|
Size: 980
Comment: formatting
|
Size: 2014
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 7: | Line 7: |
| The Active Directory domain at UCC is `ad.ucc.gu.uwa.edu.au`. | The Active Directory domain at UCC will be `ad.ucc.gu.uwa.edu.au`. |
| Line 9: | Line 9: |
| The Active Directory test domain at UCC is `adtest.ucc.gu.uwa.edu.au`. | The Active Directory test domain at UCC is `adtest.ucc.gu.uwa.edu.au`. The primary server for the test domain is `samson.ucc.gu.uwa.edu.au`. |
| Line 11: | Line 11: |
| The primary DNS server for the domain is `molmol.ucc.gu.uwa.edu.au`. | `ad{,test}.ucc.gu.uwa.edu.au` is delegated using separate zones in Mooneye's `/etc/bind/named.conf.local` |
| Line 13: | Line 13: |
| The primary DNS server for the test domain is `mulmul.ucc.gu.uwa.edu.au`. | Samson's test domain is set up by: * `apt-get install samba winbind chrony` * Disable the systemd units for the non-DC setup & default configuration: {{{ systemctl stop smbd systemctl stop nmbd systemctl stop winbind systemctl disable smbd systemctl disable nmbd systemctl disable winbind rm /etc/samba/smb.conf }}} * `scp root@molmol:/usr/local/etc/smb4.conf /opt/smb.conf.pdc` * `scp root@molmol:/var/db/samba4/\*.tdb /opt/samba-db/` * `scp root@molmol:/var/db/samba4/private/\*.tdb /opt/samba-db/` * Change "UCCDOMAIN" to "UCCDOMAYNE" and Mussel's hostname to an IP address in `/opt/smb.conf.pdc` * Comment out the ZFS-specific entries in `/opt/smb.conf.pdc`. * `samba-tool domain classicupgrade --use-xattrs=yes --realm adtest.ucc.gu.uwa.edu.au --dbdir=/opt/samba-db --dns-backend=SAMBA_INTERNAL --verbose /opt/smb.conf.pdc` |
| Line 15: | Line 32: |
| `ad{,test}.ucc.gu.uwa.edu.au` is delegated in the Zonemake config in Mooneye's `/etc/bind/domains/primary/ucc.machines` | === Windows systems === Just join them to the domain. Doesn't look like you need to create a machine account before joining? === Linux systems === Probably Winbind? |
| Line 20: | Line 43: |
dispense no longer has to back onto LDAP, so once Merlo is converted then things should just work |
|
| Line 33: | Line 58: |
| * Dispense |
This page is for describing the migration and current setup of the Active Directory domain at UCC.
The primary DNS server for domain is molmol.ucc.gu.uwa.edu.au.
Upgrade/Setup Process
The Active Directory domain at UCC will be ad.ucc.gu.uwa.edu.au.
The Active Directory test domain at UCC is adtest.ucc.gu.uwa.edu.au. The primary server for the test domain is samson.ucc.gu.uwa.edu.au.
ad{,test}.ucc.gu.uwa.edu.au is delegated using separate zones in Mooneye's /etc/bind/named.conf.local
Samson's test domain is set up by:
apt-get install samba winbind chrony
Disable the systemd units for the non-DC setup & default configuration:
systemctl stop smbd systemctl stop nmbd systemctl stop winbind systemctl disable smbd systemctl disable nmbd systemctl disable winbind rm /etc/samba/smb.conf
scp root@molmol:/usr/local/etc/smb4.conf /opt/smb.conf.pdc
scp root@molmol:/var/db/samba4/\*.tdb /opt/samba-db/
scp root@molmol:/var/db/samba4/private/\*.tdb /opt/samba-db/
Change "UCCDOMAIN" to "UCCDOMAYNE" and Mussel's hostname to an IP address in /opt/smb.conf.pdc
Comment out the ZFS-specific entries in /opt/smb.conf.pdc.
samba-tool domain classicupgrade --use-xattrs=yes --realm adtest.ucc.gu.uwa.edu.au --dbdir=/opt/samba-db --dns-backend=SAMBA_INTERNAL --verbose /opt/smb.conf.pdc
Windows systems
Just join them to the domain. Doesn't look like you need to create a machine account before joining?
Linux systems
Probably Winbind?
Converted systems
Nothing yet!
dispense no longer has to back onto LDAP, so once Merlo is converted then things should just work
Unconverted systems
- Windows desktops
- Linux desktops
- Windows server (Maaxen)
- Linux servers
- Mussel
- Motsugo
- Other machines
- FreeBSD servers
- Molmol
- Musdea
- Solaris machines
- Webmail
RADIUS (VPN & wireless)
- Mac machines
- Adduser scripts
- Proxmox
