そういうのがいいブログ

SIerで働く30代サラリーマンSEがインフラエンジニアに憧れてLinux・クラウド・AWSの勉強をするブログ

CentOS8とSamba4.12でActive Directory構築(8)ドメインのデプロイ

※[PR]当ブログの記事の中にはプロモーションが含まれています。

ドメインのデプロイ

CentOS8.2とSamba4.12.6を使ってActive Directory環境を構築する手順(8)ドメインのデプロイ

CentOS8.2とSamba4.12.6を使ってActive Directory環境を構築する手順を探している方へ。

CentOS8.2とSamba4.12.6を使ってActive Directory環境を構築する手順を知りたい

CentOS8.2とSamba4.12.6を使ってActive Directory環境を構築する手順を知りたい、と考えていませんか?

CentOS8.2とSamba4.12.6を使ってActive Directory環境を構築する手順を紹介します

本記事では、下記の内容を解説します。

  1. CentOS8.2とSamba4.12.6を使ってActive Directory環境を構築する手順

この記事を書いている私は、某SIerに勤務しながら、
WEB系エンジニア・インフラエンジニアに憧れて、プログラミングおよびインフラ技術の勉強をしています。
私が実機で試したコマンドや画像を載せて書いています。
記事の信頼性担保に繋がると思います。

Active Directory構築のまとめ記事

本ブログでは、CentOS8.2とSamba4.12.6でのActive Directory構築を、
(1)~(14)のステップに分けて紹介しています。
本記事はそのうちの(8)です。

以下が、(1)~(14)のまとめ記事です

souiunogaii.hatenablog.com

.bash_profileに追加

vi /root/.bash_profile
[root@SV-EARTH samba-4.12.6]# vi /root/.bash_profile
# .bash_profile

# Get the aliases and functions
if [ -f ~/.bashrc ]; then
        . ~/.bashrc
fi

# User specific environment and startup programs

PATH=$PATH:$HOME/bin

export PATH
export PATH="/usr/local/samba/bin:/usr/local/samba/sbin:${PATH}"
export PATH="/usr/local/samba/bin:/usr/local/samba/sbin:${PATH}"

上記の1行を追記。

sourceコマンドで反映

source ~/.bash_profile
[root@SV-EARTH samba-4.12.6]# source ~/.bash_profile
[root@SV-EARTH samba-4.12.6]#

Sambaバージョンの確認

samba -V
[root@SV-EARTH samba-4.12.6]# samba -V
Version 4.12.6

ドメインのデプロイ

samba-tool domain provision --use-rfc2307 --interactive
項目 入力
Realm AD.PLANET.JP と入れて[Enter]
Domain PLANET と入れて[Enter]
Server Role dc と入れて[Enter]
DNS backend 何も入れずにそのまま[Enter]
DNS forwarder IP address 何も入れずにそのまま[Enter]
Administrator password ドメインの管理者ユーザーのパスワードを自分で決めて入れて[Enter]
[root@SV-EARTH samba-4.12.6]# samba-tool domain provision --use-rfc2307 --interactive
Realm [AD.PLANET.JP]:  AD.PLANET.JP
Domain [AD]:  PLANET
Server Role (dc, member, standalone) [dc]:  dc
DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]:
DNS forwarder IP address (write 'none' to disable forwarding) [8.8.8.8]:
Administrator password:
Retype password:
INFO 2020-08-16 00:34:26,190 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #2133: Looking up IPv4 addresses
INFO 2020-08-16 00:34:26,191 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #2150: Looking up IPv6 addresses
INFO 2020-08-16 00:34:27,603 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #2301: Setting up share.ldb
INFO 2020-08-16 00:34:27,694 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #2305: Setting up secrets.ldb
INFO 2020-08-16 00:34:27,764 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #2311: Setting up the registry
INFO 2020-08-16 00:34:28,138 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #2314: Setting up the privileges database
INFO 2020-08-16 00:34:28,275 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #2317: Setting up idmap db
INFO 2020-08-16 00:34:28,370 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #2324: Setting up SAM db
INFO 2020-08-16 00:34:28,391 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #897: Setting up sam.ldb partitions and settings
INFO 2020-08-16 00:34:28,393 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #909: Setting up sam.ldb rootDSE
INFO 2020-08-16 00:34:28,409 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1338: Pre-loading the Samba 4 and AD schema
Unable to determine the DomainSID, can not enforce uniqueness constraint on local domainSIDs

INFO 2020-08-16 00:34:28,523 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1416: Adding DomainDN: DC=ad,DC=planet,DC=jp
INFO 2020-08-16 00:34:28,560 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1448: Adding configuration container
INFO 2020-08-16 00:34:28,597 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1463: Setting up sam.ldb schema
INFO 2020-08-16 00:34:43,110 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1481: Setting up sam.ldb configuration data
INFO 2020-08-16 00:34:43,798 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1522: Setting up display specifiers
INFO 2020-08-16 00:34:54,009 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1530: Modifying display specifiers and extended rights
INFO 2020-08-16 00:34:54,178 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1537: Adding users container
INFO 2020-08-16 00:34:54,185 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1543: Modifying users container
INFO 2020-08-16 00:34:54,188 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1546: Adding computers container
INFO 2020-08-16 00:34:54,194 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1552: Modifying computers container
INFO 2020-08-16 00:34:54,197 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1556: Setting up sam.ldb data
INFO 2020-08-16 00:34:54,835 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1586: Setting up well known security principals
INFO 2020-08-16 00:34:55,075 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1600: Setting up sam.ldb users and groups
INFO 2020-08-16 00:34:56,243 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #1608: Setting up self join
Repacking database from v1 to v2 format (first record CN=Post-Office-Box,CN=Schema,CN=Configuration,DC=ad,DC=planet,DC=jp)
Repack: re-packed 10000 records so far
Repacking database from v1 to v2 format (first record CN=IntellimirrorGroup-Display,CN=415,CN=DisplaySpecifiers,CN=Configuration,DC=ad,DC=planet,DC=jp)
Repacking database from v1 to v2 format (first record CN=Remote Desktop Users,CN=Builtin,DC=ad,DC=planet,DC=jp)
INFO 2020-08-16 00:35:02,050 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/sambadns.py #1130: Adding DNS accounts
INFO 2020-08-16 00:35:02,123 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/sambadns.py #1164: Creating CN=MicrosoftDNS,CN=System,DC=ad,DC=planet,DC=jp
INFO 2020-08-16 00:35:02,200 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/sambadns.py #1177: Creating DomainDnsZones and ForestDnsZones partitions
INFO 2020-08-16 00:35:02,364 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/sambadns.py #1182: Populating DomainDnsZones and ForestDnsZones partitions
Repacking database from v1 to v2 format (first record DC=h.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=ad,DC=planet,DC=jp)
Repacking database from v1 to v2 format (first record DC=gc,DC=_msdcs.ad.planet.jp,CN=MicrosoftDNS,DC=ForestDnsZones,DC=ad,DC=planet,DC=jp)
INFO 2020-08-16 00:35:03,159 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #2037: Setting up sam.ldb rootDSE marking as synchronized
INFO 2020-08-16 00:35:03,176 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #2042: Fixing provision GUIDs
INFO 2020-08-16 00:35:08,438 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #2377: A Kerberos configuration suitable for Samba AD has been generated at /usr/local/samba/private/krb5.conf
INFO 2020-08-16 00:35:08,439 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #2378: Merge the contents of this file with your system krb5.conf or replace it with this one. Do not create a symlink!
INFO 2020-08-16 00:35:09,038 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #2107: Setting up fake yp server settings
INFO 2020-08-16 00:35:09,336 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #490: Once the above files are installed, your Samba AD server will be ready to use
INFO 2020-08-16 00:35:09,337 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #494: Server Role:           active directory domain controller
INFO 2020-08-16 00:35:09,337 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #495: Hostname:              SV-EARTH
INFO 2020-08-16 00:35:09,337 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #496: NetBIOS Domain:        PLANET
INFO 2020-08-16 00:35:09,337 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #497: DNS Domain:            ad.planet.jp
INFO 2020-08-16 00:35:09,338 pid:33344 /usr/local/samba/lib64/python3.6/site-packages/samba/provision/__init__.py #498: DOMAIN SID:            S-1-5-21-2645544796-916442422-2869806604