[Samba] FreeBSD fileserver and NT4 domain

Mike mich at bomb.dk
Fri Oct 13 13:18:19 GMT 2006


After days of searching - roaming forums and newsgroup - trying
countless configurations - I finally capitulate and ask the question

I've got a working NT4 domain - and would like to change our current NT
fileserver, with samba powered FreeBSD box.

Samba: samba-3.0.23c (with pam_winbind patch)

I would like to create a simple share, in which all users can create a
folder - that in turn, they themselves only have access to.

My latest attempt of a configuration looks like so:
         workgroup = ICOM
         netbios name = BSDPDC
         server string = FreeBSD Fileserver
         ;interfaces =
         socket options = TCP_NODELAY IPTOS_LOWDELAY
         ;hosts allow = 192.168.200., 172.16.200., localhost
         security = domain

         password server =
         passdb backend = tdbsam
         passwd program = /usr/bin/passwd -l %u
         passwd chat = *Password* %n\n *Password* %n\n *Changed*\n
         unix password sync = Yes
        ; username map = /usr/local/etc/samba/smbusers

         log level = 1
         log file = /var/log/samba/%m.log
         max log size = 50

         load printers = no
         ;printing = cups
         ;printcap name = cups
         ;logon script = netlogon.cmd
         ;logon path = \\%L\profiles\%U
         ;logon drive = H:
         ;logon home = \\%L\%U
         domain logons = no
         os level = 99
         preferred master = no
         domain master = no
         ;local master = no
         wins support = no
         wins server =
         dns proxy = no

         admin users = root
         hide unreadable = Yes
         create mask = 0644
         add group script = /usr/local/etc/samba/smbgrpadd.sh "%g"
         delete group script = /usr/sbin/pw "%g"

         veto oplock files = /*.doc/*.xls/*.mdb/

    comment = Home Directory
    path = /home/HOME
    public = yes
    writable = yes
    printable = no
    read only = no

    comment = Citrix Profiles
    path = /home/profiles
    public = yes
    writable = yes
    printable = no
    read only = no

net rpc join -D ICOM -U administrator  -- seems to work - as it confirms
the connection to the domain.
root at bsdpdc local/etc# wbinfo -u |wc -l

log files are not being helpful.. 

Any help much appriciated !



