Samba Domaincontroller For Small Workgroups With SWAT On Fedora 8

Version 1.0
Author: Oliver Meyer <o [dot] meyer [at] projektfarm [dot] de>

This document describes how to set up and configure a Samba Domaincontroller for small workgroups (up to 250 users) on Fedora 8 with the Samba Web Administration Tool. The resulting system provides an easy to manage domaincontroller for your Windows network.

This howto is a practical guide without any warranty - it doesn't cover the theoretical backgrounds. There are many ways to set up such a system - this is the way I chose.

 

1 Preliminary Note

I used a minimal Fedora 8 installation without GUI etc for this howto. Additionally I had to deinstall Firefox after the minimal installation.

Hostname: server1.example.com
IP: 192.168.0.102
Gateway: 192.168.0.2
Pri.DNS: 192.168.0.2

 

2 Preparation

2.1 Yum

First we install some packages to speed up yum and prevent problems with packages.

yum install yum-fastestmirror yum-skip-broken

 

2.2 SELinux

SELinux should be disabled. If you're not sure if it is disabled enter:

cat /etc/selinux/config | grep ^SELINUX=

Disable SELinux if it is enabled:

vi /etc/selinux/config

Change:

SELINUX=enforcing

To:

SELINUX=disabled

Afterwards reboot the system.

reboot

 

2.3 Update

Time to update your system.

yum -y update

 

3 Samba & CUPS

Now we install Samba, the Samba Web Administration Tool (SWAT), and printer drivers for CUPS.

yum install samba samba-client samba-swat gutenprint-cups gutenprint-foomatic foomatic printer-filters compat-expat1 libpaper

If you want to use HP printers install a few more packages.

yum install hplip cups-devel ghostscript qt4 pyqt4 python-devel python-reportlab libjpeg-devel net-snmp net-snmp-devel

Note: net-snmp and net-snmp-devel are only needed for network-printers. If you want to use a network-printer, you have to open a few ports in the firewall: jetdirect:tcp (9100), snmp:tcp and snmp:udp (161). How to adjust the firewall settings is explained in step 4.1.

 

4 Basic Configuration

4.1 Firewall

We have to open a few ports so that the clients can connect to Samba.

system-config-firewall-tui

Set Samba as a trusted service.

 

4.2 Xinetd

If you set up a server without gui you have to add an additional IP (your workstation) to the swat configuration to use the swat webinterface.

vi /etc/xinetd.d/swat

Change:

only_from = 127.0.0.1

To:

only_from = 127.0.0.1 %workstation_ip%

Share this page:

2 Comment(s)

Add comment

Comments

From:

To install PyQt4 you need to use:

yum install PyQt4

not yum install pyqt4

 

Bill 

From: Thomas Harold

While I can understand the frustration with SELinux constantly getting in the way, it's very poor form to constantly suggest to administrators that they simply disable SELinux instead of learning how to make exception files. (Or to learn how to apply the correct security context to files and directories.)