{"id":6798,"date":"2025-08-01T19:35:25","date_gmt":"2025-08-01T10:35:25","guid":{"rendered":"https:\/\/appbay.org\/?p=6798"},"modified":"2025-09-10T22:13:41","modified_gmt":"2025-09-10T13:13:41","slug":"vpsdocker-samba-dc","status":"publish","type":"post","link":"https:\/\/appbay.org\/?p=6798","title":{"rendered":"XserverVPS+Ubuntu+Docker Samba-DC"},"content":{"rendered":"<blockquote class=\"wp-embedded-content\" data-secret=\"oMG0jCvqyx\"><p><a href=\"https:\/\/appbay.org\/?p=6766\">VPS\u3067\u7a3c\u50cd\u3057\u3066\u3044\u308b\u30b5\u30fc\u30d3\u30b9\u6574\u7406(XserverVPS)<\/a><\/p><\/blockquote>\n<p><iframe loading=\"lazy\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; visibility: hidden;\" title=\"&#8220;VPS\u3067\u7a3c\u50cd\u3057\u3066\u3044\u308b\u30b5\u30fc\u30d3\u30b9\u6574\u7406(XserverVPS)&#8221; &#8212; \u30c6\u30c3\u30af\u30e1\u30e2\" src=\"https:\/\/appbay.org\/?p=6766&#038;embed=true#?secret=39Ura8iqDV#?secret=oMG0jCvqyx\" data-secret=\"oMG0jCvqyx\" width=\"525\" height=\"296\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<h2>Samba DC<\/h2>\n<p>\u4eca\u56de\u306f\u691c\u8a3c\u76ee\u7684\u3067\u3001\u901a\u5e38\u306fVPS\u3067\u76f4\u63a5Docker\u3092\u516c\u958b\u3059\u308b\u3088\u3046\u306a\u904b\u7528\u306fNG\u3067\uff64VM\u3092\u7d4c\u7531\u3059\u308b\uff61<\/p>\n<p>\u25cf\u25cf\u25cf=\u5229\u7528\u74b0\u5883\u306e\u30b0\u30ed\u30fc\u30d0\u30ebIP\u30a2\u30c9\u30ec\u30b9<\/p>\n<p>\u30fbufw<\/p>\n<p>ufw allow from \u25cf\u25cf\u25cf to any port 9922,3306,53,88,135,139,389,445,464,636,3268,3269,49152:49252 proto tcp<br \/>\nufw allow from \u25cf\u25cf\u25cf to any port 53,88,123,137:138,389,464 proto udp<\/p>\n<p>\u30fb\u30d5\u30a9\u30eb\u30c0\u4f5c\u6210<\/p>\n<p>cd \/home<br \/>\nmkdir samba<br \/>\ncd samba<br \/>\nmkdir data<br \/>\nmkdir config<\/p>\n<p>chmod 700 data<br \/>\nchmod 700 config<\/p>\n<h2>Docker<\/h2>\n<p>vim docker-compose.yml<\/p>\n<pre class=\"lang:default decode:true\">services:\r\n  samba:\r\n    image: nowsci\/samba-domain:latest\r\n    privileged: true\r\n    container_name: samba-dc\r\n    dns:\r\n      - 172.19.0.2\r\n    dns_search:\r\n      - sk-tech.local\r\n    environment:\r\n      - DOMAIN=xxx.local\r\n      - DOMAINPASS=xxx\r\n      - DNSFORWARDER=8.8.8.8\r\n      - HOSTIP=xxx\r\n      - TZ=Asia\/Tokyo\r\n    volumes:\r\n      - \/home\/samba\/data:\/var\/lib\/samba\r\n      - \/home\/samba\/config:\/etc\/samba\/external\r\n    ports:\r\n      - \"53:53\"\r\n      - \"53:53\/udp\"\r\n      - \"88:88\"\r\n      - \"88:88\/udp\"\r\n      - \"123:123\/udp\"\r\n      - \"135:135\"\r\n      - \"137-138:137-138\/udp\"\r\n      - \"139:139\"\r\n      - \"389:389\"\r\n      - \"389:389\/udp\"\r\n      - \"445:445\"\r\n      - \"464:464\"\r\n      - \"464:464\/udp\"\r\n      - \"636:636\"\r\n      - \"3268-3269:3268-3269\"\r\n      - \"49152-49252:49152-49252\"\r\n    hostname: samba-dc\r\n    restart: always\r\n    cap_add:\r\n      - NET_ADMIN\r\n      - SYS_TIME\r\n    networks:\r\n      mynet:\r\n        ipv4_address: 172.19.0.2\r\n\r\nnetworks:\r\n  mynet:\r\n    driver: bridge\r\n    ipam:\r\n      config:\r\n        - subnet: 172.19.0.0\/16<\/pre>\n<p>\u30fb\u3082\u3057\u518d\u5b9f\u884c\u3067\u65e2\u306b\u30b3\u30f3\u30c6\u30ca\u304c\u3042\u308b\u3088\u3046\u3060\u3063\u305f\u3089<\/p>\n<p>docker ps -a<br \/>\ndocker compose down<br \/>\n\u203b\u30ab\u30ec\u30f3\u30c8\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306bdocker-compose.yml\u304c\u3042\u308b\u72b6\u614b\u3067\u5b9f\u884c<\/p>\n<p>\u30fb\u901a\u5e38\u7d42\u4e86\u3057\u306a\u3044\u5834\u5408<br \/>\ndocker ps -a<br \/>\ndocker rm -f \u30b3\u30f3\u30c6\u30caID<\/p>\n<p>\u30fb\u30d0\u30a4\u30f3\u30c9\u30dc\u30ea\u30e5\u30fc\u30e0\u524a\u9664<br \/>\nrm -rf .\/data\/* &amp;&amp; rm -rf .\/config\/*<\/p>\n<p>\u203b\u518d\u8d77\u52d5\u306e\u5834\u5408<br \/>\n<span class=\"token token\">docker<\/span> restart samba-dc<\/p>\n<p>\u203b\u4e00\u6642\u505c\u6b62\u306e\u5834\u5408<br \/>\ndocker pause samba-dc<br \/>\ndocker unpause samba-dc<\/p>\n<p>\u30fb\u8d77\u52d5<\/p>\n<p>docker compose up -d<br \/>\n\u203b\u30ab\u30ec\u30f3\u30c8\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306bdocker-compose.yml\u304c\u3042\u308b\u72b6\u614b\u3067\u5b9f\u884c<br \/>\n\u203bd\u306f\u30d0\u30c3\u30af\u30b0\u30e9\u30f3\u30c9\u5b9f\u884c<\/p>\n<p>\u30fb\u505c\u6b62<br \/>\n\u203b\u3082\u3057\u81ea\u52d5\u3067\u518d\u8d77\u52d5\u3092\u7e70\u308a\u8fd4\u3057\u3066\u3044\u308b\u5834\u5408\u6b62\u3081\u308b<br \/>\ndocker stop samba-dc<\/p>\n<p>\u30fb\u521d\u56de\u306e\u307f\u30a8\u30e9\u30fc<\/p>\n<p>53\u30dd\u30fc\u30c8\u304c\u4f7f\u7528\u4e2d\u3068\u306e\u3053\u3068\u3067\u30a8\u30e9\u30fc\u3002<\/p>\n<p>lsof -i :53<\/p>\n<p>vim \/etc\/systemd\/resolved.conf<br \/>\nDNSStubListener<br \/>\n&gt;no<br \/>\n\u306b\u5909\u66f4\u3059\u308b\u3002<br \/>\nsystemctl restart systemd-resolved<\/p>\n<h2>SambaRPC\u30dd\u30fc\u30c8\u5909\u66f4<\/h2>\n<p>\u203b\u76f4\u63a5\u5909\u66f4\u3059\u308b\u65b9\u6cd5<br \/>\ndocker exec -it samba-dc vi \/etc\/samba\/smb.conf<\/p>\n<p>rpc server dynamic port range = 49152-49172<br \/>\n\u3092<br \/>\nrpc server dynamic port range = 49152-49252<br \/>\n\u306b\u5909\u66f4\u3002<\/p>\n<p>docker exec -it samba-dc supervisorctl restart samba<\/p>\n<p>\u203b\u30dd\u30fc\u30c8\u304c\u591a\u3059\u304e\u308b\u30b3\u30f3\u30c6\u30ca\u751f\u6210\u3067\u5931\u6557\u3059\u308b\u3002(\u30bf\u30a4\u30e0\u30a2\u30a6\u30c8\u3057\u3066\u3057\u307e\u3046)<br \/>\n\u30dd\u30fc\u30c8\u304c\u5c11\u306a\u3059\u304e\u308b\u3068AD\u306e\u540c\u671f\u3067\u554f\u984c\u304c\u767a\u751f\u3059\u308b\u3002<\/p>\n<h2>\u30a8\u30e9\u30fc\u78ba\u8a8d<\/h2>\n<p>journalctl -u docker<br \/>\ndocker logs -f samba-dc<br \/>\ndocker exec -it samba-dc tail -f \/var\/log\/samba\/log.smbd<br \/>\ndocker exec -it samba-dc tail -f \/var\/log\/ntp<\/p>\n<h2>NTP\u5909\u66f4<\/h2>\n<p>docker logs samba-dc | grep ntp<br \/>\n\u3067ntp\u7cfb\u306e\u30a8\u30e9\u30fc\u78ba\u8a8d<\/p>\n<p>\u30fbntp\u30b5\u30fc\u30d0\u30fc\u78ba\u8a8d<br \/>\ndocker exec -it samba-dc ntpq -p<br \/>\n\u73fe\u5728\u306entp\u30b5\u30fc\u30d0\u30fc(*)\u3092\u78ba\u8a8d\u3057ping<br \/>\ndocker exec -it samba-dc sntp xxx.xxx.xxx.xxx<\/p>\n<p>\/etc\/ntp.conf or \/etc\/ntpd.conf<br \/>\n\u4f7f\u7528\u3055\u308c\u3066\u3044\u308b\u65b9\u306e\u8abf\u3079\u65b9(ps aux | grep ntpd)<br \/>\n\u3092\u7de8\u96c6\u3059\u308b\u3002<\/p>\n<p>docker exec -it samba-dc vi \/etc\/ntpd.conf<\/p>\n<p>server ntp.nict.jp iburst prefer<br \/>\n\u3092\u8ffd\u52a0\u3057\u3001<br \/>\nntpsigndsocket \/usr\/local\/samba\/var\/lib\/ntp_signd\/<br \/>\n\u3092<br \/>\nntpsigndsocket \/var\/lib\/samba\/ntp_signd\/<br \/>\n\u306b\u5909\u66f4\u3059\u308b<\/p>\n<p>docker exec -it samba-dc supervisorctl restart ntpd<\/p>\n<p>\u30fbntp.drift\u4f5c\u6210<\/p>\n<p>docker exec -it samba-dc mkdir -p \/var\/lib\/ntp<br \/>\ndocker exec -it samba-dc touch \/var\/lib\/ntp\/ntp.drift<br \/>\ndocker exec -it samba-dc chown ntp:ntp \/var\/lib\/ntp<br \/>\ndocker exec -it samba-dc chown ntp:ntp \/var\/lib\/ntp\/ntp.drift<br \/>\ndocker exec -it samba-dc chmod 755 \/var\/lib\/ntp<br \/>\ndocker exec -it samba-dc chmod 664 \/var\/lib\/ntp\/ntp.drift<\/p>\n<p>docker exec -it samba-dc supervisorctl restart ntpd<\/p>\n<p>\u30fb\u4e00\u5fdc\u78ba\u8a8d<\/p>\n<p>\u30a2\u30af\u30bb\u30b9\u6a29\u9650<br \/>\ncd \/var\/lib\/ &amp;&amp; ls -la<br \/>\nchown ntp:ntp \/var\/lib\/ntp<br \/>\nchmod 755 \/var\/lib\/ntp<br \/>\n\u306b\u306a\u3063\u3066\u3044\u308c\u3070OK\u3002<\/p>\n<p>ntp\u30e6\u30fc\u30b6\u304c\u3044\u308b\u304b\u3069\u3046\u304b<br \/>\nid ntp<\/p>\n<p>\uff65usershares\u30d5\u30a9\u30eb\u30c0\u4f5c\u6210<br \/>\ndocker exec -it samba-dc mkdir -p \/var\/lib\/samba\/usershares<\/p>\n<h2>SambaTool(DNS\u9006\u5f15\u304d)<\/h2>\n<p>VPS\u30a2\u30c9\u30ec\u30b9[AAA.BBB.CCC.DDD]<br \/>\n\u304b\u3089<br \/>\nsamba-dc.xxx.local<br \/>\n\u3092\u53d6\u5f97\u3059\u308b\u65b9\u6cd5<\/p>\n<p>docker exec -it samba-dc samba-tool dns zonecreate localhost CCC.BBB.AAA.in-addr.arpa &#8211;username=administrator &#8211;password=xxx<\/p>\n<p>docker exec -it samba-dc samba-tool dns add localhost CCC.BBB.AAA.in-addr.arpa DDD PTR samba-dc.xxx.local &#8211;username=administrator &#8211;password=xxx<\/p>\n<p>docker exec -it samba-dc supervisorctl restart samba<\/p>\n<h2>Window\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u8a2d\u5b9a<\/h2>\n<p>Win11\u3067NAS\u306b\u30a2\u30af\u30bb\u30b9\u3067\u304d\u306a\u304f\u306a\u308b\u5bfe\u7b56\u3068\u540c\u3058\u8a2d\u5b9a\uff61<br \/>\n(\u5b89\u5168\u3067\u306a\u3044\u30b2\u30b9\u30c8 \u30ed\u30b0\u30aa\u30f3\u7b49)<\/p>\n<p>ncpa.cpl<br \/>\n\u5229\u7528\u3057\u3066\u3044\u308bNIC\u306eDNS\u3092VPS\u306eIP\u30a2\u30c9\u30ec\u30b9\u306b\u3059\u308b\u3002<\/p>\n<p>sysdm.cpl<br \/>\n\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf\u540d\u30bf\u30d6\uff1e\u5909\u66f4<br \/>\n\u30c9\u30e1\u30a4\u30f3\u3092\u9078\u629e\u3057\u30c9\u30e1\u30a4\u30f3\u540d\u3092\u5165\u529b\u3059\u308b\u3002<\/p>\n<p>\u30e6\u30fc\u30b6\u30fc\u306fadministrator<br \/>\n\u30d1\u30b9\u30ef\u30fc\u30c9\u306fdocker-compose<br \/>\n\u3067\u6307\u5b9a\u3057\u305f\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u5165\u529b\u3059\u308b\u3002<\/p>\n<p>\u518d\u8d77\u52d5\u3057\u305f\u3089\u30ed\u30b0\u30a4\u30f3\u753b\u9762\u3067<br \/>\n\u30c9\u30e1\u30a4\u30f3\u540d\\administrator<br \/>\n\u306e\u3088\u3046\u306b\u5165\u529b\u3057\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u308b\u3002\u521d\u56de\u30ed\u30b0\u30a4\u30f3\u6642\u306f\u304b\u306a\u308a\u6642\u9593\u304c\u304b\u304b\u308b\u3002<\/p>\n<p>\u203b\u30a2\u30ab\u30a6\u30f3\u30c8\u3082AD\u306b\u53c2\u52a0\u3057\u306a\u3044\u3068\u4ee5\u4e0b\u30b3\u30de\u30f3\u30c9\u306f\u4f7f\u3048\u306a\u3044\u304c\u3001\u3053\u306e\u30bf\u30a4\u30df\u30f3\u30b0\u3067\u30ed\u30fc\u30ab\u30eborMS\u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u5165\u529b\u3057\u3066\u3001\u7aef\u672b\u3060\u3051AD\u53c2\u52a0\u3068\u3044\u3046\u72b6\u614b\u3082\u53ef\u80fd\u3002<\/p>\n<p>\u30fbWindows RSAT \u6709\u52b9\u5316(\u30e6\u30fc\u30b6\u30fc\u53c2\u52a0\u5fc5\u9808)<\/p>\n<p>\u30b7\u30b9\u30c6\u30e0\uff1e\u30aa\u30d7\u30b7\u30e7\u30f3\u6a5f\u80fd\uff1e\u6a5f\u80fd\u8868\u793a\uff1e\u4f7f\u7528\u53ef\u80fd\u306a\u6a5f\u80fd\u3092\u8868\u793a\u3059\u308b<br \/>\nRSAT: ActiveDirectoryDomainServices \u304a\u3088\u3073\u30e9\u30a4\u30c8\u30a6\u30a7\u30a4\u30c8\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u30b5\u30fc\u30d3\u30b9\u30c4\u30fc\u30eb<br \/>\n\u3092\u30c1\u30a7\u30c3\u30af\u3057\u8ffd\u52a0\u3059\u308b\u3068\u3001<br \/>\nActive Directory \u30b5\u30a4\u30c8\u3068\u30b5\u30fc\u30d3\u30b9<br \/>\nActive Directory \u30c9\u30e1\u30a4\u30f3\u3068\u4fe1\u983c\u95a2\u4fc2<br \/>\nActive Directory \u30e6\u30fc\u30b6\u30fc\u3068\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf<br \/>\nActive Directory \u7ba1\u7406\u30bb\u30f3\u30bf\u30fc(Samba-DC\u3067\u306f\u5229\u7528\u4e0d\u53ef)<br \/>\n\u304c\u6709\u52b9\u5316\u3055\u308c\u308b\u3002<\/p>\n<p>RSAT: \u30b0\u30eb\u30fc\u30d7\u30dd\u30ea\u30b7\u30fc\u7ba1\u7406\u30c4\u30fc\u30eb<br \/>\n\u3092\u30c1\u30a7\u30c3\u30af\u3057\u8ffd\u52a0\u3059\u308b\u3068\u3001<br \/>\ngpmc.msc<br \/>\n\u304c\u6709\u52b9\u5316\u3055\u308c\u308b\u3002<\/p>\n<p>\u30fbDNS\u304c\u554f\u984c\u306a\u3044\u304b\u78ba\u8a8d\u3059\u308b\u3002<\/p>\n<p>nslookup \u30c9\u30e1\u30a4\u30f3<br \/>\n\u3053\u308c\u3067VPS\u306eIP\u30a2\u30c9\u30ec\u30b9\u304c\u8fd4\u3063\u3066\u304f\u308c\u3070OK\u3002<\/p>\n<p>nslookup VPS\u306eIP\u30a2\u30c9\u30ec\u30b9<br \/>\n\u3053\u308c\u3067\u30c9\u30e1\u30a4\u30f3\u540d\u304c\u8fd4\u3063\u3066\u304f\u308c\u3070OK\u3002<\/p>\n<p>\u30fb\u63a5\u7d9a\u72b6\u6cc1(\u4fe1\u983c\u95a2\u4fc2)\u78ba\u8a8d\u203b\u7ba1\u7406\u8005<\/p>\n<p>nltest \/sc_verify:\u30c9\u30e1\u30a4\u30f3\u540d<br \/>\nnltest \/dsgetdc:\u30c9\u30e1\u30a4\u30f3\u540d<\/p>\n<p>\u30fb\u6642\u523b\u95a2\u4fc2\u203b\u7ba1\u7406\u8005<\/p>\n<p>w32tm \/config \/syncfromflags:domhier \/update<br \/>\n\u203bDC\u304b\u3089\u53d6\u5f97\u306b\u5909\u66f4<\/p>\n<p>w32tm \/query \/status<br \/>\n\u30bd\u30fc\u30b9\u3092\u78ba\u8a8d<\/p>\n<p>w32tm \/resync<br \/>\n\u540c\u671f\u5b9f\u884c<\/p>\n<p>\u30fbgpupdate\uff65<\/p>\n<p>\u203b\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf\u306e\u307f\u66f4\u65b0\u5834\u5408<br \/>\ngpupdate \/target:computer \/force<\/p>\n<p>\u30a8\u30e9\u30fc\u304c\u767a\u751f\u3057\u305f\u5834\u5408<br \/>\neventvwr&gt;\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3068\u30b5\u30fc\u30d3\u30b9\u30ed\u30b0&gt;Microsoft&gt;Windows&gt;GroupPolicy<br \/>\n\u3067\u78ba\u8a8d\u3059\u308b\u3002<\/p>\n<p>\uff65\\\\xxx.local\\sysvol\u30a2\u30af\u30bb\u30b9\u6642\uff64\u3053\u306e\u30d5\u30a1\u30a4\u30eb\u306f\u4ed6\u306e\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf\u304b\u3089\u53d6\u5f97\u3057\u305f\u3082\u306e\u3067\u3059\u3002\u3068\u3064\u3044\u3066\u3057\u307e\u3046\u5834\u5408\uff61<\/p>\n<p>Win+R&gt;inetcpl.cpl&gt;\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3&gt;\u4fe1\u983c\u6e08\u307f\u30b5\u30a4\u30c8<br \/>\n\u306b<br \/>\n\\\\xxx.local<br \/>\n\u3092\u767b\u9332\u3059\u308b\u3002<\/p>\n<p>\uff65\u30c9\u30e1\u30a4\u30f3\u30b3\u30f3\u30c8\u30ed\u30fc\u30e9\u30fc\u3078\u306e\u30dd\u30fc\u30c8\u30c6\u30b9\u30c8<br \/>\nTest-NetConnection &#8220;xxx.local&#8221; -Port 389<\/p>\n<p>\uff65\u63a5\u7d9a\u30c6\u30b9\u30c8(\u30e6\u30fc\u30b6\u30c0\u30a4\u30a2\u30ed\u30b0\u8868\u793a\u3055\u305b\u308b)<\/p>\n<p>Test-ComputerSecureChannel -Repair -Verbose -Credential (Get-Credential)<br \/>\n\u203b\u30c9\u30e1\u30a4\u30f3\\\u30e6\u30fc\u30b6\u30fc\u540d\u3067\u5165\u529b\u3059\u308b<\/p>\n<p>\uff65\u7aef\u672b\u30d1\u30b9\u30ef\u30fc\u30c9\u306e\u66f4\u65b0<br \/>\nReset-ComputerMachinePassword -Credential (Get-Credential)<br \/>\n\u203bSmaba-DC\u5185\u3067\u306f\uff64\u30e6\u30fc\u30b6\u30fc\u3068\uff64\u7aef\u672b\uff64\u305d\u308c\u305e\u308c\u30d1\u30b9\u30ef\u30fc\u30c9\u304c\u5b58\u5728\u3059\u308b\u304c\u7aef\u672b\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u306f\u81ea\u52d5\u3067\u7ba1\u7406\u3055\u308c\u30e6\u30fc\u30b6\u30fc\u304c\u610f\u8b58\u3059\u308b\u5fc5\u8981\u306f\u306a\u3044\uff61<\/p>\n<p>\u203b\u63a5\u7d9a\u304c\u3046\u307e\u304f\u3044\u304b\u306a\u3044\u5834\u5408sysdm.cpl\u304b\u3089\u4e00\u5ea6\u629c\u3051\u3066\u518d\u5ea6\u767b\u9332\u3059\u308b\u3068\u76f4\u308b\u3053\u3068\u304c\u591a\u3044\uff61<\/p>\n<p>\uff65Win11\u30e6\u30fc\u30b6\u30fc\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb\u306e\u524a\u9664<\/p>\n<p>\u30c6\u30b9\u30c8\u3057\u3066\u3044\u308b\u3068\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb\u304c\u591a\u304f\u3067\u304d\u3066\u3057\u307e\u3046\uff61<br \/>\nsysdm.cpl&gt;\u8a73\u7d30\u8a2d\u5b9a&gt;\u30e6\u30fc\u30b6\u30fc\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb&gt;\u8a2d\u5b9a<br \/>\n\u3053\u3053\u3067\u4e0d\u8981\u306a\u30d7\u30ed\u30d5\u30a1\u30a4\u30eb\u3092\u524a\u9664\u3067\u304d\u308b\uff61<\/p>\n<h2>\u30e1\u30e2\uff1a\u30b3\u30f3\u30c6\u30ca\u30a8\u30f3\u30c8\u30ea\u30dd\u30a4\u30f3\u30c8\u3092\u8abf\u3079\u3066<br \/>\n\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u8ffd\u52a0\u3059\u308b\u65b9\u6cd5<\/h2>\n<p>\u203b\u3053\u306e\u65b9\u6cd5\u3060\u3068init.sh\u5f8c\u306e\u51e6\u7406\u304c\u3067\u304d\u306a\u3044\u306e\u3067\u4e0d\u63a1\u7528\u3002<\/p>\n<p>\u30fb\u30a8\u30f3\u30c8\u30ea\u30dd\u30a4\u30f3\u30c8\u306e\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u8abf\u3079\u308b<br \/>\ndocker exec -it samba-dc bash<br \/>\ncat \/proc\/1\/cmdline<\/p>\n<p>\u30fb\u4f5c\u6210<\/p>\n<p>vim setup.sh<\/p>\n<p>#!\/bin\/sh<br \/>\nsed -i &#8216;s|xxx|xxx|&#8217; \/etc\/samba\/smb.conf<br \/>\nsed -i &#8216;s|xxx|xxx|&#8217; \/etc\/ntpd.conf<\/p>\n<p>docker-compose\u3067\u547c\u3073\u51fa\u3059\u3002<\/p>\n<p>volumes:<br \/>\n&#8211; .\/setup.sh:\/setup.sh<br \/>\ncommand: sh -c &#8220;\/setup.sh &amp;&amp; exec \/init.sh&#8221;<\/p>\n<h2>\u30e1\u30e2\uff1a\u30b7\u30f3\u30dc\u30ea\u30c3\u30af\u30ea\u30f3\u30af<\/h2>\n<p>\u30d0\u30a4\u30f3\u30c9\u3057\u3066\u3044\u308bexternal\u306b\u4fdd\u5b58<br \/>\n\u4e0a\u8a18\u3068\u540c\u3058\u3088\u3046\u306b\u3001\u30a8\u30f3\u30c8\u30ea\u30b9\u30af\u30ea\u30d7\u30c8\u5185\u3067cp\u3067\u304d\u306a\u3044\u30a8\u30e9\u30fc\u306b\u306a\u308b\u3002<\/p>\n<p>#!\/bin\/sh<br \/>\nln -sf \/etc\/samba\/external\/smb.conf \/etc\/samba\/smb.conf<br \/>\nln -sf \/etc\/samba\/external\/ntpd.conf \/etc\/ntpd.conf<\/p>\n<p>\u203bln\u30b3\u30de\u30f3\u30c9<br \/>\nln -sf [\u5b9f\u4f53] [\u30ea\u30f3\u30af]<\/p>\n<p>ls -la\u306e\u898b\u3048\u65b9<br \/>\nntpd.conf(\u30ea\u30f3\u30af) -&gt; \/etc\/samba\/external\/my_ntpd.conf(\u5b9f\u4f53)<\/p>\n<h2>\u30e1\u30e2\uff1aDocker Network<\/h2>\n<p>docker network ls<\/p>\n<p>\u30fb\u57fa\u672c<br \/>\nxxx bridge bridge local<br \/>\nxxx host host local<br \/>\nxxx none null local<\/p>\n<p>\u30fb\u524a\u9664\u65b9\u6cd5<br \/>\ndocker network rm samba_default<\/p>\n<p>\u30fb\u7a2e\u985e<br \/>\nbridge<br \/>\nhost\uff1aports\u306e\u8a2d\u5b9a\u306f\u610f\u5473\u306a\u3044<br \/>\nmacvlan\uff1aVPS\u3060\u3068\u96e3\u3057\u3044<\/p>\n<h2>\u30e1\u30e2\uff1aSambaTool(DNS\u30ec\u30b3\u30fc\u30c9)<\/h2>\n<p>\u30fbDB\u30c1\u30a7\u30c3\u30af<br \/>\ndocker exec -it samba-dc samba-tool dbcheck &#8211;cross-ncs &#8211;fix &#8211;username=administrator &#8211;password=xxx<\/p>\n<p>\u30fbAD\u306b\u767b\u9332\u3055\u308c\u3066\u3044\u308b\u7aef\u672b\u53d6\u5f97<br \/>\ndocker exec -it samba-dc samba-tool computer list<br \/>\ndocker exec -it samba-dc samba-tool computer show xxx<\/p>\n<p>\u30fbAD\u306b\u767b\u9332\u3055\u308c\u3066\u3044\u308b\u30e6\u30fc\u30b6\u30fc\/PC\u30ea\u30b9\u30c8\u53d6\u5f97<br \/>\ndocker exec -it samba-dc samba-tool user list<br \/>\ndocker exec -it samba-dc samba-tool computer list<\/p>\n<p>\uff65PC\u8ffd\u52a0<\/p>\n<p>docker exec -it samba-dc samba-tool computer create PCNAME &#8211;user=administrator &#8211;password=xxx<\/p>\n<p>\u30fb\u30be\u30fc\u30f3\u4e00\u89a7\u53d6\u5f97<br \/>\ndocker exec -it samba-dc samba-tool dns zonelist localhost &#8211;username=administrator &#8211;password=xxx<\/p>\n<p>xxx.local\u3068_msdcs.xxxlocal\u304c\u8fd4\u3063\u3066\u304f\u308b\u3002<\/p>\n<p>\u30fbxxx.local\u306e\u30ec\u30b3\u30fc\u30c9\u4e00\u89a7\u53d6\u5f97<br \/>\ndocker exec -it samba-dc samba-tool dns query localhost xxx.local @ ALL &#8211;username=administrator &#8211;password=xxx<\/p>\n<p>\u30fb_msdcs.xxx.local\u306e\u30ec\u30b3\u30fc\u30c9\u4e00\u89a7\u53d6\u5f97<br \/>\ndocker exec -it samba-dc samba-tool dns query localhost _msdcs.xxx.local @ ALL &#8211;username=administrator &#8211;password=xxx<\/p>\n<p>\u30fb\u4e0b\u4f4d\u30ec\u30b3\u30fc\u30c9\u53d6\u5f97<br \/>\ndocker exec -it samba-dc samba-tool dns query localhost _msdcs.xxx.local gc ALL &#8211;username=administrator &#8211;password=xxx<\/p>\n<p>\u30fbA\u30ec\u30b3\u30fc\u30c9\u524a\u9664<br \/>\ndocker exec samba-dc samba-tool dns delete localhost xxx.local samba-dc A 172.19.0.2 -UAdministrator%xxx<\/p>\n<p>\u30fbA\u30ec\u30b3\u30fc\u30c9\u767b\u9332<br \/>\ndocker exec samba-dc samba-tool dns add localhost xxx.local samba-dc A \u30b5\u30fc\u30d0\u30fcIP\u30a2\u30c9\u30ec\u30b9 -UAdministrator%xxx<\/p>\n<h2>\u30e1\u30e2\uff1a\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u30ea\u30b9\u30c8(ACL)<\/h2>\n<p>docker exec -it samba-dc samba-tool ntacl sysvolreset &#8211;username=administrator &#8211;password=xxx<\/p>\n<p>docker exec -it samba-dc samba-tool ntacl sysvolcheck &#8211;username=administrator &#8211;password=xxx<\/p>\n<p>docker exec -it samba-dc supervisorctl restart samba<\/p>\n<p>\uff65ACL\u6a29\u9650\u95a2\u9023\u30ea\u30bb\u30c3\u30c8<\/p>\n<p>samba-tool ntacl sysvolreset<br \/>\nsamba-tool ntacl sysvolcheck<\/p>\n","protected":false},"excerpt":{"rendered":"<p>VPS\u3067\u7a3c\u50cd\u3057\u3066\u3044\u308b\u30b5\u30fc\u30d3\u30b9\u6574\u7406(XserverVPS) Samba DC \u4eca\u56de\u306f\u691c\u8a3c\u76ee\u7684\u3067\u3001\u901a\u5e38\u306fVPS\u3067\u76f4\u63a5Docker\u3092\u516c\u958b\u3059\u308b\u3088\u3046\u306a\u904b\u7528\u306fNG\u3067\uff64VM\u3092\u7d4c\u7531\u3059\u308b\uff61 \u25cf\u25cf\u25cf=\u5229\u7528\u74b0\u5883\u306e\u30b0\u30ed\u30fc\u30d0\u30ebIP\u30a2\u30c9\u30ec\u30b9 \u30fbuf &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/appbay.org\/?p=6798\" class=\"more-link\"><span class=\"screen-reader-text\">&#8220;XserverVPS+Ubuntu+Docker Samba-DC&#8221; \u306e<\/span>\u7d9a\u304d\u3092\u8aad\u3080<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[155,145],"class_list":["post-6798","post","type-post","status-publish","format-standard","hentry","category-1","tag-docker","tag-linux"],"_links":{"self":[{"href":"https:\/\/appbay.org\/index.php?rest_route=\/wp\/v2\/posts\/6798","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/appbay.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/appbay.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/appbay.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/appbay.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6798"}],"version-history":[{"count":36,"href":"https:\/\/appbay.org\/index.php?rest_route=\/wp\/v2\/posts\/6798\/revisions"}],"predecessor-version":[{"id":6850,"href":"https:\/\/appbay.org\/index.php?rest_route=\/wp\/v2\/posts\/6798\/revisions\/6850"}],"wp:attachment":[{"href":"https:\/\/appbay.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6798"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/appbay.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6798"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/appbay.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6798"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}