• http://wiki.samba.org/index.php/Samba_AD_DC_HOWTO

# apt install samba winbind

# rm /etc/samba/smb.conf

• http://wiki.samba.org/index.php/Samba_AD_DC_HOWTO

server# samba-tool domain provision --use-rfc2307 --interactive

...
Realm [CORPX.UN]:
 Domain [CORPX]:
 Server Role (dc, member, standalone) [dc]:
 DNS backend (SAMBA_INTERNAL, BIND9_FLATFILE, BIND9_DLZ, NONE) [SAMBA_INTERNAL]:
 DNS forwarder IP address (write 'none' to disable forwarding) [172.16.1.254]:
Administrator password: Pa$$w0rd
Retype password: Pa$$w0rd
...

• Настройка Kerberos клиента

server# cp /var/lib/samba/private/krb5.conf /etc/krb5.conf

server# testparm

debian# systemctl disable smbd

debian# systemctl unmask samba-ad-dc.service

debian# systemctl enable samba-ad-dc.service

server# cat /etc/samba/smb.conf

[global]
        ldap server require strong auth = no
...

server# init 6

server# cat /etc/resolv.conf

search corpX.un
nameserver 127.0.0.1

• Adding users with samba tool

# samba-tool user create user1 'Pa$$w0rd1' --given-name Ivan --initials I --surname Ivanov --uid-number 10001 --gid-number 10001 --login-shell /bin/bash --unix-home /home/user1
# samba-tool group add guser1 --nis-domain=CORP13 --gid-number=10001

# samba-tool user create user2 --given-name Petr --initials P --surname Petrov
# samba-tool user setpassword user2

# samba-tool user list

• wiki.samba DNS Administration

# kinit Administrator

# samba-tool dns add server corpX.un gate A 192.168.X.1

# samba-tool dns delete server corpX.un gate A 192.168.X.1

# samba-tool dns add server corpX.un _xmpp-client._tcp SRV 'gate.corpX.un 5222 0 0'

• Развертывание средств администрирования Active Directory