Samba Domaincontroller For Small Workgroups With SWAT On Fedora 8

Version 1.0
Author: Oliver Meyer <o [dot] meyer [at] projektfarm [dot] de>

This document describes how to set up and configure a Samba Domaincontroller for small workgroups (up to 250 users) on Fedora 8 with the Samba Web Administration Tool. The resulting system provides an easy to manage domaincontroller for your Windows network.

This howto is a practical guide without any warranty - it doesn't cover the theoretical backgrounds. There are many ways to set up such a system - this is the way I chose.


1 Preliminary Note

I used a minimal Fedora 8 installation without GUI etc for this howto. Additionally I had to deinstall Firefox after the minimal installation.



2 Preparation

2.1 Yum

First we install some packages to speed up yum and prevent problems with packages.

yum install yum-fastestmirror yum-skip-broken


2.2 SELinux

SELinux should be disabled. If you're not sure if it is disabled enter:

cat /etc/selinux/config | grep ^SELINUX=

Disable SELinux if it is enabled:

vi /etc/selinux/config





Afterwards reboot the system.



2.3 Update

Time to update your system.

yum -y update


3 Samba & CUPS

Now we install Samba, the Samba Web Administration Tool (SWAT), and printer drivers for CUPS.

yum install samba samba-client samba-swat gutenprint-cups gutenprint-foomatic foomatic printer-filters compat-expat1 libpaper

If you want to use HP printers install a few more packages.

yum install hplip cups-devel ghostscript qt4 pyqt4 python-devel python-reportlab libjpeg-devel net-snmp net-snmp-devel

Note: net-snmp and net-snmp-devel are only needed for network-printers. If you want to use a network-printer, you have to open a few ports in the firewall: jetdirect:tcp (9100), snmp:tcp and snmp:udp (161). How to adjust the firewall settings is explained in step 4.1.


4 Basic Configuration

4.1 Firewall

We have to open a few ports so that the clients can connect to Samba.


Set Samba as a trusted service.


4.2 Xinetd

If you set up a server without gui you have to add an additional IP (your workstation) to the swat configuration to use the swat webinterface.

vi /etc/xinetd.d/swat


only_from =


only_from = %workstation_ip%
Share this page:

2 Comment(s)