?
Solved

Samba and Window 7

Posted on 2013-11-17
7
Medium Priority
?
709 Views
Last Modified: 2013-11-22
Need to do following thing
Samba set up as a Domain
    1: Home Folder H:
   2: roaming profiles
   3: Policy Share , read only with netlogon.bat
  4: Docs Share , read and write only with netlogon.bat
  5: Machine account for Win 7
  6: Samba user account

Need configuration how to setup samba with window 7 and also need netlogon.bat script

POLICY : read only accessible by all users with drive letter M:
Docs : read and write accessible by all users with drive letter N:

Thnks
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
7 Comments
 
LVL 6

Expert Comment

by:xeroxzerox
ID: 39655698
Hi,

Install samba4 in ubuntu server & make entry in resolve.conf
when you installed samba then run it to make domain controller

      
/usr/share/samba/setup/provision --realm=domain.name --domain=DOMAIN --adminpass='Test123' --server-role=dc

It create DC in server & restart samba service.

For test run cmd in your terminal.
#smbclient -L localhost -U%

OUTPUT is
      
Sharename       Type       Comment
---------              ----            -------
netlogon           Disk
sysvol               Disk

After following step configure dns for need a naming service in our network to resolve hosts and services.

make entry in etc/bind/named.conf
include "/var/lib/samba/private/named.conf"

for secure server make entry in apparmor
AppArmor need to make sure that Bind has the rights to access the files provided by Samba.

/etc/apparmor.d/usr.sbin.named

/var/lib/samba/private/** rkw,
/var/lib/samba/private/dns/** rkw,
/usr/lib/x86_64-linux-gnu/samba/bind9/** rm,
/usr/lib/x86_64-linux-gnu/samba/gensec/** rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/** rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/** rm,

now reload apparmor service.
Now again restart bind9,samba service in samba server.

Now join your win7 machine in domain
If you are unable to join domain then check time in client and server & configure WINS in window 7 network property.
0
 
LVL 2

Author Comment

by:Mohammad Aamir Qureshi
ID: 39656089
I am sorry to tell you that I have linux server centos 6.3 version
I have already installed samba server just need to configure my smb.conf file
my server name is server1 with IP 192.168.1.1
0
 
LVL 6

Expert Comment

by:xeroxzerox
ID: 39656106
0
 
LVL 20

Accepted Solution

by:
Daniel McAllister earned 1500 total points
ID: 39669536
The tutorial shown by xeroxzerox above is an excellent install tutorial for Samba 4.

You MUST use Samba 4 to become an AD server (Samba 3's AD support was limited to being an AD member, not a server!)

Once you configure your Samba 4 as an AD server, you'll just need to define the shares:

NOTE: The user's login scripts will need to be in a NETLOGON share (which is nearly ALWAYS read-only).

The presence of the LOGON PATH variable will enable the roaming profiles (be careful of the underlying Linux user permissions, not just the ones for Samba users!). The LOGON PATH variable will point to a URL that must also be defined as a share, and must be writable.

  [global]
  ...
  domain logons = Yes
  logon path = \\%L\Profiles\%U
  ...
  [Profiles]
        comment = %U Profile
        path = /home/samba/Profiles
        read only = No
        profile acls = Yes
   ...
Where %L is the name of the server and %U is the login name of the user

The presence of a LOGON HOME variable will create a home folder capability, and the partner LOGON DRIVE will define the letter. Again, there must be an accompanying HOMES share to match the URL.

  [global]
  ...
  logon home = \\%L\%U
  logon drive = H:
  ...
  [Homes]
        comment = %U Home Directory
        valid users = %S
        read only = No
        browseable = No
   ...


So then your other shares (Policy & Docs) are standard shares... sounds like you also need your netlogon.bat file (which MUST be in a DOS format -- so if you edit it with vim or something, be sure to run it through "unix2dos" before testing).

eventually in that netlogon.bat file you want lines like:
net use m: \\%SERVER%\Policy /persistent:no
net use n: \\%SERVER%\Docs /persistent:no

NOTE: The Read-Only portion (IMHO) needs to be done in your Samba config... just as above we had the [Netlogon], [Homes] and [Profiles] shares defined with specific options, you'll need to define [Policy] and [Docs] shares.

I hope this helps

Dan
IT4SOHO
0
 
LVL 2

Author Closing Comment

by:Mohammad Aamir Qureshi
ID: 39669623
Thanks to everyone
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Suggested Courses
Course of the Month11 days, 18 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question