Solved

SMB 3.0 on RH9

Posted on 2003-11-02
7
365 Views
Last Modified: 2010-04-20
How do I setup SMB3.0 as a Domain Controller?  ( I think I have this part...)

Then when I attempt to add a windows machine from its System Properties page.  It fails,  it says I do not have permission..

HELP
0
Comment
Question by:LordPenguin
7 Comments
 

Expert Comment

by:sjmclean
ID: 9667370
I'm kinda new to the world of linux but I'm assuming you are refering to Samba?? This is what i believe you need to do to get up and running. Assuming you have your smb.conf file setup correctly all you need to do is add users.

Step 1

Adduser {USERNAME}

Step 2

smbpasswd -a {USERNAME} (in step 1)


Then you should be set. However you will need to join the domain with a user that has sufficient previleges. I used root.......I believe i just did smbpasswd -a root, then entered a password that was different from the local root account. Note however i was only experiementing with samba and linux, if this is a production Samba server you may not want to use root.

I hope this helps

Stewart
0
 
LVL 38

Accepted Solution

by:
yuzh earned 250 total points
ID: 9667790
0
 
LVL 9

Expert Comment

by:majorwoo
ID: 9671023
you need to enter the root name/password to add users to the domain, and I think you may actually have to add that user first to samba with the smbpassward -a root
0
 
LVL 10

Assisted Solution

by:anupnellip
anupnellip earned 250 total points
ID: 9709478
Hii ,
To setup Samba as Primary Domain Controller

Add the following to the global section of your smb.conf file.


# The domain you want to be a PDC for
workgroup = SIMPLE

# Tell Samba to use domain logons
domain logons = yes

# User-level security. Users must
# authenticate themselves with
# valid username and password
security = user

# Set to yes so that nmbd participates
# in local master browser
# elections
local master = yes

# Set Os level value to make sure nmbd
# wins local browse master
# elections. 65 should beat everyone
# according to the man page
os level = 65

# Give nmbd an advantage in local
# master browser elections
preferred master = yes

# Set so that nmbd claims a unique
# NetBIOS name identifying it as
# a domain master
domain master = yes

# The following share is required to support
# domain logons. The directory may be
# created anywhere on your system. Make
# sure the share is non-writeable and also
# not a public share.
[netlogon]
comment = The domain logon service
path = /usr/local/samba/netlogon
public = no
writeable = no

The next thing to do is create the users on the Samba server that is to act as the domain controller. You can do this using the useradd command.

useradd –-g smbuser –-d /dev/null –-s /dev/null ntuser

As you can see, both shell and home directory for ntuser is set to /dev/null. If your Windows users are not required to access the Unix box, you should use the above to deny access to the machine. Passwords are also not required to be set because Samba keeps the password hash in a separate file specified in the configuration file.


# Path to Samba password file
# Make sure only root has read/write access
smb passwd file = /usr/local/samba/smbpasswd

After adding a user (you can also use vipw to add a user), you need to add the user to the samba password database.

“smbpasswd –a” will add all users in Unix passwd file to smbpasswd file. The usage and syntax is similar to the Unix passwd command. To change a users’ password use “smbpasswd username”.

That will be enough for Samba to start authenticating Windows 9X clients. For NT workstations, some more work is to be done. You have to create a machine account for each NT client that will logon. A machine account is simply a regular /etc/passwd entry, with a “$” appended to the name of the NT machine.

useradd –-g smbuser -–d /dev/null -–s /dev/null ntclient$

Now add it to the password database

smbpasswd –a –m ntclient (the $ at the end is not required)

Samba can now accept logons from a NT client.

As you can see, configuring samba as a domain controller and domain member is a fairly easy job. The flip side is that since samba is the result of major amounts of hacking and reverse engineering, it doesn’t have all the functionality of a proper domain controller.

Regards

Anup
0
 
LVL 44

Expert Comment

by:Karl Heinz Kremer
ID: 10301736
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
Split between yuzh and anupnellip
Please leave any comments here within the next four days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

khkremer
EE Cleanup Volunteer
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Currently, there is not an RPM package available under the RHEL/Fedora/CentOS distributions that gives you a quick and easy way to allow PHP to interface with Oracle. As a result, I have included a set of instructions on how to do this with minimal …
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now