Samba as domain controller

Discussion in 'Suggest HOWTO' started by alex, Apr 20, 2005.

  1. alex

    alex New Member

    Does anyone know of a howto that describes how to install Samba as a domain controller?

    Alex
     
  2. dante

    dante New Member

    yes, i am looking for this as well. please could one of the mod's reply to this, i need to get this running and im haveing a little trouble. Debian based with samba 3 - 2.4 kernel..

    thanx in advanced

    :D :eek: :)
     
  3. dranieri

    dranieri New Member

  4. zarkann

    zarkann New Member

    i hope you already figured out how to put samba as a PDC ,

    i have found that few weeks ago when i was wondering the same

    http://www.samba.netfirms.com/PDC.htm


    i'm sure it will help people that asking the same question to themself :)
     
  5. ajay05

    ajay05 New Member

    What about a howto on the installation of a web front end for managing a SAMBA PDC
    such as Idealx Management Console (Samba Console) I think that would be a challenge coz i've been tryin to install that for months now...
     
  6. decibel

    decibel New Member

    I am using samba 3 as pdc for 2 years now. It was a little bit tricky the first time but in the end it was just a game.
     
  7. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

  8. rbelk

    rbelk New Member

    The tutorial on howtoforge.com does not appear to be complete though. Don't you have to add accounts for the windows pc's also.
     
  9. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    The Howto is complete. If you join the domain with a windows PC, the machine account is created automatically by the add machine script defined in the samba.conf.
     
  10. rbelk

    rbelk New Member

    I copied this from the howto

    # Useradd scripts
    add user script = /usr/sbin/useradd -m %u
    delete user script = /usr/sbin/userdel -r %u
    add group script = /usr/sbin/groupadd %g
    delete group script = /usr/sbin/groupdel %g
    add user to group script = /usr/sbin/usernod -G %g %u
    add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u
    idmap uid = 15000-20000
    idmap gid = 15000-20000

    Is the bold line correct? I don't have a command "/usr/sbin/usernod".
     
  11. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    The correct line is:

    add user to group script = /usr/sbin/usermod -G %g %u

    I corrected it in the howto. I have the wrong line here on my test server for this howto too, so this error does not prevent machines from being added to the domain (in my installation).
     
  12. rbelk

    rbelk New Member

    I've gotten a little further, but I'm still getting the same error.
    -------------------------------------------------------------------
    The following error occurred attempting to join the domain "HOME":
    Logon Failure: unknown user name or password.

    But, it did add the host to /etc/passwd

    The logs give a little more information....
    -------------------------------------------------------------------
    Dec 12 06:41:13 mydeb nss_wins[12336]: [2005/12/12 06:41:13, 0] passdb/pdb_tdb.c:tdb_update_sam(610)
    Dec 12 06:41:13 mydeb nss_wins[12336]: tdb_update_sam: Failing to store a SAM_ACCOUNT for [mypc$] without a primary group RID
    Dec 12 06:41:13 mydeb nss_wins[12336]: [2005/12/12 06:41:13, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2350)
    Dec 12 06:41:13 mydeb nss_wins[12336]: could not add user/computer mypc$ to passdb. Check permissions?
     
    Last edited: Dec 12, 2005
  13. rbelk

    rbelk New Member

    I did find the problem. It was in the TDB database. When I did a "pdbedit -Lv" I noticed that the domain that was listed in the users data was different than what was in smb.conf. I changed the domian in smbf.conf to the one that was shown in the TDB database and it worked. BTW, the domain in the TDB database was the hostname of my server!
     
  14. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Yes, in the howto the samba domain is identic with the hostname. I will add a remark to the howto.
     

Share This Page