[Samba] Join Windows machines to a Samba3 domain

Rowland Penny rowlandpenny at googlemail.com
Fri Jan 17 04:05:42 MST 2014 

On 17/01/14 10:41, Lea Massiot wrote:
> Below is what I posted yesterday without the "raw" tags.
>
> Below are some details about the Samba3 configuration which usually works
> for me.
>
> === MAIN CONFIGURATION FILE /etc/smb.conf ===
>
> [global]
>     workgroup = MY_DOMAIN
>     server string = %h Samba server
>     log level = 1
>     log file = /var/log/samba/log.%m
>     max log size = 1000
>     socket options = TCP_NODELAY IPTOS_LOWDELAY
>     logon path =
>     logon home =
>     domain logons = yes
>     os level = 254
>     preferred master = yes
>     domain master = yes
>     local master = yes
>     remote browse sync = yes
>     passdb backend = v
>
> [my_partage]
>     comment = my_partage
>     path = /my_partage
>     force group = domadm
>     read only = no
>     create mask = 0664
>     directory mask = 0775
>     guest ok = yes
>
> === DOMAIN USERS' GROUP ===
>
> I add a "domadm" group.
>
> root> groupadd domadm
> root> net groupmap add ntgroup="Domain Admins" unixgroup=domadm rid=512
> type=d
>
> I add the users the "domadm" group in "/etc/group":
> domadm:x:1001:<username1>,<username2>,<username3>
>
> === MACHINES ===
>
> root> groupadd machines
>
> I add the machines on the LAN using the two commands:
> root> useradd -g machines -s /dev/null -d /bin/false <machine_name>$
> root> smbpasswd -a -m <machine_name>$
>
> === USERS ===
>
> I add the users using the two commands:
> root> useradd <username>
> root> smbpasswd -a <username>
>
> === SHARE ===
>
> root> mkdir -p /<my_partage>
> root> chown <username>:domadm /<my_partage>
> root> chmod g+w /<my_partage>
>
>
> Below are some details about the BIND9 server and DHCPD server
> configurations which usually works for me.
>
> - I have two zone files for name resolution and reverse name resolution.
> - The BIND9 and DHCPD are set to work together: when an IP is delivered by
> the DHCPD server to a client machine, the BIND9 zone files are updated
> automatically.
>
> Thank you for helping.
> Best regards.
>
>
>
> --
> View this message in context: http://samba.2283325.n4.nabble.com/Join-Windows-machines-to-a-Samba3-domain-tp4659356p4659447.html
> Sent from the Samba - General mailing list archive at Nabble.com.
OK, this time I can see your smb.conf, but I do not understand it, what 
is this:

passdb backend = v

I have never heard of this backend, also you do not seem to have the 
'netlogon' share that is required to be a PDC.
I personally think that you were actually running a workgroup, not a 
domain and cannot see how you can get from there to an AD domain. With 
only 6 users, you might as well start from scratch, set up a new samba4 
AD server, create the 6 users in AD and then join the 20 machines to the 
AD, this in the long run is probably  going to be the easiest way out.

Rowland

More information about the samba mailing list