Integrate Samba With Microsoft Active Directory On CentOS 6.3

Samba is a free software re-implementation of the SMB/CIFS networking protocol provides file and print services for various Microsoft Windows clients and can integrate with a Windows Server domain. In the end of this tutorial you will be able to integrate samba with Microsoft Active Directory.

Requirements

 A computer with CentOS 6.3 installed on it.
 Internet Connection.
 Microsoft windows server with active directory service installed and run on it.

For the sake of the simplicity of this tutorial you need to turn off the firewall and SELinux.

Step 1 : Install the service

The below commands by the order will install the service, run it and make it run in the startup

sudo yum install samba samba-winbind
sudo service smb start
sudo service winbind start
sudo service oddjobd start
sudo chkconfig smb on
sudo chkconfig winbind on
sudo chkconfig oddjobd on

Step 2 : Join the domain

Run sudo authconfig-tui and select the same options and press next as shown below.

Now, write your domain, domain controller and ads realm (it is recommended to write the all capital letters) and chose the security model ads and template shell /bin/bash as shown below

Press Join Domain and you will be prompted to save the configuration and writing the domain administrator password as shown below.

Now check your active directory users and computers and you should find the new joined machine.

Step 3 : Create the users home directory

sudo mkdir /home/YOURDOMAIN //Your domain must be in capital letters

Step 4 : Configure smb.conf

Open smb.conf with any text editor, in this example I will use the nano editor
sudo nano /etc/samba/smb.conf

Under the global settings configure yours as below

[global] workgroup = YOURDOMAIN
password server = DC.YOURDOMAIN.LOCAL
realm = YOURDOMAIN.LOCAL
security = ads
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template homedir = /home/YOURDOMAIN
template shell = /bin/bash
winbind use default domain = true
winbind offline logon = false
idmap backend = idmap_rid:yourdomain=16777216-33554431
obey pam restrictions = yes

Step 5 : Configure system-aut

Open smb.conf with any text editor, in this example I will use the nano editor
/etc/pam.d/system-auth

Add the below line in the end of the file

session required pam_oddjob_mkhomedir.so skel=/etc/skel/ umask=0022

Now restart samba, winbind and oddjob services

sudo service smb restart
sudo service winbind restart
sudo service oddjobd restart

Step 6 : Access your home directory

Open run any machine that is joined the domain and write the IP address of the server as the below example and it will open your home directory.