[Samba] Enter or quit a samba's domain in pdc

[Edmundo Valle Neto]

BACQUEZ escreveu:
> Hello
>   

Hello

> I configured my domain under samba pdc. with bind and dhcpd for the network,
> and samba for the sharing. Having correctly configured the global (I think,
> because in workgroup it works very good, and testparm finds me no error), I
> obtain following both problems:
>
>  
>
> 1.	Refusal to join the domain. I modified well the key in my Windows, I
>   

What key in your Windows? There isnt any need to change any key to make 
a Windows client join a domain since the first version of samba 3 (I am 
talking about several years). You can search the samba list history and 
see that beeing asked several times.

> was kind enough to change domain. That recognized it because I fell at
> request of account of the domain samba. But at the time of entering my root
> and its password, I have the error message: "name of untraceable user ". The
> root account exists well. But on the other hand not the account of the
> machine. If I enter well the machine the users samba ( Adduser then
> smbpasswd), I manage to enter the domain. Nevertheless, on my smb.conf, I
> indeed have this:
>   

What the log says? If you are saying that the account really exists, 
does samba accepts at least the root user list the server shares 
locally? "smbclient -L localhost -U root". What "pdbedit -Lv root" 
shows? "Samba by Example" has several examples step by step to configure 
a server.

> add machine script = /srv/samba/addmachine.sh
>
>  
>
> With the script "addmachine.sh" like that:
>
>  
>
> # /bin/bash 
> # 
> /usr/sbin/useradd -d /dev/null -G machines -s /bin/false -M %m$ 
> smbpasswd -a -m %m$
>   

Well, Im not a bash script guru, but I really dont know what %m$ means. 
Principally inside a script to which wasnt passed any parameter 
(parameters are referenced by %1, %2, etc). About your script, have you 
really readed the samba docs, the part that shows how to join clients 
automatically, and what should be in that line?

> I don't want enter all the netbios of my machines to join with the hand, one
> by one.
>   

Its in the docs, it shows all available ways.

> 2.	Go out of the domain. When I am finally in the domain (by adding the
> post in the users samba), I created an account administrator with an uid of
> 0, which has him a reel counts on the server (personal home). I joined it to
> the group @administrators, which have rights of administration with the
> line. (in the smb.conf) :
>
>            admin users = @admins
>   

Search about "privileges" and the option "enable privileges = yes" in 
the docs. This option make the users operations be executed as root on 
the share only.

>  
>
> But when I want to go out of the domain, I have grey buttons under title:
> "you must have to have an administrator account to be able to modify the
> domain". I'm a basic user on my machine, and unable to modify some important
> parameters of my machine: domain, ip adress, . I'm obliged to connect me in
> local administrator to be able to make it.
>   

Well, seams pretty obvious that you must be a local administrator of the 
machine to change any network setting. Or you can search howw to change 
the Windows policies to allow other users to do what you want.

> Sorry for my English. I hope to be readable.
>
>
>  
>
>  
>
> David BACQUEZ
>
> BORDEAUX (France)

Edmundo Valle Neto