samba-tool
samba-tool is a comprehensive command-line utility that allows administrators to manage and configure various aspects of Samba. It is particularly useful for tasks related to Active Directory (AD) management, domain controllers, and other advanced configurations.
General Usage
samba-tool [command] [subcommand] [options]samba-tool encompasses a wide range of commands and subcommands for different purposes. Below are some of the most commonly used categories and examples.
Active Directory (AD) Management
Creating a Domain
samba-tool domain provision --use-rfc2307 --interactiveThis command guides you through the process of creating a new Samba AD domain controller interactively.
Joining a Domain
samba-tool domain join example.com DC -U"EXAMPLE\administrator"This command joins an existing domain as an additional domain controller.
Managing Users
Creating a User
samba-tool user create username password --given-name=John --surname=DoeThis command creates a new AD user with the specified attributes.
Deleting a User
samba-tool user delete usernameThis command deletes an AD user.
Changing a User's Password
samba-tool user setpassword usernameThis command prompts to set a new password for the specified user.
Managing Groups
Creating a Group
samba-tool group add groupnameThis command creates a new AD group.
Adding a User to a Group
samba-tool group addmembers groupname usernameThis command adds a user to a specified group.
Removing a User from a Group
samba-tool group removemembers groupname usernameThis command removes a user from a specified group.
Domain and DNS Management
Listing Domain Controllers
samba-tool domain listdcsThis command lists all domain controllers in the domain.
Managing DNS Records
Adding a DNS Record
samba-tool dns add [dns-server-ip] [zone] [name] [A|AAAA|CNAME|etc.] [ip-address]Example:
samba-tool dns add 192.168.1.1 example.com www A 192.168.1.100Deleting a DNS Record
samba-tool dns delete [dns-server-ip] [zone] [name] [A|AAAA|CNAME|etc.] [ip-address]Example:
samba-tool dns delete 192.168.1.1 example.com www A 192.168.1.100
Forcing a Replication
samba-tool drs replicate <srcDC> <dstDC> [options]Example:
samba-tool drs replicate DC1 DC2 --full-sync
Schema Management
Extending the Schema
samba-tool schema upgradeThis command upgrades the AD schema to match the schema of a given Windows AD.
Checking Schema
samba-tool dbcheck --cross-ncs --fixThis command performs various consistency checks on the AD database.
Troubleshooting and Maintenance
Checking the Database
samba-tool dbcheckThis command checks the AD database for consistency issues.
Resetting the SYSVOL ACLs
samba-tool ntacl sysvolresetThis command resets the Access Control Lists (ACLs) on the SYSVOL share.
Inspecting Logs
samba-tool logs <command> [options]Example:
samba-tool logs level 3This command sets the log level for Samba components to aid in troubleshooting.
Example Usage Scenarios
Provisioning a New Domain
samba-tool domain provision --use-rfc2307 --interactiveCreating a New User
samba-tool user create jane.doe StrongPassword123 --given-name=Jane --surname=DoeAdding a DNS Record
samba-tool dns add 192.168.1.1 example.com mail A 192.168.1.200Forcing Replication Between Domain Controllers
samba-tool drs replicate DC1 DC2 --full-syncResetting SYSVOL ACLs
samba-tool ntacl sysvolreset
Conclusion
samba-tool is a versatile and powerful command-line utility that simplifies the management and administration of Samba, particularly in an Active Directory environment. Whether provisioning domains, managing users and groups, configuring DNS, or troubleshooting, samba-tool provides a comprehensive set of commands to effectively manage Samba servers. Understanding and utilizing these commands can greatly enhance an administrator’s ability to maintain and optimize a Samba-based network infrastructure.
Last updated