[Samba] Adding a Samba Domain Server
Chris Hane
chrishane at gmail.com
Wed Dec 13 02:12:35 GMT 2006
I have a Samba PDC setup using LDAP as the passdb. I want to add
another Samba server to the mix. I believe I want to add it in as a
Domain Server; however, I can't seem to get it working.
On the PDC server I am running:
- linux (2.6.latest)
- openldap (latest)
- samba (3.latest)
- nss
On the Domain Server I am running:
- samba (latest 3.latest)
- nss
I thought someone might see something obvious in my smb.conf
(particularly the second one below for the domain server). I am going
to try starting from scratch tomorrow and any advice is appreciated.
Thanks in advance,
Chris....
==================================================================
SMB.CONF for the PDC
[global]
workgroup = SFS1
netbios name = SFSPDC
encrypt passwords = Yes
hide dot files = Yes
null passwords = Yes
enable privileges = yes
interfaces = 192.168.0.28
server string = SFSMAIL PDC
security = user
local master = yes
os level = 33
hosts allow = 192.168.0. 127.
loglevel = 2
log file = /var/log/samba/log.%m
debug timestamp = yes
domain master = yes
domain logons = yes
#winbind use default domain=yes
logon path =
wins support = yes
passdb expand explicit = no
ldap passwd sync = Yes
passdb backend = ldapsam:"ldap://127.0.0.1/ ldap://itsolut.com/"
ldap admin dn = cn=admin,dc=com
ldap suffix = ou=sfsmail,dc=com
ldap group suffix = ou=Groups
ldap user suffix = ou=people
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=people
#ldap idmap suffix = ou=Idmap
#idmap backend = ldap://itsolut.com
#idmap uid = 2000 - 3000
#idmap gid = 2000 - 3000
#ldap ssl = start_tls
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
add machine script = /usr/sbin/smbldap-useradd -w %u
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
[homes]
comment = Home Directories
valid users = %U
read only = No
create mask = 0664
directory mask = 0775
browseable = No
writeable = yes
path = /home/samba/users/%U
[netlogon]
path = /home/samba/netlogon
browseable = no
guest ok = yes
read only = yes
==================================================================
NSSSWITCH.CONF for PDC
passwd: files ldap
group: files ldap
shadow: files ldap
publickey: files
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: db files
==================================================================
SMB.CONF for Domain Server
[global]
workgroup = SFS1
server string = SFS STORAGE SERVER
netbios name = storage1
security = domain
password server = 192.168.0.28
encrypt passwords = Yes
hosts allow = 192.168.0. 127.
log file = /var/log/samba/log.%m
loglevel = 3
max log size = 50
debug timestamp = yes
;password server = 192.168.0.28
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
interfaces = 192.168.0.25
; local master = no
; os level = 33
domain master = no
; preferred master = yes
; domain logons = yes
; wins support = yes
wins server = 192.168.0.28
wins proxy = yes
passdb expand explicit = no
ldap passwd sync = Yes
passdb backend = ldapsam:"ldap://192.168.0.28/"
ldap admin dn = cn=admin,dc=com
ldap suffix = ou=sfsmail,dc=com
ldap group suffix = ou=Groups
ldap user suffix = ou=people
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Idmap
#idmap backend = ldap:ldap://192.168.0.28
#idmap uid = 10000-20000
#idmap gid = 10000-20000
add machine script = /usr/sbin/smbldap-useradd -w %u
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
add group script = /usr/sbin/smbldap-groupadd -p "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
==================================================================
NSSSWITCH.CONF for Domain Server
passwd: files ldap
group: files ldap
shadow: files ldap
publickey: files
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: db files
More information about the samba
mailing list