Samba Domaincontroller For Small Workgroups With SWAT On Fedora 8

Version 1.0
Author: Oliver Meyer <o [dot] meyer [at] projektfarm [dot] de>

This document describes how to set up and configure a Samba Domaincontroller for small workgroups (up to 250 users) on Fedora 8 with the Samba Web Administration Tool. The resulting system provides an easy to manage domaincontroller for your Windows network.

This howto is a practical guide without any warranty - it doesn't cover the theoretical backgrounds. There are many ways to set up such a system - this is the way I chose.

 

1 Preliminary Note

I used a minimal Fedora 8 installation without GUI etc for this howto. Additionally I had to deinstall Firefox after the minimal installation.

Hostname: server1.example.com
IP: 192.168.0.102
Gateway: 192.168.0.2
Pri.DNS: 192.168.0.2

 

2 Preparation

2.1 Yum

First we install some packages to speed up yum and prevent problems with packages.

yum install yum-fastestmirror yum-skip-broken

 

2.2 SELinux

SELinux should be disabled. If you're not sure if it is disabled enter:

cat /etc/selinux/config | grep ^SELINUX=

Disable SELinux if it is enabled:

vi /etc/selinux/config

Change:

SELINUX=enforcing

To:

SELINUX=disabled

Afterwards reboot the system.

reboot

 

2.3 Update

Time to update your system.

yum -y update

 

3 Samba & CUPS

Now we install Samba, the Samba Web Administration Tool (SWAT), and printer drivers for CUPS.

yum install samba samba-client samba-swat gutenprint-cups gutenprint-foomatic foomatic printer-filters compat-expat1 libpaper

If you want to use HP printers install a few more packages.

yum install hplip cups-devel ghostscript qt4 pyqt4 python-devel python-reportlab libjpeg-devel net-snmp net-snmp-devel

Note: net-snmp and net-snmp-devel are only needed for network-printers. If you want to use a network-printer, you have to open a few ports in the firewall: jetdirect:tcp (9100), snmp:tcp and snmp:udp (161). How to adjust the firewall settings is explained in step 4.1.

 

4 Basic Configuration

4.1 Firewall

We have to open a few ports so that the clients can connect to Samba.

system-config-firewall-tui

Set Samba as a trusted service.

 

4.2 Xinetd

If you set up a server without gui you have to add an additional IP (your workstation) to the swat configuration to use the swat webinterface.

vi /etc/xinetd.d/swat

Change:

only_from = 127.0.0.1

To:

only_from = 127.0.0.1 %workstation_ip%
Share this page:

2 Comment(s)