Joining a Windows Client or Server to a Domain

Revision as of 18:53, 11 July 2013 by Mmuehlfeld (talk | contribs) (Replacing the "configure DNS settings" section with a link to the much more detailed section in the "DNS Administration HowTo" + some newlines for a better readability)

Configure a Windows Client to join our Samba Active Directory

Active Directory is a powerful administration service which enables an Administrator to centrally manage a network of Windows 2000, Windows XP Pro, Windows 2003, Windows Vista Business Edition, and Windows 7 Professional (and up) effectively. To test the real Samba capability, we use Windows XP Pro as testing environment (Windows XP Home doesn't include Active Directory functionality and won't work).

To allow Samba 4 Active Directory or Microsoft Active Directory to manage a computer, we need to join the computer into the active directory. It involves:

  1. Configuring DNS Settings
  2. Configuring Date & Time and Time Zone
  3. Joining the domain



Step 1: Configure DNS Setting for Windows

See the Configuring clients to use your AD DNS server section in the DNS Administration HowTo.



Step 2: Configure Date & Time and Time Zone

Active Directory uses Kerberos as the backend for authentication. Kerberos requires that the system clocks on the client and server be synchronized to within a few seconds of each other. If they are not synchronized, then authentication will fail for apparently no reason.


Configure the Date & Time

  1. Right-Click on the Time display in the system notification area, Select Adjust Date/Time.
  2. Change the Date and Time so the client matches the server to the minute, and click OK
    Samba4time.jpg


Configure the Time Zone

  1. Right-Click on the Time display in the system notification area, Select Adjust Date/Time.
  2. Click on the Time Zone Tab
  3. Change the Time Zone to match the Time Zone on the server.
    Samba4timezone.jpg



Step 3: Joining Windows Clients to the Domain

Now your Windows computer is ready to join the Active Directory (AD) domain,

As an Administrator:

  1. Right Click My Computer -> Properties
  2. Choose the Computer Name tab, click Change...
  3. Click option 'Domain', insert SAMDOM.EXAMPLE.COM. If this fails, try SAMDOM.
    Samba4joindomain.jpg
  4. When it requests a username and password, type Administrator as the username, and p4$$word as the password.
  5. You should get a message box stating "Welcome to the SAMDOM.EXAMPLE.COM domain."
  6. Click OK on this message box and the Properties window, and you will be instructed to restart your computer.
  7. After restarting, you should be presented with the normal logon dialog.
  8. Change the domain to SAMDOM and type Administrator as the username, and p4$$word as the password.
    Samba4logindomain.jpg