SAMBA SERVER (PDC) Samba is comprised of a suite of RPMs that come on the RHEL/Fedora CDs. The files are named:



Similar documents
Samba. Samba. Samba 2.2.x. Limitations of Samba 2.2.x 1. Interoperating with Windows. Implements Microsoft s SMB protocol

SAMBA VI: As a Domain Controller

Distributed File System

Replacing a Windows NT/2000 server using Linux and SAMBA

Joining an XP workstation to a domain Version 1.00

1. Set Daylight Savings Time Create Migrator Account Assign Migrator Account to Administrator group... 4

SENECA COLLEGE OF APPLIED ARTS AND TECHNOLOGY

Other documents in this series are available at: servernotes.wazmac.com

Wazza s QuickStart 13. Leopard Server - Windows Domain

Installing QuickBooks Enterprise Solutions Database Manager On Different Linux Servers

Active Directory Integration

Lotus Notes 6.x Client Installation Guide for Windows. Information Technology Services. CSULB

Linux Development Environment Description Based on VirtualBox Structure

# Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable its WINS Server ; wins support = no

How to use edgebox as a PDC and to Share Files

File and Printer Sharing with Microsoft Windows

Tufts VPN Client User Guide for Windows

Migration Strategies and Tools for the HP Print Server Appliance

Joining. Domain. Windows XP Pro

User guide. Business

STATISTICA VERSION 9 STATISTICA ENTERPRISE INSTALLATION INSTRUCTIONS FOR USE WITH TERMINAL SERVER

Windows Clients and GoPrint Print Queues

Installing Microsoft Outlook on a Macintosh. This document explains how to download, install and configure Microsoft Outlook on a Macintosh.

TB168 (Rev4) - Networking Linux Based Controls

Using Remote Web Workplace Version 1.01

Quick Start Guide. User Manual. 1 March 2012

Linuxdays 2005, Samba Tutorial

Windows 7 Hula POS Server Installation Guide

Insight Video Net. LLC. CMS 2.0. Quick Installation Guide

WatchGuard Mobile User VPN Guide

1. Installation Overview

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

Changing Your Cameleon Server IP

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

Configuring VPN Using Windows XP

Tools for Windows System Support

NAS 109 Using NAS with Linux

Enabling Backups for Windows and MAC OS X

Parallels Plesk Panel

Configuring a Windows 2003 Server for IAS

Introduction. Before you begin. Installing efax from our CD-ROM. Installing efax after downloading from the internet

Welcome to the QuickStart Guide

How To Configure CU*BASE Encryption

How to Manage a Windows NT Server Computer Remotely

VPN Overview. The path for wireless VPN users

Test Case 3 Active Directory Integration

Installation Overview

Universal Management Service 2015

Yale Software Library

Installation Instruction STATISTICA Enterprise Small Business

Attendance Monitoring. Academics: Accessing your Register. v 0.6, September Masood Syed, Dev Team, ITMS. Masood Syed, Dev Team, ITMS

Mapping ITS s File Server Folder to Mosaic Windows to Publish a Website

How to monitor AD security with MOM

How To Create An Easybelle History Database On A Microsoft Powerbook (Windows)

IIS, FTP Server and Windows

Remote Access: Internet Explorer

Remote Desktop access via Faculty Terminal Server Using Internet Explorer (versions 5.x-7.x)

STATISTICA VERSION 12 STATISTICA ENTERPRISE SMALL BUSINESS INSTALLATION INSTRUCTIONS

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients

Configuring the Active Directory Plug-in


(june > this is version 3.025a)

The ECU Wireless system uses a captive portal authentication system. There are three steps to configure your computer for wireless access:

Download/Install IDENTD

SQL Server Setup for Assistant/Pro applications Compliance Information Systems

Setting Up Your FTP Server

How To Set Up A Macintosh With A Cds And Cds On A Pc Or Macbook With A Domain Name On A Macbook (For A Pc) For A Domain Account (For An Ipad) For Free

QuickBooks Enterprise Solutions. Linux Database Server Manager Installation and Configuration Guide

How to Setup Scan to SMB to a Microsoft Vista Workstation Using a bizhub C451/ C550

ilaw Installation Procedure

Univention Corporate Server. Operation of a Samba domain based on Windows NT domain services

Using Single Sign-on with Samba. Appendices. Glossary. Using Single Sign-on with Samba. SonicOS Enhanced

Accessing the Media General SSL VPN

CruzNet Secure Set-Up Instructions for Windows Vista

Addonics T E C H N O L O G I E S. NAS Adapter. Model: NASU Key Features

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Windows and MAC User Handbook Remote and Secure Connection Version /19/2013. User Handbook

Common Internet File Sharing (CIFS) How-To

Scan to SMB(PC) Set up Guide

Troubleshooting File and Printer Sharing in Microsoft Windows XP

Configuring.NET based Applications in Internet Information Server to use Virtual Clocks from Time Machine

Linko Software Express Edition Typical Installation Guide

Spector 360 Deployment Guide. Version 7

Using Red Hat Enterprise Linux with Georgia Tech's RHN Satellite Server Installing Red Hat Enterprise Linux

User Guide Microsoft Exchange Remote Test Instructions

Application Note 8: TrendView Recorders DCOM Settings and Firewall Plus DCOM Settings for Trendview Historian Server

Password Manager Windows Desktop Client

Snow Inventory. Installing and Evaluating

VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide

Setting up a VPN connection Windows XP

Contents. VPN Instructions. VPN Instructions... 1

Win8 Networking FinishLynx with Meet Management Technical Support Guide

Quick Scan Features Setup Guide. Scan to Setup. See also: System Administration Guide: Contains details about setup.

Deployment of Keepit for Windows

STATISTICA VERSION 10 STATISTICA ENTERPRISE SERVER INSTALLATION INSTRUCTIONS

Batch Eligibility Long Term Care claims

In this lab you will explore the Windows XP Firewall and configure some advanced settings.

Quick Scan Features Setup Guide

Transcription:

SAMBA SERVER (PDC) INTRODUCTION Samba is a suite of utilities that allows your Linux box to share files and other resources, such as printers, with Windows boxes. This lesson describes how you can make your Linux box into a Windows Primary Domain Controller (PDC) or a server for a Windows Workgroup. Either configuration will allow everyone at home to have: their own logins on all the home windows boxes while having their files on the Linux box appear to be located on a new Windows drive shared access to printers on the Linux box shared files accessible only to members of their Linux user group. Package Installation Samba is comprised of a suite of RPMs that come on the RHEL/Fedora CDs. The files are named: samba samba-common samba-client samba-swat How to Get Samba Started You can configure Samba to start at boot time using the chkconfig command: [root@bigboy tmp]# chkconfig smb on You can start/stop/restart Samba after boot time using the smb initialization script as in the examples below: [root@bigboy tmp]# service smb start [root@bigboy tmp]# service smb stop [root@bigboy tmp]# service smb restart The Samba Configuration File The /etc/samba/smb.conf file is the main configuration file you'll need to edit

Section [global] [printers] [homes] [netlogon] Description General Samba configuration parameters Used for configuring printers Defines treatment of user logins A share for storing logon scripts. (Not created by default.) [profile] A share for storing domain logon information such as "favorites" and desktop icons. (Not created by default.) Configuring SWAT SWAT, Samba's web based configuration tool enables you configure your smb.conf file without you needing to remember all the formatting. The enabling and disabling, starting and stopping of SWAT is controlled by xinetd ia a configuration file named /etc/xinetd.d/swat. SAMBA PDC CONFIGURATION 1. The [Global] Section Parameter Value Description domain Yes Tells Samba to become the PDC logons preferred master Yes Makes the PDC act as the central store for the names of all windows clients, servers and printers on the network. Very helpful when you need to "browse" your local network for resources. Also known as a local domain master Yes master browser. Tells Samba to become the master browser across multiple networks all over the domain. The local master

browsers register themselves with the domain master to learn about resources on other networks. os level 65 Sets the priority the Samba server should use when negotiating to become the PDC with other Windows servers. A value of 65 will usually make the Samba server win. wins support Yes Allows the Samba server to provide name services for the network. In other words keeps track of the IP addresses of all the domain's servers and clients. time server Yes Lets the samba server provide time updates for the domain's clients. workgroup "homenet" The name of the Windows domain we'll create. The name you select is your choice. I've decided to use "homenet". security user Make domain logins query the Samba password database located on the samba server itself. Here's how to set the values using SWAT. 1. Log into SWAT and click on the [global] section. 2. Click the Advanced button to see all the options. 3. Make your changes and click on the Commit Changes button when finished. 4. Your smb.conf file should resemble the example below when you're finished. You can view the contents of the configuration file by logging in to the samba server via a command prompt and using the cat /etc/samba/smb.conf to verify your changes as you do them. [global] workgroup = HOMENET time server = Yes domain logons = Yes os level = 65 preferred master = Yes domain master = Yes

2. The [homes] Section The [homes] section governs how Samba handles default login directories. Parameter Value Description browseable No Doesn't allow others to browse the contents of the directory read only No Allows the samba user to also write to their Samba Linux directory create mask 0664 Makes new files created by the user to have "644" permissions. You want to change this to "0600" so that only the login user has access to files. directory mask 0775 Makes new sub-directories created by the user to have "775" permissions. You want to change this to "0700" so that only the login user has access to directories. Here's how to set the values using SWAT: 1. Click on the SWAT shares button to proceed to where shared directories are configured. 2. Click the Advanced button to see all the options. 3. Choose the Homes share. 4. Make your changes and click on the Commit Changes button when finished. 5. Your smb.conf file should resemble this when finished. You can view the contents of the configuration file by logging in to the samba server via a command prompt and using the cat /etc/samba/smb.conf to verify your changes as you do them. [homes] read only = No browseable = No create mask = 0644 directory mask = 0755

3. The [netlogon] and [profiles] Share Sections The [netlogon] share section contains scripts that the windows clients may use when they log into the domain. The [profiles] share section stores settings related to the look and feel of windows so that the user has the same settings no matter which Windows PC is logged into. The [profiles] share section stores things such as favorites and desktop icons. Your smb.conf file should look like this when you're finished: [netlogon] path = /home/samba/netlogon guest ok = Yes [profiles] path = /home/samba/profiles read only = No create mask = 0600 directory mask = 0700 Here's how to do it. 1. Click the Shares button. 2. Create a [netlogon] share. 3. Modify the path and guest ok settings. 4. Click on the Commit Changes button. 5. Create a [profiles] share section. 6. Modify the path, mask and read only settings. The mask settings allow only the owner of the netlogon subdirectory to be able to modify its contents. 7. Click on the Commit Changes button. Remember to create these share directories from the command line afterwards. [root@bigboy tmp]# mkdir -p /home/samba/netlogon [root@bigboy tmp]# mkdir -p /home/samba/profile [root@bigboy tmp]# chmod -R 0755 /home/samba 4. The [printers] Share Section The default smb.conf [printers] share section looks like this: [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No

Samba Passwords You should be aware that your Linux password and Samba passwords are stored in two different locations. Samba passwords are stored in the /etc/samba/smbpasswd file and can be changed smbpasswd command. Create A Samba PDC Administrator User [root@bigboy tmp]# /usr/bin/smbpasswd -a root password ADDING WORKSTATIONS TO YOUR SAMBA DOMAIN Adding workstations to a Samba domain is a two step process involving the creation of workstation trust accounts on the Samba server and then logging into each workstation to add them to the domain. Samba can create these Machine Trusts in two ways, either manually or automatically. Manual Creation Of Machine Trust Accounts (NT Only) root@bigboy tmp]# groupadd samba-clients [root@bigboy tmp]# /usr/sbin/useradd -g samba-clients -d /dev/null -s /bin/false machine_name$ [root@bigboy tmp]# passwd -l machine_name$ [root@bigboy tmp]# smbpasswd -a -m machine_name Dynamic Creation of Machine Trust Accounts You can set this up by editing the /etc/samba/smb.conf file to automatically add the required users. The easiest way to do this using SWAT in the Global menu to modify the add machine script parameter. [global] # <...remainder of parameters...>

add machine script = /usr/sbin/useradd -d /dev/null -g samba-clients -s /bin/false -M %u When you have completed the modifications, you'll need to create the samba-clients Linux group that will be used to help identify the all the domain's Windows clients listed in the /etc/passwd file. [root@bigboy tmp]# groupadd samba-clients MAKE YOUR PC CLIENTS AWARE OF YOUR SAMBA PDC Windows 95/98/ME and Windows XP Home Windows 9x machines do not implement full domain membership and therefore don't require machine trust accounts. Here's what you need to do: 1. Navigate to the Network section of the Control Panel (Start ->Settings->Control Panel->Network) 2. Select the Configuration tab 3. Highlight "Client for Microsoft Networks" 4. Click the Properties button. 5. Check "Log onto Windows NT Domain", and enter the domain name. 6. Click all the OK buttons and reboot! Windows NT For Windows NT, you must first create a manual Samba machine trust account as explained earlier, then follow these steps: 1. Navigate to the Network section of the Control Panel (Start ->Settings->Control Panel->Network ) 2. Select the "Identification" tab 3. Click the "Change" button 4. Enter the domain name and computer name, do not check the box Create a Computer Account in the Domain. In this case, the existing machine trust account is used to join the machine to the domain. 5. Click "OK". You should get "Welcome to <DOMAIN>" message as confirmation that you've been added. 6. Reboot. You can now log in using any account in the /etc/smbpasswd file with your domain as the domain name.

Windows 200x and Windows XP Professional For the 200x and XP Professional varieties of Windows, create a dynamic Samba machine trust account, then go through these steps: 1. Press the Windows and Break keys simultaneously to access the System Properties dialogue box. 2. Click on the 'Network Identification' or 'Computer Name' tab on the top. 3. Click the "Properties" button. 4. Click on the "Member of Domain" button. 5. Also enter your domain name and computer name and then click "OK" 6. You will be prompted for a user account and password with rights to join a machine to the domain. Enter the information for your Samba administrator. In this home environment scenario, the user would be root with the corresponding smbpasswd password. Now, you should get a "Welcome to <DOMAIN>" message confirming that you've been added. 7. Reboot. ADDING USERS TO YOUR SAMBA DOMAIN Adding users to a domain has three broad phases. 1. Adding The Users In Linux To create the user, use the command: [root@bigboy tmp]# useradd -g 100 peter 2. Give them a Linux Password Giving them a Linux password is only necessary if the user needs to log into the Samba server directly. If the user does, use this method: [root@bigboy tmp]# passwd peter 3. Mapping The Linux Users To An smbpassword Next, you need to create Samba domain login passwords for the user [root@bigboy tmp]# /usr/bin/smbpasswd -a username password

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information