[Samba] Windows domain group policies
John H Terpstra
jht at samba.org
Sat Jun 21 21:54:10 GMT 2003
On Sat, 21 Jun 2003, Thomas Angst wrote:
> Hmm,
> that's confusing me...
> As robowarp (or what his name is) has written, it doesn't look like
> joining machines to samba domains is working. Or more precisely samba
> does never trust a machine how has joined a moment before.
>
> And group managing may not working but I don't know how to do it...
Email me your smb.conf file.
Mine is attached. Mine works fine. I have joined WinXP and Win2K to the
domain and have joined another samba server to the domain. All work fine.
- John T.
>
> Thomas
>
> John H Terpstra schrieb:
>
> >Thomas,
> >
> >Domain membership joins work fine in current CVS.
> >
> >Managing Groups is the problem right now.
> >
> >This should be done early next week. There are patches on samba-technical
> >that have not yet been accepted and applied.
> >
> >- John T.
> >
> >
> >On Sat, 21 Jun 2003, Thomas Angst wrote:
> >
> >
> >
> >>I hope they will fix this bug soon, how can we else test the new functionality of Samba 3.0 if we cannot use it as a domain server?
> >>Or is there another way to register a machine which will be accepted by Samba 3.0?
> >>
> >>Thomas
> >>
> >>
> >>
> >>
> >>>I am using Debian 3.0r1 with unstable packages. But if the fixes are in
> >>>CVS I can download and compile it.
> >>>
> >>>
> >>Fixes are still being worked on. I hope they will make it for Beta2.
> >>
> >>- John T.
> >>
> >>
> >>robowarp at gmx.de schrieb:
> >>
> >>
> >>
> >>>recompiled samba 3 on current cvs , the bug stays
> >>>no login to samba domain is possible , cause computer acount is not
> >>>trusted
> >>>after reboot the client which
> >>>joined the domain succesfully
> >>>regards r
> >>>
> >>>
> >>>
> >>>
> >
> >
> >
>
>
--
John H Terpstra
Email: jht at samba.org
-------------- next part --------------
# Samba config file created using SWAT
# from 192.168.1.1 (192.168.1.1)
# Date: 2003/06/21 14:41:58
# Global parameters
[global]
workgroup = MIDEARTH
server string = Samba3
interfaces = eth0, lo
bind interfaces only = Yes
server schannel = Yes
passdb backend = tdbsam, guest
pam password change = Yes
passwd chat = *New*Password* %n\n *Re-enter*new*password* %n\n *Password*changed*
username map = /etc/samba/smbusers
password level = 8
username level = 8
unix password sync = Yes
log level = 1
syslog = 0
log file = /var/log/samba/%m
smb ports = 139 445
name resolve order = wins bcast hosts
time server = Yes
socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=8192 SO_RCVBUF=8192
printcap name = CUPS
disable spoolss = Yes
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupadd %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u
shutdown script = /var/lib/samba/scripts/shutdown.sh
abort shutdown script = /sbin/shutdown -c
logon script = scripts\logon.bat
logon path = \\%L\Profiles\%U
logon drive = H:
logon home = \\%L\%U
domain logons = Yes
os level = 35
preferred master = Yes
domain master = Yes
wins support = Yes
ldap ssl = no
utmp = Yes
panic action = export DISPLAY=localhost:0; /usr/bin/X11/xterm -e gdb /proc/%d/exe %d || /bin/sleep
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind separator = +
comment = Samba 3.0.0
hosts allow = 127., 192.168.1.
use sendfile = Yes
printing = cups
veto files = /*.eml/*.nws/riched20.dll/*.{*}/
veto oplock files = /*.doc/*.xls/*.mdb/
include = /etc/samba/machine.
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
[print$]
comment = Printer Drivers Share
path = /var/lib/samba/drivers
write list = jht, root
printer admin = jht, root
create mask = 0664
directory mask = 0775
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
admin users = root, jht
guest ok = Yes
nt acl support = No
browseable = No
blocking locks = No
csc policy = disable
locking = No
oplocks = No
level2 oplocks = No
posix locking = No
strict locking = No
share modes = No
[Profiles]
comment = Roaming Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes
[printers]
comment = All Printers
path = /var/spool/samba
printer admin = root, jht
create mask = 0600
guest ok = Yes
printable = Yes
use client driver = Yes
default devmode = Yes
browseable = No
[media]
comment = Public Stuff
path = /export2
read list = @users
write list = jht
read only = No
blocking locks = No
csc policy = disable
locking = No
oplocks = No
level2 oplocks = No
posix locking = No
strict locking = No
share modes = No
[data]
comment = Data Stuff
path = /export/data
write list = @ntadmin
read only = No
blocking locks = No
csc policy = disable
locking = No
oplocks = No
level2 oplocks = No
posix locking = No
strict locking = No
share modes = No
[cdr]
comment = CDR Production Files
path = /export/CDR
force user = root
read only = No
case sensitive = Yes
More information about the samba
mailing list