This article will describe you how to manage Samba4 AD-DC using command line, such like add, remove, disable, enable or listing users and groups.
We’ll additionally take a glance on a way to manage domain security policy and the way to bind AD users to native PAM authentication so as for AD users to be able to perform native logins on UNIX operating system Domain Controller.
Samba AD DC are often managed through samba-tool program line utility that offers an excellent interface for administrating your domain.
With the assistance of samba-tool interface you’ll directly manage domain users and teams, domain cluster Policy, domain sites, DNS services, domain replication and different essential domain functions.
How to fix the /bin/rm: Argument list too long error
http://www.linuxpcfix.com/monitor-linux-server-ps-command/
[root@rp-addc ~]# samba-tool -h
Usage: samba-tool
Main samba administration tool.
Options:
-h, –help show this help message and exit
Version Options:
-V, –version Display version number
Available subcommands:
dbcheck – Check local AD database for errors.
delegation – Delegation management.
dns – Domain Name Service (DNS) management.
domain – Domain management.
drs – Directory Replication Services (DRS) management.
dsacl – DS ACLs manipulation.
fsmo – Flexible Single Master Operations (FSMO) roles management.
gpo – Group Policy Object (GPO) management.
group – Group management.
ldapcmp – Compare two ldap databases.
ntacl – NT ACLs manipulation.
processes – List processes (to aid debugging on systems without setproctitle).
rodc – Read-Only Domain Controller (RODC) management.
sites – Sites management.
spn – Service Principal Name (SPN) management.
testparm – Syntax check the configuration file.
time – Retrieve the time on a server.
user – User management.
visualize – Produces graphical representations of Samba network state
For more help on a specific subcommand, please type: samba-tool (-h|–help)
To create a new domain user.
[root@rp-addc ~]#samba-tool user create gajendra.singh
Create an user with several command options.
[root@rp-addc ~]#samba-tool user add gajendra.singh –given-name=Gajendra –surname=Singh –mail-address=gajendra@linuxpcfix.com –login-shell=/bin/bash.
You can list all users using execute by following command.
krbtgt
sudeep.jain
Administrator
neeraj.sharma
Guest
jitendra.choudhary
chandrashekhar.singh
ashish1.sharma
gajendra.singh
To delete a samba user using following command.
Reset password of samba a user by executing following command.
Enable and disable a samba user by performing following command.
[root@rp-addc ~]# samba-tool user enable gajendra.singh
To manage samba group use the following command.
Delete a samba domain group by performing following command:
To list all domain groups using below command.
To list all domain members in a particular group.
neeraj.sharma
jitendra.choudhary
chandrashekhar.singh
sudeep.jain
ashish1.sharma
[root@rp-addc ~]#
To add and remove a member in particular group use the below command.
Added members to group it
To review samba domain password policy and settings.
Password informations for domain ‘DC=linuxpcfix,DC=rpn’
Password complexity: on
Store plaintext passwords: off
Password history length: 24
Minimum password length: 7
Minimum password age (days): 1
Maximum password age (days): 42
Account lockout duration (mins): 30
Account lockout threshold (attempts): 0
Reset account lockout after (mins): 30
In order to modify password policy of you samba domain use following steps and command.
Password complexity deactivated!
[root@rp-addc ~]#samba-tool domain passwordsettings set –history-length=0
All changes applied successfully!
[root@rp-addc ~]#samba-tool domain passwordsettings set –min-pwd-age=0
Minimum password age changed!
All changes applied successfully!
[root@rp-addc ~]#samba-tool domain passwordsettings set –max-pwd-age=0
Maximum password age changed!
All changes applied successfully!
[root@rp-addc ~]#samba-tool domain passwordsettings set –min-pwd-length=4
Minimum password length changed!
All changes applied successfully!
If you are planning to configure SAMBA 4 AD-DC on Centos then follow the below link
http://www.linuxpcfix.com/samba-4-ad-dc-on-centos/