Joining Centos 5 to 2008 Active Directory Domain

Configure the hostname and Network Setting

Edit /etc/hosts; be sure to add an entry for your computer and the domain controller.
Edit /etc/sysconfig/network; use the FQDN.
Edit /etc/sysconfig/network-scripts/ifcfg-eth?
Edit /etc/resolv.conf
Set search to front.local
Set nameserver to cs01.front.local
Reboot then double check all of your setting.
Verify that you can ping the cs01.front.local before continuing.

Sync the system time to the domain controller

#ntpdate cs01.front.local

Keeping the system time in sync with the domain controller

Right click the time in the upper right hand corner of your screen
Then click Adjust Date & Time
Then click on the Network Time Protocol tab
Check the Enable Network Time Protocol checkbox
Delete the current NTP Servers
Add cs01.front.local
Expand Show advanced options
Check the Synchronize system clock before starting service
Click OK.
Uninstall Previous Versions of Samba

#yum -y erase samba-client samba-common

Install Software

#cd /etc/yum.repos.d/
#wget http://ftp.sernet.de/pub/samba/3.5/centos/5/sernet-samba.repo

Edit /etc/yum.repos.d/sernet-samba.repo and turn off gpgcheck

#echo gpgcheck=0 >> /etc/yum.repos.d/sernet-samba.repo

#yum -y install krb5-workstation krb5-libs libsmbclient samba3*

Configure Winbind/Kerberos/SMB

Click System>Administration>Authentication

Check then configure Winbind under the User Information tab and Kerberos, SMB, and
Winbind under Authentication; then click OK
Edit /etc/samba/smb.conf

ADD: winbind enum users = yes

ADD: winbind enum groups = yes
ADD: encrypt passwords = yes
ADD: template homedir = /home/%D/%U
ADD: server string = {client's FQDN name}
CHANGE: winbind use default domain = true

Edit /etc/krb5.conf

REMOVE: any reference to example.com

Generate Kerberos Ticket for Administrator

#kinit administrator
#klist

Join the Domain

#net ads join -U administrator

Start Services

#service smb start

#service winbind start

Test Setup

#wbinfo -u
#getent passwd

Make Services Persistent After Reboot

#chkconfig smb on
#chkconfig winbind on

Create Active Directory Users' Home Directories Manually {Option 1}

mkdir -p {path to directory}/{username}

chmod 700 {path to directory}/{username} {username}

chown {username}."Domain Admins" {username}

-or if you want windows acls-

setfacl -b {username}
setfacl -m u:{username}:rwx {username}

Create Active Directory Users' Home Directories Automatically {Option 2}

 Edit /etc/pam.d/system-auth and add
session required pam_mkhomedir.so skel=/etc/skel/ umask=0022

Make a directory for the domain users' home directories

#mkdir /home/FRONT

Restart Services and Test

#service smb restart

#service winbind restart
#su - {username}

Create Shares in /etc/samba/smb.conf

[{shared name}]
path = /{path to directory}
admin users = {domain}\{username}, {username}{,...}
writeable = 2770 {SetGroupID, User rwx, Group rwx, Other none}
directory mask = 2770
force create mode = 2770
force directory mode = 2770
inherit acls = yes

CHANGE: interfaces = 127.0.0.1 eth0 {remove eth0 and add your network interface if
need}

Reboot your machine