[Samba] Problems Setting up an Samba-PDC
Yura Pismerov
ypismerov at tucows.com
Sun Sep 8 18:42:01 GMT 2002
You also need to do it as user with root parmissions (member of "admin
user" parameter in smb.conf).
Martin Elshuber wrote:
>
> Hi!
>
> I'm trying to set a Samba 2.2.5 PDC with w2k Clients,
> but the clients can't join the domain!
>
> I've created an Mashine account 'gandalf$', and I've added this account
> in my smbpasswd file
>
> perhaps someone can tell me what I've done wrong
>
> thanks Martin
>
> p.s.: I've already read the PDC-HOWTO
> http://us6.samba.org/samba/ftp/docs/htmldocs/Samba-PDC-HOWTO.html
>
> ------------------------------------------------------------------------
> # This is the main Samba configuration file. You should read the
> # smb.conf(5) manual page in order to understand the options listed
> # here. Samba has a huge number of configurable options (perhaps too
> # many!) most of which are not shown in this example
> #
> # Any line which starts with a ; (semi-colon) or a # (hash)
> # is a comment and is ignored. In this example we will use a #
> # for commentry and a ; for parts of the config file that you
> # may wish to enable
> #
> # NOTE: Whenever you modify this file you should run the command "testparm"
> # to check that you have not made any basic syntactic errors.
> #
> #======================= Global Settings =====================================
> [global]
>
> workgroup = THE_RING
> server string = Domain Server
>
> os level 64
> preferred master = yes
> domain master = yes
> local master = yes
>
> security = user
> encrypt passwords = yes
> domain logons = yes
>
> logon path = \\SAURON\profiles\%u
> logon drive = = R:
> logon home = \\SAURON\%u
>
> domain admin group = root @users
>
> ; add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u
>
> hosts allow = 192.168.0. 127.
>
> ; printcap name = /etc/printcap
> ; load printers = yes
> ; printing = lprng
>
> log file = /var/log/samba/%m.log
> max log size = 0
>
> # Use password server option only with security = server
> # The argument list may include:
> # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
> # or to auto-locate the domain controller/s
> # password server = *
> ; password server = <NT-Server-Name>
>
> # Password Level allows matching of _n_ characters of the password for
> # all combinations of upper and lower case.
> ; password level = 8
> ; username level = 8
>
> smb passwd file = /etc/samba/smbpasswd
>
> unix password sync = Yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
>
> pam password change = yes
>
> ; username map = /etc/samba/smbusers
> include = /etc/samba/smb.conf.%m
>
> obey pam restrictions = yes
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> interfaces = 192.168.0.2/24
>
> # Case Preservation can be handy - system default is _no_
> # NOTE: These can be set on a per share basis
> ; preserve case = no
> ; short preserve case = no
> # Default case is normally upper case for all DOS files
> ; default case = lower
> # Be very careful with case sensitivity - it can break things!
> ; case sensitive = no
>
> #============================ Share Definitions ==============================
> [homes]
> comment = Home Directories
> browseable = no
> writable = yes
> valid users = %S
> create mode = 0664
> directory mode = 0775
> # If you want users samba doesn't recognize to be mapped to a guest user
> ; map to guest = bad user
>
> # Un-comment the following and create the netlogon directory for Domain Logons
> [netlogon]
> comment = Network Logon Service
> path = /home/PDC/netlogon
> read only = yes
> write list = @users root martin
>
> # Un-comment the following to provide a specific roving profile share
> # the default is to use the user's home directory
> [profiles]
> path = /usr/PDC/profiles
> read only = no
> create mask = 0600
> directory mask = 0700
>
> # NOTE: If you have a BSD-style print system there is no need to
> # specifically define each individual printer
> [printers]
> comment = All Printers
> path = /var/spool/samba
> browseable = no
> # Set public = yes to allow user 'guest account' to print
> guest ok = no
> writable = no
> printable = yes
>
> # This one is useful for people to share files
> ;[tmp]
> ; comment = Temporary file space
> ; path = /tmp
> ; read only = no
> ; public = yes
>
> # A publicly accessible directory, but read only, except for people in
> # the "staff" group
> [public]
> comment = Public Stuff
> path = /home/public
> public = yes
> writable = yes
> printable = no
> write list = @users
> force create mode = 0775
> force directory mode = 0775
> force group = users
>
> [BG]
> comment = Baldur's Gate
> path = /home/public/Games/BG
> public = yes
> writable = no
> printable = no
> force create mode = 0775
> force directory mode = 0775
> force group = users
>
> # Other examples.
> #
> # A private printer, usable only by fred. Spool data will be placed in fred's
> # home directory. Note that fred must have write access to the spool directory,
> # wherever it is.
> ;[fredsprn]
> ; comment = Fred's Printer
> ; valid users = fred
> ; path = /home/fred
> ; printer = freds_printer
> ; public = no
> ; writable = no
> ; printable = yes
>
> # A private directory, usable only by fred. Note that fred requires write
> # access to the directory.
> ;[fredsdir]
> ; comment = Fred's Service
> ; path = /usr/somewhere/private
> ; valid users = fred
> ; public = no
> ; writable = yes
> ; printable = no
>
> # a service which has a different directory for each machine that connects
> # this allows you to tailor configurations to incoming machines. You could
> # also use the %U option to tailor it by user name.
> # The %m gets replaced with the machine name that is connecting.
> ;[pchome]
> ; comment = PC Directories
> ; path = /usr/local/pc/%m
> ; public = no
> ; writable = yes
>
> # A publicly accessible directory, read/write to all users. Note that all files
> # created in the directory by users will be owned by the default user, so
> # any user with access can delete any other user's files. Obviously this
> # directory must be writable by the default user. Another user could of course
> # be specified, in which case all files would be owned by that user instead.
> ;[public]
> ; path = /usr/somewhere/else/public
> ; public = yes
> ; only guest = yes
> ; writable = yes
> ; printable = no
>
> # The following two entries demonstrate how to share a directory so that two
> # users can place files there that will be owned by the specific users. In this
> # setup, the directory should be writable by both users and should have the
> # sticky bit set on it to prevent abuse. Obviously this could be extended to
> # as many users as required.
> ;[myshare]
> ; comment = Mary's and Fred's stuff
> ; path = /usr/somewhere/shared
> ; valid users = mary fred
> ; public = no
> ; writable = yes
> ; printable = no
> ; create mask = 0765
More information about the samba
mailing list