SAMBA (Domaincontroller) Server For Small Workgroups With Ubuntu 5.10 "Breezy Badger" - Page 4

Want to support HowtoForge? Become a subscriber!
 
Submitted by till (Contact Author) (Forums) on Wed, 2005-12-07 17:34. ::

Install And Configure The SAMBA Server

In order to install SAMBA, run

apt-get install samba samba-common samba-doc libcupsys2-gnutls10 libkrb53 winbind smbclient

Edit /etc/samba/smb.conf so that it looks like this

[global]
workgroup = MYWORKGROUP
netbios name = SERVER1
server string = %h server (Samba, Ubuntu)


passdb backend = tdbsam
security = user
username map = /etc/samba/smbusers
name resolve order = wins bcast hosts
domain logons = yes
preferred master = yes
wins support = yes

# Set CUPS for printing
printcap name = CUPS
printing = CUPS

# Default logon
logon drive = H:
logon script = scripts/logon.bat
logon path = \\server1\profile\%U


# Useradd scripts
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u
idmap uid = 15000-20000
idmap gid = 15000-20000


# sync smb passwords woth linux passwords
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
passwd chat debug = yes
unix password sync = yes

# set the loglevel
log level = 3


[homes]
comment = Home
valid users = %S
read only = no
browsable = no


[printers]
comment = All Printers
path = /var/spool/samba
printable = yes
guest ok = yes
browsable = no


[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
admin users = Administrator
valid users = %U
read only = no


[profile]
comment = User profiles
path = /home/samba/profiles
valid users = %U
create mode = 0600
directory mode = 0700
writable = yes
browsable = no

Remark: The "netbios name" in the smb.conf must be the same then the hostname of your server.

workgroup = MYWORKGROUP specifies the Windows domain that the Windows workstations use.

logon drive = H: is the drive letter under which the SAMBA share will appear in the Windows Explorer.

With logon script = scripts/logon.bat you can specify a Windows batch script that is executed as soon as a Windows workstation logs in. If the script does not exist, you can comment out that line.

Create the directories for domain logons and profiles:

mkdir /home/samba
mkdir /home/samba/netlogon
mkdir /home/samba/profiles
mkdir /var/spool/samba
chmod 777 /var/spool/samba/
chown -R root:users /home/samba/
chmod -R 771 /home/samba/

Now we restart Samba:

/etc/init.d/samba restart

Edit /etc/nsswitch.conf. Change the line:

hosts: files dns

to:

hosts: files wins dns

Add all computers of your workgroup in the /etc/hosts file on the server.

192.168.0.100 server1
192.168.0.110 workstation1
192.168.0.111 workstation2
192.168.0.112 workstation3
192.168.0.113 workstation4

Add the root user to the SAMBA password database. The root user (alias: Administrator) will be our domain administrator. This account is needed to add new computers to the SAMBA domain.

smbpasswd -a root

Create the file /etc/samba/smbusers and add the line by executing:

echo "root = Administrator" > /etc/samba/smbusers

This will allow us to use the common windows username "Administrator" as alias for the Linux root user.

Now I will test if the setup is correct:

smbclient -L localhost -U%

The output should look similar to this:

Domain=[MYWORKGROUP] OS=[Unix] Server=[Samba 3.0.14a-Ubuntu]

Sharename Type Comment
--------- ---- -------
netlogon Disk Network Logon Service
print$ Disk Printer Drivers
IPC$ IPC IPC Service (server1 server (Samba, Ubuntu))
ADMIN$ IPC IPC Service (server1 server (Samba, Ubuntu))
Domain=[MYWORKGROUP] OS=[Unix] Server=[Samba 3.0.14a-Ubuntu]

Server Comment
--------- -------
SERVER1 server1 server (Samba, Ubuntu)

Workgroup Master
--------- -------
MDKGROUP IPRG
MYWORKGROUP SERVER1

Setup the default domain groups for windows:

net groupmap modify ntgroup="Domain Admins" unixgroup=root
net groupmap modify ntgroup="Domain Users" unixgroup=users
net groupmap modify ntgroup="Domain Guests" unixgroup=nogroup


Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
Submitted by TaN (not registered) on Mon, 2009-09-28 14:12.
On /etc/samba/smb.conf  it's "prefered master" not "preffered master" :)
Submitted by joostvdl (registered user) on Tue, 2007-01-30 11:13.

    On samba 3.0.23 there is a change in the net groupmap functionality:

http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/ChangeNotes.html

 There fore the new command is:

net groupmap add ntgroup="Domain Admins" unixgroup=root
net groupmap add ntgroup="Domain Users" unixgroup=users
net groupmap add ntgroup="Domain Guests" unixgroup=nogroup

Submitted by Ran2004 (registered user) on Fri, 2006-08-25 06:14.
ta

Change the apt-get install command if you want to be able to mount shares from the windows machines in your network from the linux box:

apt-get install samba samba-common samba-doc libcupsys2-gnutls10 libkrb53 winbind smbclient smbfs

(that command should be run all on one line) 

Submitted by Anonymous (not registered) on Thu, 2006-03-16 07:39.

Don't forget to set your logon path option in /etc/samba/smb.conf to match the hostname you set your machine to.

Change:

logon path = \\server1\profile\%U

To:

logon path = \\<your hostname>\profile\%U

Obviously don't include the brackets < > around your actual hostname.


Submitted by juro (registered user) on Tue, 2006-10-03 15:43.

Use this syntax instead of hard-coding a name:

logon path = \\%N\profile\%U

Submitted by Anonymous (not registered) on Mon, 2006-04-24 20:11.

Remember also for roaming profiles to work you need to have subdirectory with the name of the user:

/home/profile/<your username>


Over the network:

\\<your hostname>\profile\<your username>

Any thoughts on creating this directory with the adduser script?

Submitted by Anonymous (not registered) on Fri, 2006-05-05 08:08.
I had trouble with Roaming profiles, to get it working ,and it does, you need to upload a profile to /home/samba/netlogon/Default\ User/ with widows profile upload, make sure you chowb -R root:users /home/samba/ and chomod -R 771 /home/samba/( with no user profiles or you will stop them working)). Then when users logon they get a default profile and folder in /home/samba/profile.
Submitted by Anonymous (not registered) on Fri, 2006-05-05 08:08.
I had trouble with Roaming profiles, to get it working ,and it does, you need to upload a profile to /home/samba/netlogon/Default\ User/ with widows profile upload, make sure you chowb -R root:users /home/samba/ and chomod -R 771 /home/samba/( with no user profiles or you will stop them working)). Then when users logon they get a default profile and folder in /home/samba/profile, which saves on logout.
Submitted by Anonymous (not registered) on Thu, 2006-03-16 07:31.
If you are using a router, which I assume you are, you will want to set your router to statically serve your server(s) and workstations the same IP address each time, in the router admin pages. On my D-Link DI-624, it was found on the 'Home' tab under DHCP... Match the IP addresses with the ones you entered in the /etc/hosts file in the above instructions.