Samba 1.9.18p7-2 PDC & netlogon? or p8? or wait?
hauser at blackcat.dunklin.k12.mo.us
Thu Aug 6 19:04:41 GMT 1998
I have a linux system running Samba 1.9.18p7-2 smoothly right now, with
perhaps 600 users. I have an NT box with 2 users, for a dedicated
application, which is a PDC right now. I have ~300 Win95 client machines
that I want to have do a domain login, authenticating off the samba box
(running RedHat 5.1, btw) so that I don't have to replicate users onto the
NT box when all they really need to do is authenticate & get to filespace
on the samba machine.
Main question is, can I get samba to act as PDC without a huge process? I
am not a real code warrior, so downloading the newest version will be fine,
as long as I'm sure that 1.19.18p8 will do the trick. I'd prefer a Redhat
Pluggable Module, but I'm sure that the tar.gz package should go smooth
enough. I just want to be sure it will do PDC, and that the version
difference is the (likely) reason it's not working.
I also know that this issue (NT PDC emulation) is getting a great deal of
attention for the next major release of samba, so I don't really want to
reinvent the wheel if it'll be rolled out in a well-tested (chuckle... OK,
tested) version in another week or two. So, any word on ETA of the next
major release would be appreciated, too.
Here's more background on the environment.
I took PDC off the NT box, and couldn't get any response from samba as a
PDC, so I had to resort to letting the 95 machines create .pwl lists for
each user on each computer. A real hassle, as each machine gets many users
throughout the day. I really want to do the domain logins, but I really
don't want to add users to the NT box. The elegant solution is, of course,
to let samba do the PDC duties.
I've set up smb.conf with domain logons = yes, and a [netlogon] directory
that is shared properly. I've been through diagnose.txt and everything
seems to be running smoothly except for test 5. nmblookup -B "clientname"
works fine for machines that I have listed in DNS, but fails (returns
0.0.0.0) on all others. I am in the process of adding machine names to the
DNS listing, but the question remains valid for machines that are already
I've read a bunch of the archive lists, web pages, and current digest.
Everything seems to indicate that, yes, my dreams have come true, and I
won't need to buy any additional user licenses for NT (kudos to the whole
samba team). But I'm still trying to get PDC & netlogon working.
oh, also, testparm shows everything OK, but trying security = domain
doesn't do anything, and setting domain controller = <My NT Box> gives a
command not understood error -- this is one thing that makes me think I'm
trying to do things in smb.conf that may be fine & dandy in 1.9.18p8 but
not in p7.
If I'm overlooking something more elegant, I'll be happy to have it pointed
out to me.
Here is an excerpt of my smb.conf Thanks, all
workgroup = ADMIN
security = user
; security = share
; security = domain
# Use password server option only with security = server
; password server = <NT-Server-Name>
socket options = TCP_NODELAY
local master = yes
os level = 64
domain master = yes
preferred master = yes
domain logons = yes
logon script = attach.bat
# note that this attach.bat is readable & in [netlogon] share, which I can
get to manually...
dns proxy = no
default case = lower
; wins support = yes
; wins server = w.x.y.z
; wins proxy = yes
#============================ Share Definitions ==============================
comment = network Home directory
browseable = no
writable = yes
# Un-comment the following and create the netlogon directory for Domain Logons
comment = Z: Network Logon
path = /resources/netlogon
guest ok = yes
writable = no
share modes = no
Rod Hauser hauser at blackcat.dunklin.k12.mo.us
Technology Coordinator Voice: 314-479-7897 (afternoons)
Dunklin R-5 School District FAX: 314-479-6297 (anytime)
#1 Blackcat Drive http://blackcat.dunklin.k12.mo.us
Herculaneum, MO 63048
More information about the samba