SAMBA (Domaincontroller) Server For Small Workgroups With Ubuntu 7.10 - Page 2
SAMBA Server
apt-get install libcupsys2 samba samba-common samba-doc smbclient winbind cupsys-common
Edit /etc/samba/smb.conf that it looks like this:
vi /etc/samba/smb.conf
[global] workgroup = MYWORKGROUP netbios name = SERVER1 server string = %h server (Samba, Ubuntu) passdb backend = tdbsam security = user username map = /etc/samba/smbusers name resolve order = wins bcast hosts domain logons = yes preferred master = yes wins support = yes # Set CUPS for printing load printers = yes printcap name = CUPS printing = CUPS # Default logon logon drive = H: logon script = scripts/logon.bat logon path = \\server1\profile\%U # Useradd scripts # add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u add user script = /usr/sbin/useradd -m '%u' -g users -G users delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usernod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u idmap uid = 15000-20000 idmap gid = 15000-20000 template shell = /bin/bash # sync smb passwords woth linux passwords passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* . passwd chat debug = yes unix password sync = yes # set the loglevel log level = 3 [public] browseable = yes public = yes [homes] comment = Home valid users = %S read only = no browsable = no [printers] comment = All Printers path = /var/spool/samba printable = yes public = no writable = no create mode = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no write list = root, @smbadmin [netlogon] comment = Network Logon Service path = /home/samba/netlogon admin users = Administrator valid users = %U read only = no guest ok = yes writable = no share modes = no [profile] comment = User profiles path = /home/samba/profiles valid users = %U create mode = 0600 directory mode = 0700 writable = yes browsable = no guest ok = no
Create the directories for domain logons and profiles:
mkdir /home/samba
mkdir /home/samba/netlogon
mkdir /home/samba/profiles
chmod 777 /var/spool/samba/
chown -R root:users /home/samba/
chmod -R 771 /home/samba/
Now we restart Samba:
/etc/init.d/samba restart
Edit /etc/nsswitch.conf. Change the line:
vi /etc/nsswitch.conf
hosts: files dns
to:
hosts: files wins dns
Add all computers of your workgroup in the /etc/hosts file on the server.
vi /etc/hosts
192.168.0.100 server1 server1.example.com 192.168.0.110 workstation1 192.168.0.111 workstation2 192.168.0.112 workstation3 192.168.0.113 workstation4
Add the root user to the SAMBA password database. The root user (alias: Administrator) will be our domain Administrator. This account is needed to add new computers to the SAMBA domain.
smbpasswd -a root
Create the file /etc/samba/smbusersand add the line by executing:
echo "root = Administrator" > /etc/samba/smbusers
This will allow us to use the common Windows username "Administrator" as an alias for the Linux root user.
Now I will test if the setup is correct:
smbclient -L localhost -U%
The output shall look similar to this:
Domain=[MYWORKGROUP] OS=[Unix] Server=[Samba 3.0.26a]
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (samba server (Samba, Ubuntu))
netlogon Disk Network Logon Service
print$ Disk Printer Drivers
Domain=[MYWORKGROUP] OS=[Unix] Server=[Samba 3.0.26a]
Server Comment
--------- -------
SERVER1 samba server (Samba, Ubuntu)
Workgroup Master
--------- -------
MYWORKGROUP SERVER1
WORKGROUP FILESERVER
Set up the default domain groups for windows:
net groupmap add ntgroup="Domain Admins" unixgroup="root" type=domain -U root
net groupmap add ntgroup="Domain Users" unixgroup="users" type=domain -U root
net groupmap add ntgroup="Domain Guests" unixgroup="nogroup" type=domain -U root
Adding Users To Our SAMBA Domain
Now we will add a user, e.g."tom", to our Samba domain. You will have to add a user like this for each user account you want to connect to this SAMBA domain server.
Add the user "tom" with password "secret" to the Samba and Linux user database:
net rpc user add tom -U root
net rpc user password tom "secret" -U root
smbpasswd -e tom
Adding Shares
Now I will add a share that is accessible by all users:
mkdir -p /home/shares/allusers
chown -R root:users /home/shares/allusers/
chmod -R ug+rwx,o+rx-w /home/shares/allusers/
At the end of the file /etc/samba/smb.conf add the following lines:
[allusers] comment = All Users path = /home/shares/allusers valid users = @users force group = users create mask = 0660 directory mask = 0771 writable = yes
Now we restart Samba:
/etc/init.d/samba restart
Installing CUPS
apt-get install cupsys cupsys-client cupsys-driver-gimpprint defoma fontconfig foomatic-db foomatic-filters libcupsimage2 libexpat1 libfontconfig1 libfreetype6 libjpeg62 libpaper1 libpng12-0 libslp1 libtiff4 patch perl perl-modules ttf-bitstream-vera ucf
To get access to the webinterface from my workstation (IP 192.168.0.70), I will configure CUPS to listen on the server IP and allow access from the IP 192.168.0.70. You will have to change this IP to suit into your network configuration.
vi /etc/cups/cupsd.conf
Change the line:
Listen localhost:631
to:
Listen 192.168.0.70:631
and:
# Restrict access to the admin pages...
<Location /admin>
Order allow,deny
Allow localhost
</Location>
to:
# Restrict access to the admin pages...
<Location /admin>
Order allow,deny
Allow 192.168.0.70
</Location>
and restart the CUPS daemon:
/etc/init.d/cupsys restart
The CUPS webinterface is now accessible with any webbrowser from my workstation:
http://192.168.0.100:631/
Now I can log in to the CUPS interface with username root and my root password.
Please note: If there is no Linux driver available for your printer and you want to use this printer only from your Windows workstations trough SAMBA, you can use the printer manufacturer "RAW" and install the correct driver on your Windows workstation.
If you created a new printer in CUPS, you will have to add it to Samba with the command:
cupsaddsmb -a
This howto is also available as a VMware virtual machine image for all HowtoForge subscribers.
Links
All trademarks belong to their respective owners.