Samba Domaincontroller For Small Workgroups With SWAT On Fedora 8

Version 1.0
Author: Oliver Meyer <o [dot] meyer [at] projektfarm [dot] de>
Last edited 12/04/2007

This document describes how to set up and configure a Samba Domaincontroller for small workgroups (up to 250 users) on Fedora 8 with the Samba Web Administration Tool. The resulting system provides an easy to manage domaincontroller for your Windows network.

This howto is a practical guide without any warranty - it doesn't cover the theoretical backgrounds. There are many ways to set up such a system - this is the way I chose.


1 Preliminary Note

I used a minimal Fedora 8 installation without GUI etc for this howto. Additionally I had to deinstall Firefox after the minimal installation.



2 Preparation

2.1 Yum

First we install some packages to speed up yum and prevent problems with packages.

yum install yum-fastestmirror yum-skip-broken


2.2 SELinux

SELinux should be disabled. If you're not sure if it is disabled enter:

cat /etc/selinux/config | grep ^SELINUX=

Disable SELinux if it is enabled:

vi /etc/selinux/config





Afterwards reboot the system.



2.3 Update

Time to update your system.

yum -y update


3 Samba & CUPS

Now we install Samba, the Samba Web Administration Tool (SWAT), and printer drivers for CUPS.

yum install samba samba-client samba-swat gutenprint-cups gutenprint-foomatic foomatic printer-filters compat-expat1 libpaper

If you want to use HP printers install a few more packages.

yum install hplip cups-devel ghostscript qt4 pyqt4 python-devel python-reportlab libjpeg-devel net-snmp net-snmp-devel

Note: net-snmp and net-snmp-devel are only needed for network-printers. If you want to use a network-printer, you have to open a few ports in the firewall: jetdirect:tcp (9100), snmp:tcp and snmp:udp (161). How to adjust the firewall settings is explained in step 4.1.


4 Basic Configuration

4.1 Firewall

We have to open a few ports so that the clients can connect to Samba.


Set Samba as a trusted service.


4.2 Xinetd

If you set up a server without gui you have to add an additional IP (your workstation) to the swat configuration to use the swat webinterface.

vi /etc/xinetd.d/swat


only_from =


only_from = %workstation_ip%

Share this page:

2 Comment(s)

Add comment


From: at: 2008-05-09 01:13:07

To install PyQt4 you need to use:

yum install PyQt4

not yum install pyqt4



From: Thomas Harold at: 2009-01-02 13:57:45

While I can understand the frustration with SELinux constantly getting in the way, it's very poor form to constantly suggest to administrators that they simply disable SELinux instead of learning how to make exception files. (Or to learn how to apply the correct security context to files and directories.)