Slack - it's teamwork, but simpler, more pleasant and more productive.

SAMBA (Domain Controller) Server For Small Workgroups With Ubuntu 5.10 "Breezy Badger" - Page 4

Install And Configure The SAMBA Server

In order to install SAMBA, run

apt-get install samba samba-common samba-doc libcupsys2-gnutls10 libkrb53 winbind smbclient

Edit /etc/samba/smb.conf so that it looks like this

[global]
   workgroup = MYWORKGROUP
   netbios name = SERVER1
   server string = %h server (Samba, Ubuntu)

   
   passdb backend = tdbsam
   security = user
   username map = /etc/samba/smbusers
   name resolve order = wins bcast hosts
   domain logons = yes
   preferred master = yes
   wins support = yes
   
   # Set CUPS for printing
   printcap name = CUPS
   printing = CUPS
   
   # Default logon
   logon drive = H:
   logon script = scripts/logon.bat
   logon path = \\server1\profile\%U


   # Useradd scripts
   add user script = /usr/sbin/useradd -m %u
   delete user script = /usr/sbin/userdel -r %u
   add group script = /usr/sbin/groupadd %g
   delete group script = /usr/sbin/groupdel %g
   add user to group script = /usr/sbin/usermod -G %g %u
   add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u
   idmap uid = 15000-20000
   idmap gid = 15000-20000


   # sync smb passwords woth linux passwords
   passwd program = /usr/bin/passwd %u
   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n .
   passwd chat debug = yes
   unix password sync = yes
   
   # set the loglevel
   log level = 3


[homes]
   comment = Home
   valid users = %S
   read only = no
   browsable = no


[printers]
   comment = All Printers
   path = /var/spool/samba
   printable = yes
   guest ok = yes
   browsable = no


[netlogon]
   comment = Network Logon Service
   path = /home/samba/netlogon
   admin users = Administrator
   valid users = %U
   read only = no


[profile]
   comment = User profiles
   path = /home/samba/profiles
   valid users = %U
   create mode = 0600
   directory mode = 0700
   writable = yes
   browsable = no

Remark: The "netbios name" in the smb.conf must be the same then the hostname of your server.

workgroup = MYWORKGROUP specifies the Windows domain that the Windows workstations use.

logon drive = H: is the drive letter under which the SAMBA share will appear in the Windows Explorer.

With logon script = scripts/logon.bat you can specify a Windows batch script that is executed as soon as a Windows workstation logs in. If the script does not exist, you can comment out that line.

Create the directories for domain logons and profiles:

mkdir /home/samba
mkdir /home/samba/netlogon
mkdir /home/samba/profiles
mkdir /var/spool/samba
chmod 777 /var/spool/samba/
chown -R root:users /home/samba/
chmod -R 771 /home/samba/

Now we restart Samba:

/etc/init.d/samba restart

Edit /etc/nsswitch.conf. Change the line:

hosts: files dns

to:

hosts: files wins dns

Add all computers of your workgroup in the /etc/hosts file on the server.

192.168.0.100 server1
192.168.0.110 workstation1
192.168.0.111 workstation2
192.168.0.112 workstation3
192.168.0.113 workstation4

Add the root user to the SAMBA password database. The root user (alias: Administrator) will be our domain administrator. This account is needed to add new computers to the SAMBA domain.

smbpasswd -a root

Create the file /etc/samba/smbusers and add the line by executing:

echo "root = Administrator" > /etc/samba/smbusers

This will allow us to use the common windows username "Administrator" as alias for the Linux root user.

Now I will test if the setup is correct:

smbclient -L localhost -U%

The output should look similar to this:

Domain=[MYWORKGROUP] OS=[Unix] Server=[Samba 3.0.14a-Ubuntu]

        Sharename       Type      Comment
        ---------       ----      -------
        netlogon        Disk      Network Logon Service
        print$          Disk      Printer Drivers
        IPC$            IPC       IPC Service (server1 server (Samba, Ubuntu))
        ADMIN$          IPC       IPC Service (server1 server (Samba, Ubuntu))
Domain=[MYWORKGROUP] OS=[Unix] Server=[Samba 3.0.14a-Ubuntu]

        Server               Comment
        ---------            -------
        SERVER1              server1 server (Samba, Ubuntu)

        Workgroup            Master
        ---------            -------
        MDKGROUP             IPRG
        MYWORKGROUP          SERVER1

Setup the default domain groups for windows:

net groupmap modify ntgroup="Domain Admins" unixgroup=root
net groupmap modify ntgroup="Domain Users" unixgroup=users
net groupmap modify ntgroup="Domain Guests" unixgroup=nogroup

Share this page:

Suggested articles

9 Comment(s)

Add comment

Comments

From: Anonymous
Reply  

If you are using a router, which I assume you are, you will want to set your router to statically serve your server(s) and workstations the same IP address each time, in the router admin pages. On my D-Link DI-624, it was found on the 'Home' tab under DHCP... Match the IP addresses with the ones you entered in the /etc/hosts file in the above instructions.

From: Anonymous
Reply  

Don't forget to set your logon path option in /etc/samba/smb.conf to match the hostname you set your machine to.

Change:

logon path = \\server1\profile\%U

To:

logon path = \\<your hostname>\profile\%U

Obviously don't include the brackets < > around your actual hostname.


From: Anonymous
Reply  

Remember also for roaming profiles to work you need to have subdirectory with the name of the user:

/home/profile/<your username>


Over the network:

\\<your hostname>\profile\<your username>

Any thoughts on creating this directory with the adduser script?

From: Anonymous
Reply  

I had trouble with Roaming profiles, to get it working ,and it does, you need to upload a profile to /home/samba/netlogon/Default\ User/ with widows profile upload, make sure you chowb -R root:users /home/samba/ and chomod -R 771 /home/samba/( with no user profiles or you will stop them working)). Then when users logon they get a default profile and folder in /home/samba/profile.

From: Anonymous
Reply  

I had trouble with Roaming profiles, to get it working ,and it does, you need to upload a profile to /home/samba/netlogon/Default\ User/ with widows profile upload, make sure you chowb -R root:users /home/samba/ and chomod -R 771 /home/samba/( with no user profiles or you will stop them working)). Then when users logon they get a default profile and folder in /home/samba/profile, which saves on logout.

From: juro
Reply  

Use this syntax instead of hard-coding a name:

logon path = \\%N\profile\%U

From: xenlab
Reply  

ta

Change the apt-get install command if you want to be able to mount shares from the windows machines in your network from the linux box:

apt-get install samba samba-common samba-doc libcupsys2-gnutls10 libkrb53 winbind smbclient smbfs

(that command should be run all on one line) 

From:
Reply  

    On samba 3.0.23 there is a change in the net groupmap functionality:

http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/ChangeNotes.html

 There fore the new command is:

net groupmap add ntgroup="Domain Admins" unixgroup=root
net groupmap add ntgroup="Domain Users" unixgroup=users
net groupmap add ntgroup="Domain Guests" unixgroup=nogroup

From: TaN
Reply  

On /etc/samba/smb.conf  it's "prefered master" not "preffered master" :)