only) DC in my home network. It’s great! I can use it like a standard windows server - it’s my file server, print server, of course AD, and also I was looking to host Plex on it. I did have to use the desktop version of Ubuntu on the raspi because i couldn’t figure out how to get the Static IP to work and also i had loads of DNS issues. No issues now tho - haven’t really had to do much as it just works. I usually reboot the server like once a month! Got a 1tb hard drive and a 2tb hard drive connected and use it as my personal cloud too - remote access to the files. Thanks so much for this tutorial - i would be completely lost without it.
Great video, enabled me to progress past various points where I had got stuck. Have you made any other videos to explain how to add/maintian users to complete this subject?
Hello! It's possible the video I made describing the RSAT toolkit may be what you're looking for. Thanks for watching!
Really helped out with my first linux DC test deployment! Thanks!
Glad to hear and good luck, thanks for watching!
I have a question, i want both internet connection and connection between my Ubuntu server and Windows 10 workstation. How can i set up two network adapters in virtual box and Ubuntu so i can achieve this?
The workstation is installed virtual box
@@jelmer4019 Set an internal network + NAT
Would you be willing to share your configuration files as an example? I'm trying to troubleshoot and isolate what's wrong with my configuration.
Sure, which config files do you want?
Sir, I have a question. First of all, I enjoy your videos. Thank you for posting. I would like to build a Linux network, consisting of Domain Controller, Email Server, Web Server, Backup Server, and OS deployment server (similar to WDS/WADK), SOLELY for the purposes of reverse engineering malware and penetration testing, as I’m preparing to take an exam.
With a Windows-based DC, I would have to build two DCs for a setup like this. Is that required for a Linux-based setup? Also, what are some considerations that I should have for DMZ setup, as well as remote access?
Any help shall be appreciated.
Me too
I've been running this type of setup for 2+ yrs and haven't had any major issues. Debian Jessie for the ADC, setup on Stretch or Ubuntu 18.04 requires different changes regarding DNS for Forward lookup and root hints.
Windows 10 and the lastest build varients will not respond to GPO's made for mapped drives, however I'm running Samba 4.2.14, where as Samba 4.9 is now available so I'm curious to see if many adaptations have been added to suit changes on the Windows landscape.
I believe the drives aren't mapping possibly because of dropped support for SMB 1 in Windows 10 and you can either upgrade the server or enable SMB 1 support in Win 10. Just a thought.
@@RocketCityTech Hi, yes I'm familiar with that change, however I should have been more specific. If manually mapped, theirs no issues, and I've confirmed the SMB version is above 2.1 between Server and Windows client. The issue is automatically mapping drives via GPO.... When tested against a Win7/Server 08, or Win8/8.2/Server 12 machine, everything works fine..... Initially it worked with Win 10 in earlier builds too till something changed after the Win10 Creators update as I recall
@@kylecurry6841 Interesting. I'd love to hear if updating the Samba server helps with this issue.
Along the lines of what you mentioned though, I'm wondering if it is related to the enforcement of higher SMB versions, and if this could need adjusting within the DC, if theirs a parameter to do so. That being said, I may try lowering the SMB version in Win10 just to see if they auto-map again.
@@kylecurry6841 yeah that's exactly what I would do just to see if it makes any difference at all. If not, there could be issues that are resolved in an updated Samba version.
Does anyone know what the office resource requirements are (CPU / Memory)?
I only put into hostnames things which are very unlikely to change. Naming a server win-srv-2016 is bad because at some point it will be upgraded to 2019 so it creates more work and irritates people. Calling a server dc1 is OK because usually a DC stays a DC.
I ❤️ this comment. Thanks for watching!
i cant add my client to the domain. i know theres something wrong with the DNS i just cant figure out what i did wrong..
Can you ping the server from the client using the server's IP address? If not, there is a bigger issue than DNS. If so, then yep, you have a DNS issue.
@@RocketCityTech i can ping the ad.testcompany.com i cant ping samba.ad.testcompant.local
Thank you sir for this wonderful video. I am interested to configure the print server, is there any tutorial?
Hello! Ah, yes the dark secrets of Samba4 print servers and GPO would be a fun video. I can say from experience, it can be a headache! Thanks for watching!
Holy crap! I can't believe I watched the whole thing.. Anyways thanks for the hard work.
Haha! My thoughts exactly after making the video.. Congrats on making it through and thanks for watching!
@@RocketCityTech Was a good video tho.. 👍
@@geogmz8277 LOL thanks
Hi there. Highly appreciate your content and I tried the same way with the same setup. Only difference is that I used Ubuntu 16.04.07 instead of 16.04.05
At the final step when I install #apt install krb5-user , it was little different and asked to type kerberos realm and I just skipped and automatically assign a name same as my Local host name.
Then when I try #kinit Administrator and even if I type the correct password, error message :
kinit : preauthentication failed while getting initial credentials.
It would be a great help if you can help me with this
Hi there. Problem has been fixed. Thank you 😊
Glad you got it going! Have fun and thanks for watching!
Thank you sir for this wonderful video. My Boss has handed over to me an HPE ProLiant DL380 Gen10 Server to setup a linux Domain Controller to authenticate windows clients and users. I have been reading on samba as a preferred choice. I have seen a couple of videos on setting up samba Active Directory on ubuntu. I had a look on the samba wiki and there seem to be some changes on the ubuntu distribution specific package installation as compared to your video. Can you kindly do another tutorial on setting up the current samba AD on the current stable version of ubuntu server. Thank you.
I will try to do this soon. Thanks for watching!
very useful video. Thanks! Subscribed
Who knew Samba and Active Directory could be so fun!? Thanks for watching.
Thanks allot appreciate ur hard work
Thanks for watching.
Hey brother can i pm you need some advice ?
Watching your video, will update when done 🐱👓
u done?
@@nilsus8365 Unfortunately youtube got stuck in a loop, and he's now doomed to watch forever.
thank You for Your job. Greetings from Poland!
Hello! Thanks for watching!
Thanks! Subscribed
Thanks from Russia ) Best fresh video about
Great to hear, thanks for watching!
Naming servers after Starwars characters... every time I've been called out to deal with a ransomware attack it seems that the servers are always named in some wacky "oh look how cheeky I am" way. Most of the time these cats quit once the crap hits the fan and the poor dude that has to come in and untangle the mess has to weed through a bunch of pop culture references to get the company going again. Seems to be a correlation between how poorly set up and how poorly named a domain is lol
Watched it in 1.5x normal speed.
Thanks for watching!
Why Ubuntu??? When you have Debian!
Haha! So true..
free linux free problem test it Redhad :D
Too many ads
find / -name krb5.conf
Yesss!!!
thanks for wasting 5 hours of my life.