Samba 1.9.18p7-2 PDC & netlogon? or p8? or wait?

Rod Hauser hauser at
Thu Aug 6 19:04:41 GMT 1998

I have a linux system running Samba 1.9.18p7-2 smoothly right now, with
perhaps 600 users.  I have an NT box with 2 users, for a dedicated
application, which is a PDC right now.  I have ~300 Win95 client machines
that I want to have do a domain login, authenticating off the samba box
(running RedHat 5.1, btw) so that I don't have to replicate users onto the
NT box when all they really need to do is authenticate & get to filespace
on the samba machine.  

Main question is, can I get samba to act as PDC without a huge process?  I
am not a real code warrior, so downloading the newest version will be fine,
as long as I'm sure that 1.19.18p8 will do the trick.  I'd prefer a Redhat
Pluggable Module, but I'm sure that the tar.gz package should go smooth
enough.  I just want to be sure it will do PDC, and that the version
difference is the (likely) reason it's not working.

I also know that this issue (NT PDC emulation) is getting a great deal of
attention for the next major release of samba, so I don't really want to
reinvent the wheel if it'll be rolled out in a well-tested (chuckle... OK,
tested) version in another week or two.  So, any word on ETA of the next
major release would be appreciated, too.

Here's more background on the environment.

I took PDC off the NT box, and couldn't get any response from samba as a
PDC, so I had to resort to letting the 95 machines create .pwl lists for
each user on each computer.  A real hassle, as each machine gets many users
throughout the day.  I really want to do the domain logins, but I really
don't want to add users to the NT box.  The elegant solution is, of course,
to let samba do the PDC duties.

I've set up smb.conf with domain logons = yes, and a [netlogon] directory
that is shared properly.  I've been through diagnose.txt and everything
seems to be running smoothly except for test 5.  nmblookup -B "clientname"
works fine for machines that I have listed in DNS, but fails (returns on all others.  I am in the process of adding machine names to the
DNS listing, but the question remains valid for machines that are already

I've read a bunch of the archive lists, web pages, and current digest.
Everything seems to indicate that, yes, my dreams have come true, and I
won't need to buy any additional user licenses for NT (kudos to the whole
samba team).  But I'm still trying to get PDC & netlogon working.   

oh, also, testparm shows everything OK, but trying security = domain
doesn't do anything, and setting domain controller = <My NT Box> gives a
command not understood error -- this is one thing that makes me think I'm
trying to do things in smb.conf that may be fine & dandy in 1.9.18p8 but
not in p7.

If I'm overlooking something more elegant, I'll be happy to have it pointed
out to me.

Here is an excerpt of my smb.conf Thanks, all


   workgroup = ADMIN
   security = user
;   security = share
;   security = domain
# Use password server option only with security = server
;   password server = <NT-Server-Name>

   socket options = TCP_NODELAY 
   local master = yes
   os level = 64
   domain master = yes 
   preferred master = yes
   domain logons = yes

   logon script = attach.bat
# note that this attach.bat is readable & in [netlogon] share, which I can
get to manually...

   dns proxy = no 
  default case = lower

;   wins support = yes
;   wins server = w.x.y.z
;   wins proxy = yes

#============================ Share Definitions ==============================
   comment = network Home directory
   browseable = no
   writable = yes

# Un-comment the following and create the netlogon directory for Domain Logons
   comment = Z: Network Logon
   path = /resources/netlogon
   guest ok = yes
   writable = no
   share modes = no

Rod Hauser                      hauser at
Technology Coordinator          Voice: 314-479-7897 (afternoons)
Dunklin R-5 School District     FAX: 314-479-6297 (anytime)
#1 Blackcat Drive     
Herculaneum, MO 63048

More information about the samba mailing list