Samba Domaincontroller For Small Workgroups With SWAT On Fedora 8
Author: Oliver Meyer <o [dot] meyer [at] projektfarm [dot] de>
Last edited 12/04/2007
This document describes how to set up and configure a Samba Domaincontroller for small workgroups (up to 250 users) on Fedora 8 with the Samba Web Administration Tool. The resulting system provides an easy to manage domaincontroller for your Windows network.
This howto is a practical guide without any warranty - it doesn't cover the theoretical backgrounds. There are many ways to set up such a system - this is the way I chose.
1 Preliminary Note
I used a minimal Fedora 8 installation without GUI etc for this howto. Additionally I had to deinstall Firefox after the minimal installation.
First we install some packages to speed up yum and prevent problems with packages.
yum install yum-fastestmirror yum-skip-broken
SELinux should be disabled. If you're not sure if it is disabled enter:
cat /etc/selinux/config | grep ^SELINUX=
Disable SELinux if it is enabled:
Afterwards reboot the system.
Time to update your system.
yum -y update
3 Samba & CUPS
Now we install Samba, the Samba Web Administration Tool (SWAT), and printer drivers for CUPS.
yum install samba samba-client samba-swat gutenprint-cups gutenprint-foomatic foomatic printer-filters compat-expat1 libpaper
If you want to use HP printers install a few more packages.
yum install hplip cups-devel ghostscript qt4 pyqt4 python-devel python-reportlab libjpeg-devel net-snmp net-snmp-devel
Note: net-snmp and net-snmp-devel are only needed for network-printers. If you want to use a network-printer, you have to open a few ports in the firewall: jetdirect:tcp (9100), snmp:tcp and snmp:udp (161). How to adjust the firewall settings is explained in step 4.1.
4 Basic Configuration
We have to open a few ports so that the clients can connect to Samba.
Set Samba as a trusted service.
If you set up a server without gui you have to add an additional IP (your workstation) to the swat configuration to use the swat webinterface.
only_from = 127.0.0.1
only_from = 127.0.0.1 %workstation_ip%