SAMBA (Domaincontroller) Server For Small Workgroups With Ubuntu 6.10 - Page 4

SAMBA Server

apt-get install samba samba-common samba-doc libcupsys2-gnutls10 libkrb53 winbind smbclient

Edit /etc/samba/smb.conf so that it looks like this:

vi /etc/samba/smb.conf

   workgroup = MYWORKGROUP
   netbios name = SERVER1
   server string = %h server (Samba, Ubuntu)

   passdb backend = tdbsam
   security = user
   username map = /etc/samba/smbusers
   name resolve order = wins bcast hosts
   domain logons = yes
   preferred master = yes
   wins support = yes
   # Set CUPS for printing
   load printers = yes
   printcap name = CUPS
   printing = CUPS
   printer admin = @lpadmin
   # Default logon
   logon drive = H:
   logon script = scripts/logon.bat
   logon path = \\server1\profile\%U

   # Useradd scripts
   add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u
   delete user script = /usr/sbin/userdel -r %u
   add group script = /usr/sbin/groupadd %g
   delete group script = /usr/sbin/groupdel %g
   add user to group script = /usr/sbin/usernod -G %g %u
   add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u
   idmap uid = 15000-20000
   idmap gid = 15000-20000
   template shell = /bin/bash

   # sync smb passwords woth linux passwords
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* .
   passwd chat debug = yes
   unix password sync = yes
   # set the loglevel
   log level = 3

   browseable = yes
   public = yes

   comment = Home
   valid users = %S
   read only = no
   browsable = no

   comment = All Printers
   path = /var/spool/samba
   printable = yes
   public = no
   writable = no
   create mode = 0700
   comment = Printer Drivers
   path = /var/lib/samba/printers
   browseable = yes
   read only = yes
   guest ok = no
   write list = root, @smbadmin

   comment = Network Logon Service
   path = /home/samba/netlogon
   admin users = Administrator
   valid users = %U
   read only = no
   guest ok = yes
   writable = no
   share modes = no

   comment = User profiles
   path = /home/samba/profiles
   valid users = %U
   create mode = 0600
   directory mode = 0700
   writable = yes
   browsable = no
   guest ok = no

Create the directories for domain logons and profiles:

mkdir /home/samba
mkdir /home/samba/netlogon
mkdir /home/samba/profiles
mkdir /var/spool/samba
chmod 777 /var/spool/samba/
chown -R root:users /home/samba/
chmod -R 771 /home/samba/

Now we restart Samba:

/etc/init.d/samba restart

Edit /etc/nsswitch.conf. Change the line:

vi /etc/nsswitch.conf

hosts: files dns


hosts: files wins dns

Add all computers of your workgroup in the /etc/hosts file on the server:

vi /etc/hosts

[...] server1 workstation1 workstation2 workstation3 workstation4

Add the root user to the SAMBA password database. The root user (alias: Administrator) will be our domain administrator. This account is needed to add new computers to the SAMBA domain.

smbpasswd -a root

Create the file /etc/samba/smbusersand add the line by executing:

echo "root = Administrator" > /etc/samba/smbusers

This will allow us to use the common Windows username Administrator as an alias for the Linux root user.

Now I will test if the setup is correct:

smbclient -L localhost -U%

The output should look similar to this:

Domain=[MYWORKGROUP] OS=[Unix] Server=[Samba 3.0.22]

        Sharename       Type      Comment
        ---------       ----      -------
        public          Disk
        print$          Disk      Printer Drivers
        netlogon        Disk      Network Logon Service
        IPC$            IPC       IPC Service (server1 server (Samba, Ubuntu))
        ADMIN$          IPC       IPC Service (server1 server (Samba, Ubuntu))
Domain=[MYWORKGROUP] OS=[Unix] Server=[Samba 3.0.22]

        Server               Comment
        ---------            -------
        SERVER1              server1 server (Samba, Ubuntu)

        Workgroup            Master
        ---------            -------
        MYWORKGROUP          SERVER1

Set up the default domain groups for Windows:

net groupmap modify ntgroup="Domain Admins" unixgroup=root
net groupmap modify ntgroup="Domain Users" unixgroup=users
net groupmap modify ntgroup="Domain Guests" unixgroup=nogroup


Adding Users To Our SAMBA Domain

Now we will add a user, e.g. tom, to our Samba domain. You will have to add a user like this for each user account you want to connect to this SAMBA domain server.

1) Add a Linux user tom:

useradd tom -m -G users

2) Add the Linux user tom to the SAMBA password database:

smbpasswd -a tom


Adding Shares

Now I will add a share that is accessible by all users:

mkdir -p /home/shares/allusers
chown -R root:users /home/shares/allusers/
chmod -R ug+rwx,o+rx-w /home/shares/allusers/

At the end of the file /etc/samba/smb.conf add the following lines:

  comment = All Users
  path = /home/shares/allusers
  valid users = @users
  force group = users 
  create mask = 0660
  directory mask = 0771
  writable = yes

Now we restart Samba:

/etc/init.d/samba restart

Share this page:

1 Comment(s)

Add comment


From: at: 2008-04-14 02:47:09

After some research I came to the conclusion that CUPS, by default, tries to use SSL whenever possible. So, with this 426 error, you are redirected to the SSL domain. Chances are, you haven’t configured SSL properly, if at all.

In my case, I didn’t want to configure SSL. To get rid of this problem, the key lies in editing your configuration files ( /etc/cups/cupsd.conf ) and adding the following line:

DefaultEncryption Never

There are several options, Never, IfRequired and Required. By setting this to Never, SSL will never be enforced. Just restart your CUPS server with

$ /etc/init.d/cupsys restart
and you’re good to go.