Copy this to your text editor, edit the variables, then paste line by line into the same shell session in a fresh install of Ubuntu 12.04 server with no optional packages installed other than OpenSSH.
For some reason it took doing an nslookup of testdc.testdomain.local at the command line on the win7 box before the domain join worked... I will investigate why...
Also, there are interactive parts so it's not so great as a script
#!/bin/bash
# Set up Samba4 as Domain Controller
# To be run on a fresh install of Ubuntu Server 12.04 with no optional packages selected save SSH
# architecture is x86_64, but only 1 place in this script does it matter.
# Local Administrator provided Values:
REALMNAME="testdomain.local"
REALMNAMEALLCAPS="TESTDOMAIN.LOCAL"
WINDOMAINNAME="TESTDOMAIN"
ADMINPASS="AdminPass1"
# WINDOMAINNAME must be all-caps
# ADMINPASS must bed 8 or more chars, 1+ digits and 1+ upper and 1+ lower case letters
apt-get update
apt-get dist-upgrade
apt-get install samba4 krb5-user
mv /etc/samba/smb.conf /etc/samba/smb.conf.orig
chmod u+x /usr/share/samba/setoption.pl
apt-get install samba4-clients
/usr/share/samba/setup/provision --realm=$REALMNAME --domain=$WINDOMAINNAME --adminpass=$ADMINPASS --server-role=dc
service samba stop
service bind9 stop
mkdir /srv/sambashares
mkdir /srv/sambashares/mainshare
cat << EOF >>/etc/samba/smb.conf
[mainshare]
path = /srv/sambashares/mainshare
read only = No
EOF
echo "include \"/etc/bind/named.conf.samba\";" >>/etc/bind/named.conf.local
chown root:bind /var/lib/samba/private/named.conf
mv /var/lib/samba/private/named.conf /etc/bind/named.conf.samba
cat << EOF >>/etc/apparmor.d/local/usr.sbin.named
/var/lib/samba/private/dns/** rwk,
/usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9.so rm,
/usr/lib/x86_64-linux-gnu/samba/gensec/krb5.so rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/asq.so rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/ldap.so rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/paged_results.so rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/paged_searches.so rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/rdn_name.so rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/acl.so rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/acl_read.so rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/anr.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/acl.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/aclread.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/anr.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/descriptor.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/dirsync.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/extended_dn_in.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/extended_dn_out.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/extended_dn_store.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/ildap.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/instancetype.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/lazy_commit.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/ldbsamba_extensions.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/linked_attributes.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/local_password.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/new_partition.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/objectclass.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/objectclass_attrs.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/objectguid.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/operational.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/partition.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/password_hash.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/ranged_results.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/repl_meta_data.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/resolve_oids.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/rootdse.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/samba3sam.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/samba3sid.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/samba_dsdb.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/samba_secrets.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/samldb.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/schema_data.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/schema_load.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/show_deleted.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/simple_dn.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/simple_ldap_map.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/subtree_delete.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/subtree_rename.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/update_keytab.so rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/wins_ldb.so rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/sample.so rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/server_sort.so rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/skel.so rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/tdb.so rm,
EOF
service apparmor restart
service bind9 start
service samba start
kinit administrator@$REALMNAMEALLCAPS
No comments:
Post a Comment