Samba as PDC for network containing Windows 2000 Server machine
Art Wildman
wildman at mediaone.net
Wed Jun 7 08:30:11 GMT 2000
Thanks, just what I needed & a most excelent write-up!
...can we nominate you for the PDC HOWTO? Any luck with 9.x clients creating
shares & samba returning auth user lists?
This really is awesome... thanks again & let us know how it goes.
Art Wildman - wildman at mediaone.net - http://network-this.net
"Linux is user-friendly, it's just particular about who it's friends are."
-------- Original Message --------
Subject: RE: Samba as PDC for network containing Windows 2000 Server machine
Date: Wed, 7 Jun 2000 07:04:52 +1000
From: "Aleksandar B. Samardzic" <a.samardzic at racunari.com>
Reply-To: a.samardzic at racunari.com
To: Multiple recipients of list SAMBA-NTDOM <samba-ntdom at samba.org>
Oliver, thank you very much for you advice; I have now Samba tng-2.5 serving
as PDC for Windows 2000 Server machine too.
For anyone interested, I'll try to summarize isntallation procedure below.
First of all, I had to uninstall previous Samba version. My Linux machine is
RedHat 6.2 box, so I did following:
rpm -e samba-client
rpm -e samba
rpm -e samba-common
But before deletion, I've saved script /etc/rc.d/init.d/smb in order to be
able to run Samba during system initialization. I guess it is not absolutely
necessary to delete previous Samba version, but I did it to be sure to avoid
side effects.
Then I've downloaded tng-2.5 archive from following URL:
ftp://ftp.samba.org/pub/samba/alpha/samba-tng-alpha.2.5.tar.bz2
After unpacking it, I did as usually:
cd source
./configure
make
make install
Then I changed directory to /usr/local/samba, created private subdirectory
there and smbpasswd file in this directory, then changed permissions of this
file:
mkdir private
touch private/smbpasswd
chmod 0600 private/smbpasswd
Then I've created netlogon and profile subdirectories in /home directory to
hold logon scripts and user profiles and changed profile subdirectory
permissions as follows:
mkdir /home/netlogon
mkdir /home/profile
chmod 1777 /home/profile
Then I've created smb.conf file in lib subdirectory of /usr/local/samba
directory. My smb.conf is as follows:
---------- >8 ---
[global]
workgroup = SIMPLE
server string = Samba %v on %L
security = user
domain logons = yes
encrypt passwords = yes
os level = 65
domain master = yes
preferred master = yes
local master = yes
wins support = yes
time server = yes
logon script = login.bat
logon drive = U:
logon home = \\%L\%U
logon path = \\%L\profile\%U
hosts allow = 192.168.0. 127.0.0.1
guest ok = no
[homes]
writable = yes
browseable = no
comment = Users' home directories
[netlogon]
path = /home/netlogon
writable = no
browseable = no
comment = PDC netlogon share
[profile]
path = /home/profile
writeable = yes
browseable = no
comment = PDC profile share
[tmp]
path = /tmp
writeable = yes
browseable = yes
comment = Temporary disk space
---------- >8 ---
Now, I've added items to start and stop all daemons (srvsvcd, wkssvcd,
browserd, lsarpcd, netlogond, samrd, winregd and svcctld; along with, of
course, smbd and nmbd) to my startup script /etc/rc.d/init.d/smb. Thus, this
script is now on my machine as follows:
---------- >8 ---
#!/bin/sh
#
# chkconfig: - 91 35
# description: Starts and stops the Samba smbd and nmbd daemons \
# used to provide SMB network services.
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
# Check that smb.conf exists.
[ -f /usr/local/samba/lib/smb.conf ] || exit 0
RETVAL=0
# See how we were called.
case "$1" in
start)
echo -n "Starting SMB services: "
daemon /usr/local/samba/sbin/smbd -D
RETVAL=$?
echo
echo -n "Starting NMB services: "
daemon /usr/local/samba/sbin/nmbd -D
RETVAL2=$?
echo
echo -n "Starting other Samba services: "
daemon /usr/local/samba/sbin/srvsvcd -D
daemon /usr/local/samba/sbin/wkssvcd -D
daemon /usr/local/samba/sbin/browserd -D
daemon /usr/local/samba/sbin/lsarpcd -D
daemon /usr/local/samba/sbin/netlogond -D
daemon /usr/local/samba/sbin/samrd -D
daemon /usr/local/samba/sbin/winregd -D
daemon /usr/local/samba/sbin/svcctld -D
echo
[ $RETVAL -eq 0 -a $RETVAL2 -eq 0 ] && touch /var/lock/subsys/smb || \
RETVAL=1
;;
stop)
echo -n "Shutting down SMB services: "
killproc smbd
RETVAL=$?
echo
echo -n "Shutting down NMB services: "
killproc nmbd
RETVAL2=$?
echo
echo -n "Shutting down other Samba services: "
killproc srvsvcd
killproc wkssvcd
killproc browserd
killproc lsarpcd
killproc netlogond
killproc samrd
killproc winregd
killproc svcctld
[ $RETVAL -eq 0 -a $RETVAL2 -eq 0 ] && rm -f /var/lock/subsys/smb
echo ""
;;
restart)
$0 stop
$0 start
RETVAL=$?
;;
reload)
echo -n "Reloading smb.conf file: "
killproc smbd -HUP
RETVAL=$?
echo
;;
status)
status smbd
status nmbd
RETVAL=$?
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
esac
exit $RETVAL
---------- >8 ---
I know all daemons should probably be checked for successfull starting or
stopping but everything just works fine on my machine so I skip adding these
checks to above file.
Now I had to add links to this script to appropriate subdirectories of
/etc/rc.d directory in order to have Samba to start during system boot and
to stop during system shutdown:
ln -s /etc/rc.d/init.d/smb /etc/rc.d/rc3.d/S90smb
ln -s /etc/rc.d/init.d/smb /etc/rc.d/rc5.d/S90smb
ln -s /etc/rc.d/init.d/smb /etc/rc.d/rc0.d/K35smb
ln -s /etc/rc.d/init.d/smb /etc/rc.d/rc6.d/K35smb
Then I've restarted daemons:
/etc/rc.d/init.d/smb restart
and later used samedit tool to add Samba users:
samedit -S . -U root% -l log
and then in samedit prompt:
createuser root -p *******
[ ... more users added here ... ]
createuser mika$
exit
Latest line is to add account for Windows 2000 machine. After leaving
samedit I was able to see that appropriate entries are added to
/usr/local/samba/private/smbpasswd file.
Now I had to switch to Windows 2000 machine and put it into the domain. When
asked for username and password, I supplied root as username and
corresponding password.
Finally, I've created following login.bat file and copied it to the netlogon
share:
---------- >8 ---
@echo off
echo Setting Current Time...
net time \\pera /set /yes
echo Mapping Network Drives to Samba Server Pera...
net use t: \\pera\tmp /persistent:no
---------- >8 ---
That's it, now everything should be working fine.
Regards,
Aleksandar
-----Original Message-----
From: Oliver Malang [mailto:malang at netengine.at]
Sent: Tuesday, June 06, 2000 3:21 PM
To: a.samardzic at racunari.com; Multiple recipients of list SAMBA-NTDOM
Subject: AW: Samba as PDC for network containing Windows 2000 Server
machine
I'm using tng-2.5 and it works fine for me(domain logons and hosting home
directories from W2k and NT).
regards,
Oliver
More information about the samba-ntdom
mailing list