Quantcast

Maximum PC

It is currently Thu Sep 18, 2014 4:43 am

All times are UTC - 8 hours




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: LINUX - Samba: Making a New Domain
PostPosted: Fri Jun 11, 2004 7:47 am 
Professional Dork
Professional Dork
User avatar

Joined: Tue May 25, 2004 12:44 pm
Posts: 1246
Location: Cornhole County
Originally posted by colby

Most of the Windows Domain stuff is done in your smb.conf. In the [global] section, add:

# make sure netbios knows who you are.
netbios name =

# this "fakes" the OS so that we can be a PDC to our clients
os level = 64

# you are the PDC!
preferred master = yes

# you are the local DC!
local master = yes

# you process logons!
domain logons = yes

# this is the path to user profiles
# if you do not want roaming profiles, leave this out
logon path = \\%N\profiles\%u

# drive to mount the user's home drive to... H is for Home
logon drive = H:

# this is the path to the user's home directory
logon home = \\%N\%u

# script to run when users log on (to mount their home dir, etc)
logon script = logon.cmd

# people who should have domain admin privs
domain admin group =

# since computers need to be added to your system to log users on
# to the domain, this makes it automatic.
add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u

The workgroup listing is going to be the domain people connect to, change this accordingly.

You will need to add a netlogon directory that is accessible by a share in order for your domain to work correctly. Make sure this directory exists and is readable by all users. This is where you will put the script "logon.cmd" above.


[netlogon]
path = /usr/local/samba/lib/netlogon
writeable = no
write list = administrator

If you enabled roaming profiles above, you need to make that accessible by users too. You want to make sure that for each profile, the user can read/write it.


[profiles]
path = /usr/local/samba/ntprofile
writeable = yes
create mask = 0600
directory mask = 0700

For the home directories referenced above, you can use the default samba homes share (provided the users have a home on your system).

After you made those changes, make sure the directories exist with the right permissions. Your logon.cmd could be empty, but if you reference it make sure it exists. When you're done, restart samba.

Make sure you use smbpasswd for users to make sure they can logon to samba "stuff". You may also need to do this for computer accounts if the auto add line above doesn't work. When you are adding computer accounts, don't forget the $ at the end, and they don't really need passwords (just hit enter).


Top
  Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group