[Samba] NT4-style PDC was (no subject)

Rowland penny rpenny at samba.org
Thu May 23 20:44:11 UTC 2019 

On 23/05/2019 21:22, Rafael Lenharo via samba wrote:
> Hi all,
>
> I installed SAMBA 4.8.3 on CentOS 7.6.1810 to be a domain controller and
> shared directories. How do I configure it to require IP, username, and
> password to access shared directories without having to inform the domain?

If your OS wasn't Centos, I would say it would be easier to set up an AD 
domain instead, but unless you can find Samba RPMS that will provision 
an AD domain or are prepared to compile Samba yourself, then you are 
stuck with an NT4-Style PDC.

Coming back to your problem, I think you mean that you want users to be 
able to access your Samba server without their computers joining the 
domain, if this is the case, then you might be better off running Samba 
as a standalone server.

>
> smb.conf file:
>
> [global]
>          workgroup = T12
>          server string = Samba Server Version %v
>          netbios name = 165.8.104.12
Is your computers short hostname really '165.8.104.12' ? It looks more 
like its ipaddress, you should be aware that you should have dots in the 
netbios name.
>          interfaces = 165.8.104.12
>          hosts allow = 165.8.104. 127.0.0.1
>          log level = 2
>          log file = /var/log/samba/log.%m
>          max log size = 50
>          security = user
>          passdb backend = tdbsam
>          domain master = yes
>          domain logons = yes
>          logon script = %U.bat
>          logon path = \\165.8.104.12\Profiles\%U
>          logon drive = z:
>          add machine script = /usr/sbin/useradd -n -c "Workstation
> (%u)" -M -d /nohome -s /bin/false "%u"
>          local master = yes
>          os level = 64
>          preferred master = yes
>          wins support = yes
>          load printers = yes
>          cups options = raw
>          create mask = 775
>          directory mask = 775
>          ntlm auth = yes

> [homes]
>          comment = Home Directories
>          path = /data/users/%u
>          browseable = no
>          writeable = yes

> [printers]
>          comment = All Printers
>          path = /var/spool/samba
>          browseable = No
>          guest ok = no
>          writeable = no
>          printable = Yes

> [netlogon]
>          comment = Network Logon Service
>          path = /data/users/netlogon
>          guest ok = yes
>          public = no
Are you aware that 'guest ok' is a synonym for 'public' and you are 
allowing guest access and then immediately turning it off ;-)
>          writable = no
>          browsable = no

> [Profiles]
>          comment = User Profiles
>          path = /data/users/Profiles
>          create mode = 0600
>          directory mode = 0700
>          writable = yes
>          browseable = no

> [public]
>          comment = Public Area
>          path = /data/public
>          public = yes
>          writable = yes
>          printable = no

Rowland

More information about the samba mailing list