Configuring a Samba domain controller
Kaspersky Security Center Cloud Console supports a Linux domain controller running only on Samba 4.
A Samba domain controller supports the same schema extensions as a Microsoft Active Directory domain controller. You can enable full compatibility of a Samba domain controller with a Microsoft Active Directory domain controller by using the Samba 4 schema extension. This is an optional action.
We recommend enabling full compatibility of a Samba domain controller with a Microsoft Active Directory domain controller. This will ensure the correct interaction between Kaspersky Security Center Cloud Console and the Samba domain controller.
To enable full compatibility of a Samba domain controller with a Microsoft Active Directory domain controller:
- Execute the following command to use the RFC2307 schema extension:
samba-tool domain provision --use-rfc2307 --interactive - Enable the schema update in a Samba domain controller. To do this, add the following line to the /etc/samba/smb.conf file:
dsdb:schema update allowed = trueIf the schema update completes with an error, you need to perform a full restore of the domain controller that acts as a schema master.
If you want to poll a Samba domain controller correctly, you have to specify the netbios name and workgroup parameters in the /etc/samba/smb.conf file.
