Description |
This article describes a way to deploy a small domain controller using Samba 4 on CentOS 8 for tests on lab environment. |
Scope | CentOS FortiGate. |
Solution |
Type: sudo su // this command is to switch the root user.
After that, type: ps ax | egrep “samba|smbd|nmbd|winbindd”.
Now check the status typing sestatus:
Now, install epel service using:
yum install epel -release -y
Then, install Samba 4 typing:
yum -y install samba*
To confirm the Samba version, type: smbd -V. Then, move Samba files according to the following way:
mv /etc/samba/smb.conf. /etc/samba/smb.conf
Edit smb.conf file vim /etc/samba/smb.conf.
Fill it as the next picture:
In order to check the service, type the command as in the picture:
Create folders and directories for logs:
Create users and groups and then add them to the Samba service.
Start smb.service
Type: systemctml enable nmb & systemctml enable smb
Type the following commands in order to check CentOS FIREWALL, and set the domain controller.
Edit selinux file:
Make sure the configuration should be like the next image.
Set the TCP & UDP ports on Linux firewall:
firewall-cmd –permanent –add-port=53/tcp firewall-cmd –permanent –add-port=53/udp firewall-cmd –permanent –add-port=88/tcp firewall-cmd –permanent –add-port=88/udp firewall-cmd –permanent –add-port=135/tcp firewall-cmd –permanent –add-port=135/udp firewall-cmd –permanent –add-port=137/tcp firewall-cmd –permanent –add-port=138/udp firewall-cmd –permanent –add-port=139/tcp firewall-cmd –permanent –add-port=389/tcp firewall-cmd –permanent –add-port=389/udp firewall-cmd –permanent –add-port=445/tcp firewall-cmd –permanent –add-port=464/udp firewall-cmd –permanent –add-port=464/tcp firewall-cmd –permanent –add-port=636/tcp firewall-cmd –permanent –add-port=1024-5000/tcp firewall-cmd –permanent –add-port=1024-5000/udp firewall-cmd –permanent –add-port=3268/tcp firewall-cmd –permanent –add-port=3269/tcp firewall-cmd –permanent –add-port=5353/tcp firewall-cmd –permanent –add-port=5353/udp Finally, edit the next file as below
Now, only join a windows client o the domain as windows configuration normally. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.