HowtoForge - Linux Howtos in English English|HowtoForge.de - Linux-Howtos auf Deutsch Deutsch

SAMBA (Domaincontroller) Server For Small Workgroups With Ubuntu 5.10 "Breezy Badger" - Page 5

Submitted by till (Contact Author) (Forums) on Wed, 2005-12-07 17:36. ::

Adding Users To Our SAMBA Domain

Now we will add a user, e.g. tom, to our Samba domain. You will have to add a user like this for each user account you want to connect to this SAMBA domain server.

1) Add a linux user tom:

useradd tom -m -G users

2) Add the linux user tom to the SAMBA password database:

smbpasswd -a tom


Adding Shares

Now I will add a share that is accessible by all users.

mkdir -p /home/shares/allusers
chown -R root:users /home/shares/allusers/
chmod -R ug+rwx,o+rx-w /home/shares/allusers/

At the end of the file /etc/samba/smb.conf add the following lines:

[allusers]
  comment = All Users
  path = /home/shares/allusers
  valid users = @users
  force group = users 
  create mask = 0660
  directory mask = 0771
  writable = yes

Now we restart Samba:

/etc/init.d/samba restart


Installing CUPS

If you want your SAMBA server to act as a print server also, you have to install and configure CUPS:

apt-get install cupsys cupsys-client cupsys-driver-gimpprint cupsys-driver-gimpprint-data defoma fontconfig foomatic-db foomatic-filters libcupsimage2 libexpat1 libfontconfig1 libfreetype6 libgimpprint1 libjpeg62 libpaper1 libpng12-0 libpoppler0c2 libslp1 libtiff4 patch perl perl-modules ttf-bitstream-vera ucf (1 line!)

To get access to the web interface from my workstation, I will change cups to listen on the Server IP.
Edit /etc/cups/cupsd.conf in the section Network Options:

Listen 127.0.0.1:631
Listen 192.168.0.100:631

Set AuthGroupName to shadow in the section Security Options:

AuthGroupName shadow

To allow access only from my admin workstation (IP: 192.168.0.70), I add Allow From 192.168.0.70 the security options and set AuthClass to Group:

<Location /admin>
#
# You definitely will want to limit access to the administration functions.
# The default configuration requires a local connection from a user who
# is a member of the system group to do any admin tasks.  You can change
# the group name using the SystemGroup directive.
#

AuthType Basic
AuthClass Group

## Restrict access to local domain
Order Deny,Allow
Deny From All
Allow From 127.0.0.1
Allow From 192.168.0.70

#Encryption Required
</Location>

Add the cupsys user to the shadow group:

adduser cupsys shadow

and restart the cups daemon:

/etc/init.d/cupsys restart

The cups webinterface is now accessible with any webbrowser from my workstation:

http://192.168.0.100:631/

Now I can login to the cups interface with username root and my root password.

Hint: If there is no linux driver available for your printer and you want to use this printer only from your windows workstations trough SAMBA, you can use the printer manufacturer RAW and install the correct driver on your windows workstation.

If you created a new printer in cups, you will have to add it to samba with the command:

cupsaddsmb -a

Have fun!


Links

All trademarks belong to their respective owner.

up

Copyright © 2005 Till Brehm
All Rights Reserved.
print: this | all page(s) | login or register to post comments | Email this page to a friend email this page | view as pdf view as pdf

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Please do not use the comment function to ask for help! If you need help, please use our forum: http://www.howtoforge.com/forums
Comments will be published after administrator approval.
Small suggestion to make it better ???
Submitted by Anonymous (Contact Author) (Forums) on Sat, 2006-07-22 14:06.
The tutorial is excellent.

A suggestion -- You might want to consider adding a note in the last section where smb users are added, a newbie, like me, might forget to add the user to the GROUP 'users' which ubuntu doesn't do automatically when you create new users. If you don't do this, you end up not being able to access the shared 'allusers' directory which at first is confusing.

login or register to post comments | Email this page to a friend email this page | view as pdf view as pdf
Joining the domain from Windows XP
Submitted by Anonymous (Contact Author) (Forums) on Sat, 2006-06-17 16:31.

I don't know if I was the only person that had these issues..

When trying to join the PC to the domain, I had to add it with the root login, then reboot, and login with the username I setup.


Apart from that though, a very nice tutorial and well done! Saved my ass :)

login or register to post comments | Email this page to a friend email this page | view as pdf view as pdf
Accessing CUPS using Web Interface
Submitted by Anonymous (Contact Author) (Forums) on Mon, 2006-05-08 17:45.

Great tutorial. There is one minor mistake that gave me some trouble.

Where it says:

The cups webinterface is now accessible with any webbrowser from my workstation:

http://192.168.0.100:631/

It should be:

http://192.168.0.100:631/admin

You may also need to "Allow From [server's IP]" under <Location /admin> in cupsd.conf.

In addition, I had to allow the same addresses under <Location /> for it to work properly.

login or register to post comments | Email this page to a friend email this page | view as pdf view as pdf
LDAP
Submitted by Anonymous (Contact Author) (Forums) on Mon, 2006-05-01 17:38.
Hey great howto... Recomended it to alot of people so far! When is the LDAP part going to be done?! I REALLY NEED IT! :)
login or register to post comments | Email this page to a friend email this page | view as pdf view as pdf
Where was this before?
Submitted by Anonymous (Contact Author) (Forums) on Mon, 2006-05-01 14:27.
I had set up a Samba PDC several months ago... I wish this was around then... It took me a week of evenings to finally get it working... And it really hasn't worked extremely reliably (ie I would get access denied at least once a day) until recently when I changed my PDC box from CentOS to Gentoo... No problems since then...
login or register to post comments | Email this page to a friend email this page | view as pdf view as pdf
overall a great howto
Submitted by Anonymous (Contact Author) (Forums) on Mon, 2006-04-24 23:01.

thanx for the gr8 howto!

my only quibble is, if its "cut-and-paste," (in other words, as easy as it gets) shouldn't there be instructions on how to configure the 2nd machine?

it just seems like there are so many howtos that say configure this, do that, edit this file... but without reasons why to do those things. it was more difficult for me because i got up to the part about changing /etc/network/interfaces, and i didn't know how many of the values to change. a little trial and error and it worked.

gentoo has great docs, they have explicit instructions, but take a time out to explain why. thats why their docs have been easier to understand, in my experience, than things for debian.

login or register to post comments | Email this page to a friend email this page | view as pdf view as pdf
Thank you
Submitted by Anonymous (Contact Author) (Forums) on Sat, 2006-04-08 06:35.

Thank you for an excellent walk-through for Ubuntu and Samba. I've been struggling with multiple linux distributions, trying to create a secure file server. Your tutorial saved me months of sleepless nights.


Thanks again,


Devan

login or register to post comments | Email this page to a friend email this page | view as pdf view as pdf
Unable to change user passord from client machine
Submitted by Anonymous (Contact Author) (Forums) on Sat, 2006-02-25 18:30.

Hi,

Let me say that this how-to is the best thing in a long time. I am installing a PDC at my school and everything is working execpt that when from a client Winxp client i press CRTL-ALT-DEL and try to change that user's password i enter the old one the new one twice and the press ok. The machine just hangs there waiting and waiting... and nothing. Is this happening to someone else??

Thanks,

José

login or register to post comments | Email this page to a friend email this page | view as pdf view as pdf
Change user password client machine
Submitted by Anonymous (Contact Author) (Forums) on Wed, 2006-05-10 15:02.

Hi,

Try to change the "passwd chat" line in smb.conf to this:

passwd chat = *password* %n\n *password* %n\n *success*

/punch

login or register to post comments | Email this page to a friend email this page | view as pdf view as pdf
sugestion
Submitted by Anonymous (Contact Author) (Forums) on Sat, 2006-02-04 23:57.

Sugestion:

Add the "foomatic-filters-ppds" package to the cups installation line, it will install the foomatic ppds.

login or register to post comments | Email this page to a friend email this page | view as pdf view as pdf
1
2
3
next page
last page