[Samba] samba windows domain controller

Evan Ingram evan.ingram at cariss.co.uk
Tue Apr 29 13:45:07 GMT 2008 

Hi

I want windows machines to automatically be added into samba when they
try to attach to the domain. Had various problems with root account not
being accepted. 

Can anyone spot anything glaringly obviously wrong in my config that
follows. 
Cheers 




[global]
        name resolve order = wins bcast hosts 
        ldap ssl = no
        passwd chat = *New*password* %n\n *Retype*new*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
        idmap gid = 500-550
        admin users = root 
        obey pam restrictions = no
        client schannel = no
        passwd program = /usr/bin/passwd %u
        dns proxy = No
        netbios name = sss-server
        writeable = yes
        printing = lprng
        idmap uid = 500-2000
        logon script = user.bat
        workgroup = domain
        debug level = 3
        os level = 65
        getwd cache = yes
        log file = /var/log/samba/%m.log
        guest account = root 
        socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
        sync always = yes
        map to guest = never
        null passwords = yes
        domain master = Yes
        encrypt passwords = yes
        public = yes
        realm = domain
        wins support = true
        netbios aliases = sss-server
        server string = sss-server
        add user script = /usr/sbin/useradd -g machines -c NTMachine
-d /dev/null -s /bin/false %m$ && /usr/bin/smbpasswd -a -m %m$
        domain logons = Yes
        pam password change = Yes
        # DOMAIN ADMIN GROUP added to allow root as local admin
        domain admin group = root

[homes]
        comment = Home Directories
        valid users = %S
        read only = No
        create mask = 0664
        directory mask = 0775
        browseable = No
[netlogon]
        comment = Network Logon Service
        share modes = No
        public = yes
        path = /usr/local/samba/netlogon

[Profiles]
        nt acl support = yes
        browseable = no
        delete readonly = yes
        path = /usr/local/samba/profiles
        force group = root
        force user = root
        comment = Network Profiles Service
        create mode = 0600
        directory mode = 0700

[root_dir]
        comment = root dir mark only
        delete readonly = yes
        path = /

[data]
        force user = root
        comment = Data Directory
        path = /home/data/
        force group = root

More information about the samba mailing list