SAMBA (Domain Controller) Server For Small Workgroups With Ubuntu 5.10 "Breezy Badger" - Page 4

Install And Configure The SAMBA Server

In order to install SAMBA, run

apt-get install samba samba-common samba-doc libcupsys2-gnutls10 libkrb53 winbind smbclient

Edit /etc/samba/smb.conf so that it looks like this

[global]
workgroup = MYWORKGROUP
netbios name = SERVER1
server string = %h server (Samba, Ubuntu)


passdb backend = tdbsam
security = user
username map = /etc/samba/smbusers
name resolve order = wins bcast hosts
domain logons = yes
preferred master = yes
wins support = yes

# Set CUPS for printing
printcap name = CUPS
printing = CUPS

# Default logon
logon drive = H:
logon script = scripts/logon.bat
logon path = \\server1\profile\%U


# Useradd scripts
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u
idmap uid = 15000-20000
idmap gid = 15000-20000


# sync smb passwords woth linux passwords
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
passwd chat debug = yes
unix password sync = yes

# set the loglevel
log level = 3


[homes]
comment = Home
valid users = %S
read only = no
browsable = no


[printers]
comment = All Printers
path = /var/spool/samba
printable = yes
guest ok = yes
browsable = no


[netlogon]
comment = Network Logon Service
path = /home/samba/netlogon
admin users = Administrator
valid users = %U
read only = no


[profile]
comment = User profiles
path = /home/samba/profiles
valid users = %U
create mode = 0600
directory mode = 0700
writable = yes
browsable = no

Remark: The "netbios name" in the smb.conf must be the same then the hostname of your server.

workgroup = MYWORKGROUP specifies the Windows domain that the Windows workstations use.

logon drive = H: is the drive letter under which the SAMBA share will appear in the Windows Explorer.

With logon script = scripts/logon.bat you can specify a Windows batch script that is executed as soon as a Windows workstation logs in. If the script does not exist, you can comment out that line.

Create the directories for domain logons and profiles:

mkdir /home/samba
mkdir /home/samba/netlogon
mkdir /home/samba/profiles
mkdir /var/spool/samba
chmod 777 /var/spool/samba/
chown -R root:users /home/samba/
chmod -R 771 /home/samba/

Now we restart Samba:

/etc/init.d/samba restart

Edit /etc/nsswitch.conf. Change the line:

hosts: files dns

to:

hosts: files wins dns

Add all computers of your workgroup in the /etc/hosts file on the server.

192.168.0.100 server1
192.168.0.110 workstation1
192.168.0.111 workstation2
192.168.0.112 workstation3
192.168.0.113 workstation4

Add the root user to the SAMBA password database. The root user (alias: Administrator) will be our domain administrator. This account is needed to add new computers to the SAMBA domain.

smbpasswd -a root

Create the file /etc/samba/smbusers and add the line by executing:

echo "root = Administrator" > /etc/samba/smbusers

This will allow us to use the common windows username "Administrator" as alias for the Linux root user.

Now I will test if the setup is correct:

smbclient -L localhost -U%

The output should look similar to this:

Domain=[MYWORKGROUP] OS=[Unix] Server=[Samba 3.0.14a-Ubuntu]

Sharename Type Comment
--------- ---- -------
netlogon Disk Network Logon Service
print$ Disk Printer Drivers
IPC$ IPC IPC Service (server1 server (Samba, Ubuntu))
ADMIN$ IPC IPC Service (server1 server (Samba, Ubuntu))
Domain=[MYWORKGROUP] OS=[Unix] Server=[Samba 3.0.14a-Ubuntu]

Server Comment
--------- -------
SERVER1 server1 server (Samba, Ubuntu)

Workgroup Master
--------- -------
MDKGROUP IPRG
MYWORKGROUP SERVER1

Setup the default domain groups for windows:

net groupmap modify ntgroup="Domain Admins" unixgroup=root
net groupmap modify ntgroup="Domain Users" unixgroup=users
net groupmap modify ntgroup="Domain Guests" unixgroup=nogroup

Till Brehm

About Till Brehm

Over 20 years experience as Software Developer and Linux System Administrator. Till Brehm is the founder and lead developer of the ISPConfig Hosting Control Panel software (since 2000) and he founded HowtoForge in 2005 as a place to share Linux knowledge with other Linux enthusiasts.

Share this page:

Suggested articles

9 Comment(s)

Add comment

Comments

By: Anonymous

If you are using a router, which I assume you are, you will want to set your router to statically serve your server(s) and workstations the same IP address each time, in the router admin pages. On my D-Link DI-624, it was found on the 'Home' tab under DHCP... Match the IP addresses with the ones you entered in the /etc/hosts file in the above instructions.

By: Anonymous

Don't forget to set your logon path option in /etc/samba/smb.conf to match the hostname you set your machine to.

Change:

logon path = \\server1\profile\%U

To:

logon path = \\<your hostname>\profile\%U

Obviously don't include the brackets < > around your actual hostname.


By: Anonymous

Remember also for roaming profiles to work you need to have subdirectory with the name of the user:

/home/profile/<your username>


Over the network:

\\<your hostname>\profile\<your username>

Any thoughts on creating this directory with the adduser script?

By: Anonymous

I had trouble with Roaming profiles, to get it working ,and it does, you need to upload a profile to /home/samba/netlogon/Default\ User/ with widows profile upload, make sure you chowb -R root:users /home/samba/ and chomod -R 771 /home/samba/( with no user profiles or you will stop them working)). Then when users logon they get a default profile and folder in /home/samba/profile.

By: Anonymous

I had trouble with Roaming profiles, to get it working ,and it does, you need to upload a profile to /home/samba/netlogon/Default\ User/ with widows profile upload, make sure you chowb -R root:users /home/samba/ and chomod -R 771 /home/samba/( with no user profiles or you will stop them working)). Then when users logon they get a default profile and folder in /home/samba/profile, which saves on logout.

By: juro

Use this syntax instead of hard-coding a name:

logon path = \\%N\profile\%U

By: xenlab

ta

Change the apt-get install command if you want to be able to mount shares from the windows machines in your network from the linux box:

apt-get install samba samba-common samba-doc libcupsys2-gnutls10 libkrb53 winbind smbclient smbfs

(that command should be run all on one line) 

By:

    On samba 3.0.23 there is a change in the net groupmap functionality:

http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/ChangeNotes.html

 There fore the new command is:

net groupmap add ntgroup="Domain Admins" unixgroup=root
net groupmap add ntgroup="Domain Users" unixgroup=users
net groupmap add ntgroup="Domain Guests" unixgroup=nogroup

By: TaN

On /etc/samba/smb.conf  it's "prefered master" not "preffered master" :)