[Samba] Configuring Samba as a file server to use AD authentication

Michael A Weber mweber.subscriptions01 at gmail.com
Thu Aug 25 16:15:24 UTC 2016

> On Aug 25, 2016, at 10:29 AM, Kyle Manel via samba <samba at lists.samba.org> wrote:
> No DNS domain configured for


For rid, check out this:

https://wiki.samba.org/index.php/Idmap_config_rid <https://wiki.samba.org/index.php/Idmap_config_rid>

There is an example section of the additional lines to smb.conf you’ll need, but keep in mind that you’ll need to change them to meet your needs i.e. the ranges will need to be specified for your needs.  Also, in the config for domain SAMDOM, you need to change the SAMDOM domain to your actual domain.  The template settings for login shell and home directory are for your unix machines so that AD users may log into unix workstations, if needed.

For your DNS issue, make sure your file server’s hosts file at /etc/hosts includes your file server’s IP address and hostname, like this:	FILESERV01	FILESERV01.my.domain.tld

of course replacing the IP address with your server’s IP address, and the host names with the correct host name and domain.  I’m not certain it’s required, but much of what goes in in AD seems to use an all-capital letters host name, like I’ve shown above, so I recommend doing that as well.

Finally, you have to change the hostname specified in the file /etc/hostname on your fileserver, and then I would net ads leave the domain, and rejoin, and you should be good.

Be sure as well that your file server is set to use the DNS as provided by the AD server you have.  That is, in a terminal, enter


and type


followed by <enter> and see what server IP address it returns to you.  It should be your AD DC.

To get out of nslookup, type


followed by <enter> and you’re back out.

Good luck!


More information about the samba mailing list