SAMBA (Domaincontroller) Server For Small Workgroups With Ubuntu 5.10 "Breezy Badger" - Page 4

Want to support HowtoForge? Become a subscriber!
 
Submitted by till (Contact Author) (Forums) on Wed, 2005-12-07 17:34. ::

Install And Configure The SAMBA Server

In order to install SAMBA, run

apt-get install samba samba-common samba-doc libcupsys2-gnutls10 libkrb53 winbind smbclient

Edit /etc/samba/smb.conf so that it looks like this

[global]
   workgroup = MYWORKGROUP
   netbios name = SERVER1
   server string = %h server (Samba, Ubuntu)

   
   passdb backend = tdbsam
   security = user
   username map = /etc/samba/smbusers
   name resolve order = wins bcast hosts
   domain logons = yes
   preferred master = yes
   wins support = yes
   
   # Set CUPS for printing
   printcap name = CUPS
   printing = CUPS
   
   # Default logon
   logon drive = H:
   logon script = scripts/logon.bat
   logon path = \\server1\profile\%U


   # Useradd scripts
   add user script = /usr/sbin/useradd -m %u
   delete user script = /usr/sbin/userdel -r %u
   add group script = /usr/sbin/groupadd %g
   delete group script = /usr/sbin/groupdel %g
   add user to group script = /usr/sbin/usermod -G %g %u
   add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u
   idmap uid = 15000-20000
   idmap gid = 15000-20000


   # sync smb passwords woth linux passwords
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
   passwd chat debug = yes
   unix password sync = yes
   
   # set the loglevel
   log level = 3


[homes]
   comment = Home
   valid users = %S
   read only = no
   browsable = no


[printers]
   comment = All Printers
   path = /var/spool/samba
   printable = yes
   guest ok = yes
   browsable = no


[netlogon]
   comment = Network Logon Service
   path = /home/samba/netlogon
   admin users = Administrator
   valid users = %U
   read only = no


[profile]
   comment = User profiles
   path = /home/samba/profiles
   valid users = %U
   create mode = 0600
   directory mode = 0700
   writable = yes
   browsable = no

Remark: The "netbios name" in the smb.conf must be the same then the hostname of your server.

workgroup = MYWORKGROUP specifies the Windows domain that the Windows workstations use.

logon drive = H: is the drive letter under which the SAMBA share will appear in the Windows Explorer.

With logon script = scripts/logon.bat you can specify a Windows batch script that is executed as soon as a Windows workstation logs in. If the script does not exist, you can comment out that line.

Create the directories for domain logons and profiles:

mkdir /home/samba
mkdir /home/samba/netlogon
mkdir /home/samba/profiles
mkdir /var/spool/samba
chmod 777 /var/spool/samba/
chown -R root:users /home/samba/
chmod -R 771 /home/samba/

Now we restart Samba:

/etc/init.d/samba restart

Edit /etc/nsswitch.conf. Change the line:

hosts: files dns

to:

hosts: files wins dns

Add all computers of your workgroup in the /etc/hosts file on the server.

192.168.0.100 server1
192.168.0.110 workstation1
192.168.0.111 workstation2
192.168.0.112 workstation3
192.168.0.113 workstation4

Add the root user to the SAMBA password database. The root user (alias: Administrator) will be our domain administrator. This account is needed to add new computers to the SAMBA domain.

smbpasswd -a root

Create the file /etc/samba/smbusers and add the line by executing:

echo "root = Administrator" > /etc/samba/smbusers

This will allow us to use the common windows username "Administrator" as alias for the Linux root user.

Now I will test if the setup is correct:

smbclient -L localhost -U%

The output should look similar to this:

Domain=[MYWORKGROUP] OS=[Unix] Server=[Samba 3.0.14a-Ubuntu]

        Sharename       Type      Comment
        ---------       ----      -------
        netlogon        Disk      Network Logon Service
        print$          Disk      Printer Drivers
        IPC$            IPC       IPC Service (server1 server (Samba, Ubuntu))
        ADMIN$          IPC       IPC Service (server1 server (Samba, Ubuntu))
Domain=[MYWORKGROUP] OS=[Unix] Server=[Samba 3.0.14a-Ubuntu]

        Server               Comment
        ---------            -------
        SERVER1              server1 server (Samba, Ubuntu)

        Workgroup            Master
        ---------            -------
        MDKGROUP             IPRG
        MYWORKGROUP          SERVER1

Setup the default domain groups for windows:

net groupmap modify ntgroup="Domain Admins" unixgroup=root
net groupmap modify ntgroup="Domain Users" unixgroup=users
net groupmap modify ntgroup="Domain Guests" unixgroup=nogroup

up

Copyright © 2005 Till Brehm
All Rights Reserved.
add comment | view as pdf view as pdf | print: this | all page(s)
Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
Error on page
Submitted by TaN (not registered) on Mon, 2009-09-28 14:12.
On /etc/samba/smb.conf  it's "prefered master" not "preffered master" :)
reply | view as pdf view as pdf
Change net groupmap (samba 3.0.23)
Submitted by joostvdl (registered user) on Tue, 2007-01-30 11:13.

    On samba 3.0.23 there is a change in the net groupmap functionality:

http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/ChangeNotes.html

 There fore the new command is:

net groupmap add ntgroup="Domain Admins" unixgroup=root
net groupmap add ntgroup="Domain Users" unixgroup=users
net groupmap add ntgroup="Domain Guests" unixgroup=nogroup

reply | view as pdf view as pdf
Change the apt-get install command...
Submitted by Ran2004 (registered user) on Fri, 2006-08-25 06:14.
ta

Change the apt-get install command if you want to be able to mount shares from the windows machines in your network from the linux box:

apt-get install samba samba-common samba-doc libcupsys2-gnutls10 libkrb53 winbind smbclient smbfs

(that command should be run all on one line) 

reply | view as pdf view as pdf
logon path
Submitted by Anonymous (not registered) on Thu, 2006-03-16 07:39.

Don't forget to set your logon path option in /etc/samba/smb.conf to match the hostname you set your machine to.

Change:

logon path = \\server1\profile\%U

To:

logon path = \\<your hostname>\profile\%U

Obviously don't include the brackets < > around your actual hostname.


reply | view as pdf view as pdf
logon path
Submitted by juro (registered user) on Tue, 2006-10-03 15:43.

Use this syntax instead of hard-coding a name:

logon path = \\%N\profile\%U

reply | view as pdf view as pdf
Remember also for roaming p
Submitted by Anonymous (not registered) on Mon, 2006-04-24 20:11.

Remember also for roaming profiles to work you need to have subdirectory with the name of the user:

/home/profile/<your username>


Over the network:

\\<your hostname>\profile\<your username>

Any thoughts on creating this directory with the adduser script?

reply | view as pdf view as pdf
Roaming Profiles
Submitted by Anonymous (not registered) on Fri, 2006-05-05 08:08.
I had trouble with Roaming profiles, to get it working ,and it does, you need to upload a profile to /home/samba/netlogon/Default\ User/ with widows profile upload, make sure you chowb -R root:users /home/samba/ and chomod -R 771 /home/samba/( with no user profiles or you will stop them working)). Then when users logon they get a default profile and folder in /home/samba/profile.
reply | view as pdf view as pdf
Roaming Profiles
Submitted by Anonymous (not registered) on Fri, 2006-05-05 08:08.
I had trouble with Roaming profiles, to get it working ,and it does, you need to upload a profile to /home/samba/netlogon/Default\ User/ with widows profile upload, make sure you chowb -R root:users /home/samba/ and chomod -R 771 /home/samba/( with no user profiles or you will stop them working)). Then when users logon they get a default profile and folder in /home/samba/profile, which saves on logout.
reply | view as pdf view as pdf
Workstation IPs
Submitted by Anonymous (not registered) on Thu, 2006-03-16 07:31.
If you are using a router, which I assume you are, you will want to set your router to statically serve your server(s) and workstations the same IP address each time, in the router admin pages. On my D-Link DI-624, it was found on the 'Home' tab under DHCP... Match the IP addresses with the ones you entered in the /etc/hosts file in the above instructions.
reply | view as pdf view as pdf