Solved

Samba as a primary domain controller...

Posted on 2000-04-24
7
454 Views
Last Modified: 2010-03-18
I've seen it before but cannot figure it out with SWAT or from the docs... I'll check for a howto next, but this is easiest...

What are the steps necessary to make Samba running on a linux machine behave like a primary domain controller and allow Win95/98 clients to log into it as if it were a PDC/NT machine?

We have a NT box now that ONLY does logins, and that's a waste of a machine... if the Linux box can do it, all the better.
0
Comment
Question by:edskee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2746173
The distributed version of Samba can't be a PDC. For PDC funtionality you need one of developmental versions of Samba. You can read a bit more about the at http://us2.samba.org/samba/docs/ntdom_faq/samba_ntdom_faq.html. Neither the Head branch nor the TNG branch are fully functional at present, although one of them might be suitable for non-demanding networks. The Head branch (see Lars' page for a description) might be the best choice right now since you have win95 clients.
0
 
LVL 2

Author Comment

by:edskee
ID: 2747390
Ok, well I know what I need it to do can be done, maybe PDC is not the correct... name... for it.

I need samba to act as a domain login controller to authenticate logins, instead of our NT machine. Thats most important, any other PDC functionality I can fix later.

Anyone?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2748480
Authenticating logins is exactly what a PDC does, so to get that you'll need one of the developmental Samba versions.

I've not tested a Win95 domain logon, but I do know that I'm authenticating against the current CVS version (as of 0915CDT 25 Apr) of Samba-tng. It looks really good at the moment and would probably be worth trying. If you feel experimental, go to  http://www.kneschke.de/projekte/samba_tng/index.php3 and the you'll find instructions on how to get TNG as well as configuration info and examples in the FAQ.

To avoid clashes with the distributed version of Samba, I recommend that you remove it before installing Samba-TNG.
0
Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

 
LVL 2

Author Comment

by:edskee
ID: 2748524
Hmm, I couldave SWORN that I had seen Samba authenticating logins before... on a SCO unix machine that we had set up at a previous job.

I guess not.

Are you sure? One of the PAQ's says the guy set up Samba to do logins, but needed other functionality (thats what his question was, but in the question he stated that it WAS set up already)
0
 
LVL 40

Expert Comment

by:jlevie
ID: 2749027
Authenticating users is something that the distributed versions can do, it's domain logins that they can't do. The difference between to two gets important in the case of NT systems in that you have to create workgroup accounts on each NT system for each user. And there are other things that an NT domain PDC can do that a workgroup server can't do.
0
 

Accepted Solution

by:
xkid032500 earned 50 total points
ID: 2750301
in your smb.conf , under [global] put:
domain logons = yes
domain master = yes

and thats it.
0
 
LVL 2

Author Comment

by:edskee
ID: 2751331
Thanks, me and my boss figured that out for ourselves last night.

Ed
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question