Implementing Samba 4: Exploit the real power of Samba 4 Server by leveraging the benefits of an Active Directory Domain Controller.

The most important task that we need to focus on before any other task, when planning for Active Directory Domain Controller, is to our network services' topology. For our Active Directory services to provide a resilient service, we need to be effective in creating a simple (yet descriptive) and scalable architecture that will fit our environment's needs and requirements.

Active Directory Domain Controller can provide us with a centralized management point for our network devices and thus gives us full control over a large number of objects (for example, users and machines). This is the key to achieving a lower cost in administrative tasks, resource control, and security (authentication and authorization) management in a specific network. To organize users and resources in a way that is simple to manage and is scalable (for example, facilitates delegation) is the key. On top of that, there is no reason to have a Domain Controller in our network...

To facilitate the understanding of this concept and help us have at hand all the information that we need to deploy the Active Directory services on our network, we will create a checklist with all the information that we need prior to the deployment of an AD service. Based on our last topic, we know exactly what we need, how we have defined the topology, and how our network will be implemented. So, we are able to create a document with the information we need, and this will help us identify any missing points about our design. In the following table, we can see all the information we need prior to the implementation of Samba 4 Active Directory. This is organized in a table for ease of understanding and referencing during the configuration phase. To have such information at hand, it is vital that we have a clean and straightforward process; feel free to add as much information as you have when planning for your AD services. The following...

One important configuration that will make our lives a lot easier is adding the Samba 4 installation path to our bash_profile file so that we have all the Samba tools in our search path and we don't need to work with full (absolute) paths. To do this in a sh or bash shell environment, just run the following command in your prompt:

leal@debian7:~$sudo echo 'export PATH=/usr/local/samba/bin:\
/usr/local/samba/sbin:$PATH' >> /root/.bash_profile && echo OK

The preceding command must give just the OK output. This is the signal that we have configured our bash_profile file in the Samba 4 software's binary path (for example, tools), so for future shell instances, we will have the search path ready.

After we have all the requisites for the Samba 4 environment fulfilled and our software installation validated, setting up a Samba 4 Server as an Active Directory Domain Controller is a simple task. We just need to execute the following command...

In this chapter, we saw in detail how to perform the provisioning of the Samba 4 Server as an Active directory Domain Controller, went through the initial phases of planning the network topology, structured the Active Directory, and created a checklist to help us organize information.

At the end of the chapter, we executed a series of tests and validations of important parts of the Active Directory server and thus, touched upon the subsystems that provide the core functionality of the Samba 4 AD/DC services. The last test was actually for joining a test server (Microsoft Windows 2008 R2 Server) to our POA Domain. We learned how to manage the Samba 4 Server from the Windows 2008 server, using the features that needed to be enabled on this Windows server's version.

Using our test machine, we tested the creation of custom OUs in our Active Directory, and so we could create our planned structure; and with the help of prebuilt scripts, we populated the AD/DC with 47 (nonPower) users.

In...