Joining a Windows Client or Server to a Domain

From SambaWiki
Revision as of 08:51, 28 December 2014 by Mmuehlfeld (talk | contribs) (Reverted edits by Mmuehlfeld (talk) to last revision by Rixter)

Configure a Windows Client to join our Samba Active Directory

Active Directory is a powerful administration service which enables an Administrator to centrally manage a network of Windows 2000, Windows XP Pro, Windows 2003, Windows Vista Business Edition, and Windows 7 Professional (and up) effectively. To test the real Samba capability, we use Windows XP Pro as testing environment (Windows XP Home doesn't include Active Directory functionality and won't work).

To allow Samba 4 Active Directory or Microsoft Active Directory to manage a computer, we need to join the computer into the active directory. It involves:

  1. Configuring DNS Settings
  2. Configuring Date & Time and Time Zone
  3. Joining the domain

Step 1: Configure DNS Setting for Windows

Before we configure the DNS settings, verify that you are able to ping the server's IP address. If you are not able to ping the server, double check your IP address, firewall, routing, etc.

Once you have verified network connectivity between the Samba server and client,

  1. Right Click My Network Places, Select Properties
  2. Right Click Local Area Network, Select Properties
  3. Double click TCP/IP
  4. Use a static DNS server, add the Samba server's IP address inside the Primary DNS Server Column.
    Samba4dnsclient.jpg
  5. Press OK on all opened windows.
  6. Open a command prompt, type 'ping samdom.example.com' (as per your provision).

If you get replies, then it means that your Windows settings are correct for DNS, and the Samba server's DNS service is working as well.

Step 2: Configure Date & Time and Time Zone

Active Directory uses Kerberos as the backend for authentication. Kerberos requires that the system clocks on the client and server be synchronized to within a few seconds of each other. If they are not synchronized, then authentication will fail for apparently no reason.

Configure the Date & Time

  1. Right-Click on the Time display in the system notification area, Select Adjust Date/Time.
  2. Change the Date and Time so the client matches the server to the minute, and click OK
    Samba4time.jpg

Configure the Time Zone

  1. Right-Click on the Time display in the system notification area, Select Adjust Date/Time.
  2. Click on the Time Zone Tab
  3. Change the Time Zone to match the Time Zone on the server.
    Samba4timezone.jpg

Step 3: Joining Windows Clients to the Domain

Now your Windows computer is ready to join the Active Directory (AD) domain,

As an Administrator:

  1. Right Click My Computer -> Properties
  2. Choose the Computer Name tab, click Change...
  3. Click option 'Domain', insert SAMDOM.EXAMPLE.COM. If this fails, try SAMDOM.
    Samba4joindomain.jpg
  4. When it requests a username and password, type Administrator as the username, and p4$$word as the password.
  5. You should get a message box stating "Welcome to the SAMDOM.EXAMPLE.COM domain."
  6. Click OK on this message box and the Properties window, and you will be instructed to restart your computer.
  7. After restarting, you should be presented with the normal logon dialog.
  8. Change the domain to SAMDOM and type Administrator as the username, and p4$$word as the password.
    Samba4logindomain.jpg