Samba: Difference between revisions
imported>2x m →Stale file handle: fix typorino ("ino" as in inode, not "info") |
imported>Maximeborges Add Samba4 AC DC configuration steps |
||
| Line 204: | Line 204: | ||
"d /var/spool/samba 1777 root root -" | "d /var/spool/samba 1777 root root -" | ||
]; | ]; | ||
} | |||
</syntaxhighlight> | |||
==== Active Directory Domain Controller ==== | |||
To set up an AD DC on your installation, first start with a disabled installation of Samba, so we have all the tools to setup the configuration: | |||
<syntaxhighlight lang=nix> | |||
{ | |||
services.samba = { enable = false; }; | |||
} | |||
</syntaxhighlight> | |||
{{Evaluate}} | |||
Then follow the configuration steps from https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller | |||
If everything works properly, we will now update the previous nix config. Replace it with the following, and update the <code>services.samba.configText</code> field with the content of your freshly set up <code>/etc/samba/smb.conf</code>: | |||
<syntaxhighlight lang=nix> | |||
{ config, pkgs, ... }: | |||
let | |||
cfg = config.services.samba; | |||
samba = cfg.package; | |||
nssModulesPath = config.system.nssModules.path; | |||
in { | |||
systemd.services.samba-smbd.enable = false; | |||
systemd.services.samba = { | |||
description = "Samba Service Daemon"; | |||
requiredBy = [ "samba.target" ]; | |||
partOf = [ "samba.target" ]; | |||
serviceConfig = { | |||
ExecStart = "${samba}/sbin/samba --foreground --no-process-group"; | |||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; | |||
LimitNOFILE = 16384; | |||
PIDFile = "/run/samba.pid"; | |||
Type = "notify"; | |||
NotifyAccess = "all"; #may not do anything... | |||
}; | |||
unitConfig.RequiresMountsFor = "/var/lib/samba"; | |||
}; | |||
nixpkgs.overlays = [ (self: super: { | |||
samba = super.samba.override { | |||
enableLDAP = true; | |||
enableMDNS = true; | |||
enableDomainController = true; | |||
}; | |||
} ) ]; | |||
services.samba = { | |||
enable = true; | |||
enableNmbd = false; | |||
enableWinbindd = false; | |||
configText = '' | |||
# Global parameters | |||
[global] | |||
dns forwarder = 10.99.0.1 | |||
netbios name = SAMDOM | |||
realm = SAMDOM.EXAMPLE.COM | |||
server role = active directory domain controller | |||
workgroup = SAM | |||
idmap_ldb:use rfc2307 = yes | |||
[sysvol] | |||
path = /var/lib/samba/sysvol | |||
read only = No | |||
[netlogon] | |||
path = /var/lib/samba/sysvol/samdom.example.com/scripts | |||
read only = No | |||
''; | |||
}; | |||
} | } | ||
</syntaxhighlight> | </syntaxhighlight> | ||