Setup
1 Konfigurasi IP Address menggunakan Netplan.
$ nano /etc/netplan/50-cloud-init.yaml
------------------------------------------------------------------
network:
version: 2
renderer: networkd
ethernets:
enp0s3:
addresses: []
dhcp4: true
enp0s8:
dhcp4: no
dhcp6: no
addresses:
- 192.168.1.1/24
nameservers:
search: [ubuntu.local]
addresses: [192.168.1.1, 8.8.8.8]
------------------------------------------------------------------2. Konfigurasi hostname.
$ nano /etc/hosts
------------------------------------------------------------------
192.168.1.1 server.ubuntu.local server
------------------------------------------------------------------
$ hostname
$ hostname -f3. Hapus cloud-init.
$ apt remove cloud-init4. Stop servis systemd-resolved.
$ systemctl disable systemd-resolved
$ systemctl stop systemd-resolved5. Konfigurasi DNS.
$ nano /etc/resolv.conf
------------------------------------------------------------------
search ubuntu.local
nameserver 192.168.1.1
nameserver 8.8.8.8
------------------------------------------------------------------6. Update & Upgrade.
$ apt update && apt upgrade7. Install paket software yang dibutuhkan.
# acl
# attr
# autoconf
# bind9utils
# bison
# build-essential
# debhelper
# dnsutils
# docbook-xml
# dockbook-xsl
# flex
# gdb
# libjansson-dev
# krb5-user
# libacl1-dev
# libaio-dev
# libarchive-dev
# libattr1-dev
# libblkid-dev
# libbsd-dev
# libcap-dev
# libcups2-dev
# libgnutls28-dev
# libgpgme-dev
# libjson-perl
# libldap2-dev
# libncurses5-dev
# libpam0g-dev
# libparse-yapp-perl
# libpopt-dev
# libreadline-dev
# nettle-dev
# perl
# perl-modules
# pkg-config
# python-all-dev
# python-crypto
# python-dbg
# python-dev
# python-dnspython
# python3-dnspython
# python-markdown
# python3-markdown
# python3-dev
# xsltproc
# zlib1g-dev
# liblmdb-dev
# lmdb-utils
# bind9
# ntp8. Download & Compile Samba4.
$ cd /opt/
$ wget -c https://download.samba.org/pub/samba/samba-latest.tar.gz
$ tar -xzvf samba-latest.tar.gz
$ cd samba-*/
$ ./configure.developer
$ make
$ make install9. Provision.
$ /usr/local/samba/bin/samba-tool domain provision --use-rfc2307 --interactive
------------------------------------------------------------------
Realm: UBUNTU.LOCAL
Domain: UBUNTU
Server Role: dc
DNS Backend: BIND9_DLZ
------------------------------------------------------------------10. Verifikasi Samba yang sudah terinstall.
$ /usr/local/samba/sbin/samba --version
$ /usr/local/samba/sbin/samba
$ ps aux | grep samba
// Untuk stop Samba
$ pkill samba11. Membuat Samba bisa running secara otomatis.
$ nano /etc/init.d/samba4
------------------------------------------------------------------
#! /bin/bash -e
### BEGIN INIT INFO
# Provides: samba
# Required-Start:
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Samba
# Description: Samba Domain controller
# scheduler
### END INIT INFO
#
#
#
set -e
PATH=/bin:/usr/bin:/sbin:/usr/sbin
DAEMON=/usr/local/samba/sbin/samba
test -x $DAEMON || exit 0
case "$1" in
start)
echo -ne "Starting Samba" "samba \n"
$DAEMON -D
;;
stop)
echo -ne "Stopping Samba" "samba \n"
PIDSMB=`ps -e | grep samba | awk '{ print $1 }'`
killall samba
;;
restart)
$0 stop
echo -ne "Sleeping 5 Seconds Before Start: \n"
sleep 5
$0 start
;;
*)
echo "Usage: /etc/init.d/samba {start|stop|restart)"
exit 1
;;
esac
exit 0
------------------------------------------------------------------
$ chmod +x /etc/init.d/samba4
$ update-rc.d samba4 defaults 98 02
$ /etc/init.d/samba4 start12. Tes Samba menggunakan smbclient.
$ smbclient -L localhost -U%
$ smbclient -L localhost -UAdministrator%Admin12313. Konfigurasi DNS Server dinamis.
$ nano /etc/bind/named.conf
------------------------------------------------------------------
include "/usr/local/samba/bind-dns/named.conf";
------------------------------------------------------------------14. Nonaktifkan AppArmor agar tidak crash dengan Samba4.
$ systemctl disable apparmor
$ systemctl stop apparmor
$ ln -s /etc/apparmor.d/usr.sbin.named /etc/apparmor.d/disable/
$ apparmor_parser -R /etc/apparmor.d/usr.sbin.named15. Periksa versi bind9. Pastikan versinya di atas 9.8.x. Pastikan juga versinya sama dengan yang ada di file named.conf.
$ dpkg -l bind9
$ named -v
$ cat /usr/local/samba/bind-dns/named.conf
------------------------------------------------------------------
database "dlopen /usr/local/samba/lib/bind9/dlz_bind9_11.so";
------------------------------------------------------------------16. Restart DNS Server.
$ systemctl restart bind9
$ systemctl status bind9
$ systemctl enable bind917. Pastikan DNS Server terkonfigurasi dengan baik.
$ host -t SRV _ldap._tcp.ubuntu.local
$ host -t SRV _kerberos._tcp.ubuntu.local
$ host -t A ubuntu.local18. Ganti file konfigurasi Kerberos.
$ mv /etc/krb5.conf /etc/krb5.conf.backup
$ cp /usr/local/samba/private/krb5.conf /etc/19. Tes Kerberos.
$ kinit administrator
$ klist -e20. Konfigurasi update pada DNS dinamis. Tambahkan baris di atas ‘directory …’.
$ nano /etc/bind/named.conf.options
------------------------------------------------------------------
tkey-gssapi-keytab "/usr/local/samba/bind-dns/dns.keytab";
------------------------------------------------------------------21. Restart bind9.
$ systemctl restart bind9
$ /usr/local/samba/sbin/samba_dnsupdate --verbose22. Konfigurasi NTP.
$ nano /etc/ntp.conf
------------------------------------------------------------------
pool 0.id.ntp.org iburst
pool 1.id.ntp.org iburst
pool 2.id.ntp.org iburst
pool 3.id.ntp.org iburst
------------------------------------------------------------------23. Restart & jalankan NTP.
$ systemctl restart ntp
$ systemctl enable ntp
$ systemctl status ntp
$ ntpq -p
//if there's asterisk (*), ntp can be used by client.Setup on Windows
1 Setup IP Address & DNS. Pastikan primary DNS Server menggunakan IP milik domain controller.
2. Atur waktu agar sinkron dengan server. Gunakan update waktu dari server.ubutu.local.
3. Lakukan join domain. Gunakan akun administrator.