Showing posts with label devwget. Show all posts
Showing posts with label devwget. Show all posts

Saturday, August 22, 2015

How to Make a Debian Domain Controller


Open a terminal window and type 'su' and press 'Enter' to log in as the 'root' user. When entering commands don't include the quotes unless otherwise noted.
Type the following command, then press 'Enter' to install an LDAP server:aptitude install slapdThis is the server program used to authenticate Windows users.
Type the following command, then press 'Enter' to install the LDAP administrative interface:aptitude install apache-ssl phpldapadminThis command installs the secure version of the Apache Web server and the PHPLDAPAdmin package, which is used to provide easy LDAP administration. During the installation process you will be prompted to provide information about your organization to create the SSL certificate, including: country, state, city, organization or domain name, OU (which stands for organizational unit or department), host name of the computer and contact e-mail.
Type the following three commands to install MKNTPWD, press 'Enter' after each line:aptitude install make gcc libc-devwget http://www.nomis52.net/data/mkntpwd.tar.gztar zxvf mkntpwd.tar.gz && cd mkntpwd && make && cp mkntpwd /usr/local/bin/The MKNTPWD command is used to create Windows passwords.
Type the following command, then press 'Enter' to install Samba:aptitude install samba samba-docThis is the Samba package that will present the server to the network as a Windows server and translate the SMB protocol used in the domain.
Type the following two lines to install a basic LDAP configuration, press 'Enter' after each command:cd /usr/share/doc/samba-doc/examples/LDAPgunzip samba.schema.gz && cp samba.schema /etc/ldap/schema/This unpacks and installs the LDAP example schema, which can be modified for a Windows network.
Type the following command, then press 'Enter' to open the LDAP configuration file:emacs /etc/ldap/slapd.confYou can change 'emacs' to a different text editor if you prefer.
Search for the lines that start with 'include,' then add the following line after the 'include' lines:include /etc/ldap/schema/samba.schemaThis includes the Samba schema, which explains the structure of a Windows network to the LDAP server.
Press the 'Ctrl' and 'x' keys on the keyboard, then release the keys and press 'Ctrl' and 'x.' Press 'x' to save the file before exiting.
Type the following command, then press 'Enter' to restart the LDAP server:/etc/init.d/slapd restart
Open Firefox and enter the following in the address bar:https://mycomputer/phpldapadmin/Replace 'mycomputer' with the name or address of your computer. You can use any Web browser to access this address. This is the administration interface to use when adding or removing users and computers from your network.
Enter the user information. The user name is 'admin,' the password and domain are the same that was created when LDAP was installed. Don't include the quotes or coma in the user name.
Click the plus sign to expand the root node, then click 'Create new entry here.' Click 'OU,' followed by 'Proceed.'
Enter 'users' as the name of the OU, then click 'Create object.' Repeat step 13 and 14 to create two more objects called 'groups' and 'machines.' Don't include quotes or periods in the OU names.
Close Firefox, or your preferred browser, and return to the terminal window.
Type the following command, then press 'Enter' to open the Samba configuration file:emacs /etc/samba/smb.confYou can change 'emacs' to a different text editor if you prefer.
Press the 'Ctrl' and 's' keys to bring up the search function.
Type 'passdb backend=tdsam' to search for the password database line in the file. Don't include the quotes in the search. Then press enter to return to editing mode.
Replace the 'passdb' line you found with the following nine lines, press 'Enter' after each line:passdb backend = ldapsam:ldap://127.0.0.1ldap suffix = dc=mydomain,dc=comldap machine suffix = ou=machinesldap user suffix = ou=usersldap group suffix = ou=groupsldap admin dn = cn=admin,dc=mydomain,dc=comldap delete dn = nodomain logons = yesenable privileges = yesReplace 'mydomain' and 'com' with your full domain name.
Press the 'Ctrl' and 'x' keys on the keyboard, then release the keys and press 'Ctrl' and 'c'. Press 'y' to save the file before exiting.
Type the following command, then press 'Enter' to create an administrative password for Samba and restart the service:smbpasswd -w password && /etc/init.d/samba restartBe sure to write this password down along with the LDAP password. They will be required if you make changes later. The domain controller is now configured. You can add users to the domain using the PHPLDAPAdmin tool. Configure the Windows client machines to point to the domain controller as if it were a Windows domain controller.
VPS Hosting