No subject

John H Terpstra jht at innovace.aquasoft.com.au
Sat Dec 20 07:58:36 GMT 1997


------- Forwarded Message

Return-Path: hurricane-list-request at redhat.com 
Return-Path: <hurricane-list-request at redhat.com>
Received: from innovace.aquasoft.com.au (jht at innovace.aquasoft.com.au 
[192.245.14.12])
	by innovace.aquasoft.com.au (8.8.7/8.8.7) with ESMTP id SAA00772
	for <jht at innovace.aquasoft.com.au>; Sat, 20 Dec 1997 18:49:03 +1100
Received: from aqua.aquasoft.com.au
	by innovace.aquasoft.com.au (fetchmail-4.3.2 IMAP run by jht)
	for <jht at innovace.aquasoft.com.au> (single-drop); Sat Dec 20 18:49:03 1997
Received: from mail2.redhat.com by gatekeeper.aquasoft.com.au with smtp
	(Smail3.1.28.1 #9) id m0xiktI-000doCC; Fri, 19 Dec 97 05:41 EST
Received: (qmail 15872 invoked by uid 501); 18 Dec 1997 16:44:52 -0000
Resent-Date: 18 Dec 1997 16:44:52 -0000
Resent-Cc: recipient list not shown: ;
MBOX-Line: From hurricane-list-request at redhat.com  Thu Dec 18 11:44:49 1997
Reply-To: "D. Dante Lorenso" <dlorenso at afai.com>
From: "D. Dante Lorenso" <dlorenso at afai.com>
To: <cwinters at irex.org>, <dboyd at its.to>, <hurricane-list at redhat.com>
Subject: SAMBA config to control a domain and user policies
Date: Thu, 18 Dec 1997 11:45:49 -0500
Message-ID: <01bd0bd4$64fb3940$3a151ecf at dns1.afai.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 4.71.1712.3
X-MimeOLE: Produced By Microsoft MimeOLE V4.71.1712.3
Resent-Message-ID: <"m2RRR3.0.Mt3.1CLcq"@mail2.redhat.com>
Resent-From: hurricane-list at redhat.com
X-Mailing-List: <hurricane-list at redhat.com> archive/latest/1194
X-Loop: hurricane-list at redhat.com
Precedence: list
Resent-Sender: hurricane-list-request at redhat.com
X-URL: http://www.redhat.com

Samba users,

For those of you that wanted to know how I set
up SAMBA to control a domain like NT does, I
am including a copy of my smb.conf so that you
might have an example to reference.

You wont need the [tmp] stuff in the smb.conf.  I just
included that so you can see how I shared one of
the other directories.

I am not running windows NT (cant afford to) so...I
configured RedHat 5.0 to handle the logins for my
domain.  I called my workgroup LORENSO, and set
up the system in user security mode.  The following
steps outline the work I did:

1) Set up the server:
        Create the /etc/smb.conf file and the /home/netlogon
        share directory.

2) Restart the smbd and nmbd daemons:
        /etc/rc.d/init.d/smb stop; /etc/rc.d/init.d/smb start

3) Test the visibility from client machines:
        Look in the network neighborhood to see if the
        machine is visible.  If not...panic and cry...I'm not sure
        if I can help you.

4) Set up the Client Win95 machine:
        In the control panel, Click PASSWORDS...
        ------------------------------------------------------------
        - then click User Profiles...Choose the bottom three
        of the four checkboxes
            a) Users can customize their settings...
            b) Include desktop items...
            c) Include Start Menu ...

        In the control panel, Click NETWORK...
        ------------------------------------------------------------
        - then click Identification...set your WORKGROUP name
        - then click Access Control...set user-level access control
        and obtain list from ... enter your server name ie: REDHAT
        -then click Configuration...Add the client:
            CLIENT FOR MICROSOFT NETWORKS
            under the properties of that, choose:
            a) Log on to win NT domain
            b) enter your WORKGROUP name...ie: LORENSO
            c) Log on and restore connections
        - Finally, set the primary network logon to
            CLIENT FOR MICROSOFT NETWORKS

4) Set up the User Profiles:
        You'll have to know what your doing for this part,
        but I'll attempt to give you a start...
        - install the System Policy editor for Win95 (included
           on your win95 system CD
        - create a new config.pol and place it in the /home/netlogon
            directory of the REDHAT server
        - using the policy editor, Click File->Open Registry...
        - Then, set all the options to reflect your server and
            user config settings...
        - save everything...

5) Reboot...login and cross your fingers

6) if (email->didHelp) { &SendMeAPizza; }
    else { &GoRead("/usr/docs/$samba_doc_dir"); }
    ;)

THINGS TO WATCH OUT FOR:
- --------------------------------------------
When setting up my system, I was having all sorts
of trouble getting the login on to the network...well, it
turns out that Windows 95: OSR2 sends an uppercased
password to the server.  I didn't know that... well, I changed
my unix password to all uppercase chars and ...voila!  login
successful ;)

You may want to change the [netlogon] and [homes]
directories permissions in the smb.conf ... that'll need to
be changed to increase the security... I left mine this way for
testing and so I can write to the netlogon while configuring
stuff.

Although the documentation says you'll need wins support,
(I enabled it), I never set the NETWORK tcp/ip properties to
include a wins server, but I did edit my C:\win95\lmhosts file
to add the 192.168.14.XXX addresses and netbios names
of the three machines on my home network.

If I get a chance, I'll turn this mail into a website...It might take a
little while, though...

Best of luck...

D. Dante Lorenso
Accounting Firms Associated, inc.
dlorenso at afai.com

- ----------- 8< -------------------- 8< --------------------- 8< ------------

; The global setting for a RedHat default install
; smbd re-reads this file regularly, but if in doubt stop and restart it:
; /etc/rc.d/init.d/smb stop
; /etc/rc.d/init.d/smb start
;======================= Global Settings
=====================================
[global]
   workgroup = Lorenso
   comment = RedHat Samba Server
   volume = RedHat5
   lock directory = /var/lock/samba
   locking = yes
   strict locking = yes
   share modes = yes
   security = user
   os level = 65
   domain master = yes
   local master = yes
   prefered master = yes
   domain logons = yes
   wins support = yes
   ;logon script = %m.bat ; per workstation (machine)
   ;logon script = %u.bat ; per username
   preserve case = yes
   short case preserve = yes
   case sensitive = no

[netlogon]
   comment = Samba Network Logon Service
   path = /home/netlogon
   case sensitive = no
   guest ok = yes
   locking = no
   read only = no        ; I said no so I can still access it for
editing...you can say yes
   browseable = yes  ; say NO if you want to hide the NETLOGON share
   admin users = @wheel

[homes]
   comment = Home Directories
   browseable = no
   writable = yes
   read only = no
   preserve case = yes
   short preserve case = yes
   create mode = 0750

[tmp]
   user = dlorenso
   force group = users
   comment = Temporary file space
   browsable = yes
   writable = yes
   path = /tmp
   read only = no
   public = yes



- -- 
  PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
         To unsubscribe: mail hurricane-list-request at redhat.com with 
                       "unsubscribe" as the Subject.

------- End of Forwarded Message


-- 
===========================================================================
John H Terpstra, Director               Telephone: +61 2 9524 4040
Aquasoft Pty Limited (ACN 050 057 488)        Fax: +61 2 9540 4016
PO Box 105 Miranda NSW 2228 Australia   Cellphone: +61 4 1935 3637
===========================================================================
        Email: John.Terpstra at Aquasoft.Com.AU, jht at aquasoft.com.au
===========================================================================
In the beginning was the Word. The Word is NOT a trademark of Microsoft!




More information about the samba mailing list