The final release of NethServer 7 was released on 02-07-2017 and this is my post for the final NethServer for adding Samba Active Directory and File Sharing.
It looks like they put a lot effort in improving Samba Active Directory between rc2 and rc3. Samba AD is more in sync with Microsoft AD/DC with showing the domain groups of the administrator and admin (NethServer Admin) and a place to actually build the domain. Next I hope is improving Backup/Restore.
You can download the rc3 by going to this site http://www.nethserver.org/getting-started-with-nethserver/
Note: The restore is not working with the File Server. I would use a virtual for NS and back up the virtual.
I will be using this information for my virtual NethServer using Linux VMware Workstation Player.
NS Server: dc1
dc1 IP Address: 192.168.2.100
Default Gateway: 192.168.2.1
Samba AD Virtual Address: 192.168.2.101
DNS Domain Name: bales.lan
NetBIOS Domain Name: BALES
Configuring NethServer rc3:
After it rebooted after installing, go to the browser and put in https://your-ip:980, and log in using the root and your chosen password. However it make take a few minutes for the NS web server to be up and running though.
It shows the Welcome page and click on Next.
The next page is setting your FQDN. Either put it in or I like me put I put it in when installing NS, and then click on Next.
The time zone. Since I put my time zone when installing NS, I click on Next.
Setting up the SSH port. It’s default to 22 and since it’s only internal test server, I click on Next.
Setting it up a smarthost. I didn’t want it, so left it un-check and click on Next.
Usage statistics. By default it’s says contribute, and click on Next without changing it.
Review changes. It does not show the configuration changes though but I think it should. I did not want go back and so I clicked on Next.
After you click on Next it shows Network, showing the server IP address. Since mine is correct I didn’t need to edit it.
I want to change my Organization name, so I clicked Organization Contacts on the left and changed to my fictional name.
Then click in Shutdown on the left and reboot the server.
After it reboots login in to your NS web page and click on Software Center on left and after a few minutes it will show the updates. Click on Updates on the top right and click on Download and Install.
When it’s done downloaded and installing the updates a Reload Page will show. Click on the Reload Page and then after reboot the server again.
Configuring Samba Active Directory:
Click again on Software Center on the left and if they are more no updates, click on Samba Active Directory and File Server and then Add at the top.
Note: You can’t uninstall Active Directory after you install it. You can sort of remove it using by clicking on Installed/Remove on the Software Center, but it’s doesn’t actually remove it. I guess NS 7 rc3 isn’t in sync with Microsoft AD/DC with uninstalling it.
After click on Add is ask you to confirm the changes. Click on Apply Changes.
After installs the Samba Active Directory and File Server it goes back to the Reload Page plus Configure Samba Active Directory. I just click on Configure instead of Reload Page. If you click on Reload Page you can either click on User and Groups or Accounts Provider to get back to Configuring it.
I put in address of 192.168.2.101, BALES as the NetBIOS domain and checked “Create a bridge interface for the green network”.
It will take several minutes to completely install it but when it’s done it will ask you to Enable Admin Users. Click on Enable.
To enable the Admin User is by putting a password in it. Notice that email@example.com and firstname.lastname@example.org are locked, and you can enable one or both of them. Admin@bales.lan is in sync with newer Microsoft AD/DC that it allows with another user to be a administrator domain user and not necessarily the ‘administrator’.
Putting a password for the email@example.com.
After clicking on Submit it goes back the Users/Groups page, showing unlocked firstname.lastname@example.org.
Just for fun create a new user by clicking on Create New. I named mine after me, jbales. Note: Even though it shows the domain groups of admin and administrator, it says nothing for each addition user even though are part of the Domain Users.
After clicking on Submit it show the unlocked email@example.com, locked firstname.lastname@example.org and unlocked email@example.com.
Creating a simple File Share:
Go to the Shared Folders on the left and click on it. It will show you an empty table with a Create New button.
Click on Create New and make a ‘docs’ shared folder with Domain Users can read and write to it.
‘docs’ shared folder after clicking on Submit.
Testing the domain user and shared folders with Windows 10 Pro:
It works for a domain user jbales and the ‘docs’ shared folder. He can read, write and delete from the ‘docs’ folder.
But he and no one else can read the netlogon and the sysvol folder at he IP address of the Samba Active Directory server, including the admin and the administrator.