[Samba] pdc configuration
sato x
garasi9 at gmail.com
Sat Mar 24 15:18:51 GMT 2007
Hi John,
Of course you don't need that to join the machine into the domain (you just
need root and its smbpassword). But last year when I started creating a PDC
(samba-3.0.20b-3.3) with LDAP backend (of course it has nothing to do with
LDAP), I found out that I could not login into the computer (the domain).
But after I'd configure that Domain member matters, I could. It was even
stated in samba.org tutorial, if I'm not mistaken, but they prefer changing
the registry.
Other thing, some times you'll find yourself fail to join a machine into the
domain, even if the configuration above is right. You can do a trick to add
your PDC ip address (that operates as a wins server either) in your network
configuration in the WINS part. Thank you for your information.
Regards,
sato
On 3/24/07, Jon Wilson <iambiscuit at gmail.com> wrote:
>
> Hi all,
>
> just read this thread and sparked a couple thoughts ...
>
> Re: {Digitally encrypt...,> Digitally encrypt secure, Digitally sign
> ... } options
> I'm not starting an argument here or saying you are wrong, merely
> making the observation that I've never had to do this to make any of
> our 350 workstations join the domain ... well not that I can remember
> anyhow.
>
> Also:
> Re: > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>
> And here is my question I guess ...
>
> I *thought* I've recently read the O_RCVBUF=8192 SO_SNDBUF=8192
> options shouldnt be used on 2.6 kernels. Have I got the wrong end of
> the stick here or is this the case ?
>
> Many thanks
>
> /Jon
>
>
> On 24/03/07, sato x <garasi9 at gmail.com> wrote:
>
> > Hi...
> >
> > Don't forget the [netlogon] share in smb.conf. You will need that for
> your
> > windows users to login into the domain. All login script should be
> placed
> > there; or if you didn't want any login script, just leave it empty. BUT,
> you
> > must have it, no matter how.
> >
> > Other story, for winXP Pro to login into domain, you would have to
> change
> > something in registry or in local security settings (within
> Administrative
> > Tools) (it has something to do with Domain member: {Digitally
> encrypt...,
> > Digitally encrypt secure, Digitally sign ... } options. You can access
> it
> > via Security Settings > Local Policies > Security Options. Just set the
> > values to disable). Don't forget to join the machine into the domain.
> >
> > WinXP Home cannot join the domain, but you can still access the share in
> the
> > domain automatically after you login into your local domain (I mean,
> your
> > WinXP Home local domain/workgroup). Create a local user with password as
> > same as the one in the PDC. Then create a machine account for your WinXP
> > Home directly in your PDC (in term of WinXP Pro, join the machine into
> the
> > domain). As for win98/Me, no need to worry about the WinXP issue. Hope
> it
> > can help.
> >
> > Regards,
> >
> > sato
> >
> > On 3/22/07, Asier Baranguán <abaranguan at elpagestion.com> wrote:
> > >
> > > fharrington at ocln.org escribió:
> > > >
> > > > Hello,
> > > >
> > > > I am using the February 15, 2002 document by Andrew Bartlett titled
> > > Using
> > > > Samba as a PDC.
> > > >
> > > > Having difficulty, is there a more recent document or guidelines ? I
> am
> > > > getting access denied - shares have worked but not the PDC part.
> > > >
> > > > below is the smb.conf without comments:
> > > >
> > > > #begin smb.conf
> > > > workgroup = CENTOS
> > > > server string = Samba Server
> > > > hosts allow = 192.199.2.
> > > >
> > > > printcap name = /etc/printcap
> > > > load printers = yes
> > > > cups options = raw
> > > > log file = /var/log/samba/%m.log
> > > > max log size = 50
> > > > security = user
> > > > encrypt passwords = yes
> > > > domain logons=yes
> > > > unix password sync = Yes
> > > > passwd program = /usr/bin/passwd %u
> > > > socket options = TCP_NODELAY SO_RCVBUF=8192
> > > > SO_SNDBUF=8192
> > > > dns proxy = no
> > >
> > > You must add the following to become a PDC:
> > >
> > > ### PDC
> > > domain master = yes
> > > domain logons = yes
> > > preferred master = yes
> > > local master = yes
> > > os level = 100
> > >
> > > If you have Windows clients add:
> > >
> > > wins support = yes
> > > name resolve order = wins hosts lmhosts bcast
> > >
> > > --
> > > To unsubscribe from this list go to the following URL and read the
> > > instructions: https://lists.samba.org/mailman/listinfo/samba
> > >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/listinfo/samba
> >
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list