Implementing Samba 4 (2014)

Preface

After many years of hard work, coding, and testing, the open source community was presented with the Samba software Version 4 at the end of 2012. Whoever was involved in the Samba project or had participated in the community knows how much this version was awaited. Besides all the new features that the Samba Server Version 4 brings in this important release, the one that stands out unanimously is the Active Directory capabilities. Microsoft Active Directory Services is a very popular technology among different companies, from small or medium size organizations to big enterprises.

With the new Samba 4 software version, users and system administrators will be able to implement an Active Directory Server, file and print services, and deliver a broad range of network services using open source technology. Samba 4 has main built-in capabilities needed for the server side of the Active Directory services, such as the LDAP server, the Kerberos Key Distribution Center, and a simple DNS server.

This book is a practical guide intended to provide easy-to-use, step-by-step procedures to help users and system administrators implement Active Directory services on their networks using the freedom of open source software. We will learn how to use the Samba 4 Server as an Active Directory server, as well as understand the other roles this software can play in the organization environment.

What this book covers

Chapter 1, Installing the Samba 4 Server, provides us with a quick overview of the Debian GNU/Linux installation procedure, and we will learn how to install and configure all the Samba 4 dependencies needed for our Samba 4 use cases. In this chapter, the reader will learn how to validate the Samba 4 installation and how to execute basic tests to make sure that the Samba 4 installation is ready.

Chapter 2, Provisioning Samba 4 as an AD Domain Controller, talks about the basic tasks required to get a proper Samba 4 Active Directory as a Domain Controller configured on the network. This chapter will focus on minimal planning, checklists, and the key points to consider before starting the provisioning. We will learn how to provision the Samba 4 as an Active Directory Server in detail.

Chapter 3, Managing the Samba Active Directory Server, describes the different roles the Samba 4 Server can play on the network, and how to basically manage it using Microsoft Windows machines (for example, Microsoft Windows Server 2008 R2). The reader will learn how to integrate a Debian GNU/Linux client on the Samba 4 domain and to have the authentication and authorization working in this system. Also covered in this chapter are the replication and trust relationship characteristics of an Active Directory Domain Controller when running the Samba 4 Server at the present time.

Chapter 4, Replacing a Microsoft Windows Active Directory Server, intends to show you how to replace a Microsoft Windows Server Active Directory by a Samba 4 Server. We will learn the key consideration points, our example configuration scenario, some backup/recovery and rollback techniques, and in the end, the step-by-step procedure to execute the replacement of our Microsoft Windows Server 2008 R2 with the Samba 4 Server as the Active Directory Domain Controller. We will also learn about some basic tests and validations to make sure that the process is successful and the environment is fully functional.

Chapter 5, Upgrading from Samba Server Version 3, describes the main differences between Samba software Version 3 and Version 4 and the considerations before planning a successful upgrade. We will also learn about the plan, tests, validations, as well as a step-by-step procedure to execute the upgrade and all the commands and scripts that are needed to go from a Samba 3 Primary Domain Controller to a Samba 4 fully functional Active Directory Domain Controller.

Chapter 6, Printing and File Services, covers the file and printing services for the Samba 4 Server. We will learn about some differences between the file and printing capabilities of Samba Server Version 3 and Version 4. We will learn about the SMB/CIFS protocol versions of Samba 4, the Samba 4 file and print server daemons, Microsoft Windows print driver Version 3 and Version 4. We will learn how to configure a printer on the Samba 4 Server host using CUPS and how to share the printer on a Microsoft Active Directory network using Samba. We have introduced Microsoft Windows Point and Print Samba Server configuration and basic File sharing with Samba 4.

Chapter 7, Extending the Active Directory Schema Using Samba 4, describes how to extend the default Active Directory schema for some specific applications when using a built-in Samba 4 as the Active Directory Domain Controller.

Chapter 8, Implementing a Highly Available Distributed File Server, focuses on how to implement a highly available and distributed file server using Samba 4 Server, GlusterFS, and CTDB.

Chapter 9, The Samba 4 Python Scripting Interface, describes some basics about the Samba 4 internals, going through some code snippets and understanding the open source development and collaborative work. This chapter also provides us with an introduction to the Samba 4 Python bindings, teaches us how to explore and start using the new Python interface of the Samba 4 Server, and describes a practical example using the combined power of Python and Samba 4.

Appendix, References, provides the links for the references used in the book.

What you need for this book

This book is focused on the Samba 4 software and its installation on a Debian GNU/Linux operating system. So, the reader will need an Internet connection to download and install both the software and a CD/DVD with the respective software that is available. The procedure to install the Debian GNU/Linux system is specific, but it should be simple or adequate to other GNU/Linux distributions (the shell scripts are written in bash, and should be similar in any GNU/Linux distribution).

All code and procedures presented through this book must not be used in production; so, a test environment with the machines needed for each lab needs to be created. It's highly important that the step-by-step procedures be executed in an isolated environment where the reader can stress test all the code and configuration examples provided. A good option is to use a virtualized environment, and if that is the choice for the readers, any virtualized solution that supports the Microsoft Windows Servers and GNU/Linux needed by the customer can be used.

Who this book is for

People who will benefit the most from this book should fit into one of these two categories: they should have good knowledge of Microsoft Windows and basic knowledge of GNU/Linux systems or they should have good experience with GNU/Linux systems and basic knowledge of Microsoft Windows Operating System. Both groups need to manage and integrate a heterogeneous environment, where GNU/Linux and Microsoft Windows Servers and workstations need to have a centralized authentication and authorization service, file and print sharing, configuration management, and so on.

The expected audience will have specific needs and should seek pragmatic solutions such as replacing a Microsoft Windows Active Directory Server with a Samba 4 Server when the administrator does not have much experience with GNU/Linux, or implementing an Active Directory Server in an environment where the majority of the systems are GNU/Linux operating systems, while still having to support and integrate Microsoft Windows machines.

Conventions

In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.

Code words in text are shown as follows: "We just need to install the kerberos config file in its right directory, and to do that, we just need to issue the following command:"

Any command-line input or output is written as follows:

leal@debian7:~$ sudo /usr/local/samba/sbin/samba -i -M single

Password:

A block of code is set as follows:

[DEVCODDS]

comment = DEV COD DS

path = /var/lib/samba/devcodds

read only = No

New terms and important words are shown in bold. Words that you see on the screen, in menus or dialog boxes for example, appear in the text like this: "We can connect to our snapshot directly by issuing the following command at the Start | Run menu:".

Note

Warnings or important notes appear in a box like this.

Tip

Tips and tricks appear like this.