Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Samba and Window 7

Posted on 2013-11-17
7
Medium Priority
?
716 Views
Last Modified: 2013-11-22
Need to do following thing
Samba set up as a Domain
    1: Home Folder H:
   2: roaming profiles
   3: Policy Share , read only with netlogon.bat
  4: Docs Share , read and write only with netlogon.bat
  5: Machine account for Win 7
  6: Samba user account

Need configuration how to setup samba with window 7 and also need netlogon.bat script

POLICY : read only accessible by all users with drive letter M:
Docs : read and write accessible by all users with drive letter N:

Thnks
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
7 Comments
 
LVL 6

Expert Comment

by:xeroxzerox
ID: 39655698
Hi,

Install samba4 in ubuntu server & make entry in resolve.conf
when you installed samba then run it to make domain controller

      
/usr/share/samba/setup/provision --realm=domain.name --domain=DOMAIN --adminpass='Test123' --server-role=dc

It create DC in server & restart samba service.

For test run cmd in your terminal.
#smbclient -L localhost -U%

OUTPUT is
      
Sharename       Type       Comment
---------              ----            -------
netlogon           Disk
sysvol               Disk

After following step configure dns for need a naming service in our network to resolve hosts and services.

make entry in etc/bind/named.conf
include "/var/lib/samba/private/named.conf"

for secure server make entry in apparmor
AppArmor need to make sure that Bind has the rights to access the files provided by Samba.

/etc/apparmor.d/usr.sbin.named

/var/lib/samba/private/** rkw,
/var/lib/samba/private/dns/** rkw,
/usr/lib/x86_64-linux-gnu/samba/bind9/** rm,
/usr/lib/x86_64-linux-gnu/samba/gensec/** rm,
/usr/lib/x86_64-linux-gnu/ldb/modules/ldb/** rm,
/usr/lib/x86_64-linux-gnu/samba/ldb/** rm,

now reload apparmor service.
Now again restart bind9,samba service in samba server.

Now join your win7 machine in domain
If you are unable to join domain then check time in client and server & configure WINS in window 7 network property.
0
 
LVL 2

Author Comment

by:Mohammad Aamir Qureshi
ID: 39656089
I am sorry to tell you that I have linux server centos 6.3 version
I have already installed samba server just need to configure my smb.conf file
my server name is server1 with IP 192.168.1.1
0
 
LVL 6

Expert Comment

by:xeroxzerox
ID: 39656106
0
 
LVL 21

Accepted Solution

by:
Daniel McAllister earned 1500 total points
ID: 39669536
The tutorial shown by xeroxzerox above is an excellent install tutorial for Samba 4.

You MUST use Samba 4 to become an AD server (Samba 3's AD support was limited to being an AD member, not a server!)

Once you configure your Samba 4 as an AD server, you'll just need to define the shares:

NOTE: The user's login scripts will need to be in a NETLOGON share (which is nearly ALWAYS read-only).

The presence of the LOGON PATH variable will enable the roaming profiles (be careful of the underlying Linux user permissions, not just the ones for Samba users!). The LOGON PATH variable will point to a URL that must also be defined as a share, and must be writable.

  [global]
  ...
  domain logons = Yes
  logon path = \\%L\Profiles\%U
  ...
  [Profiles]
        comment = %U Profile
        path = /home/samba/Profiles
        read only = No
        profile acls = Yes
   ...
Where %L is the name of the server and %U is the login name of the user

The presence of a LOGON HOME variable will create a home folder capability, and the partner LOGON DRIVE will define the letter. Again, there must be an accompanying HOMES share to match the URL.

  [global]
  ...
  logon home = \\%L\%U
  logon drive = H:
  ...
  [Homes]
        comment = %U Home Directory
        valid users = %S
        read only = No
        browseable = No
   ...


So then your other shares (Policy & Docs) are standard shares... sounds like you also need your netlogon.bat file (which MUST be in a DOS format -- so if you edit it with vim or something, be sure to run it through "unix2dos" before testing).

eventually in that netlogon.bat file you want lines like:
net use m: \\%SERVER%\Policy /persistent:no
net use n: \\%SERVER%\Docs /persistent:no

NOTE: The Read-Only portion (IMHO) needs to be done in your Samba config... just as above we had the [Netlogon], [Homes] and [Profiles] shares defined with specific options, you'll need to define [Policy] and [Docs] shares.

I hope this helps

Dan
IT4SOHO
0
 
LVL 2

Author Closing Comment

by:Mohammad Aamir Qureshi
ID: 39669623
Thanks to everyone
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
OfficeMate Freezes on login or does not load after login credentials are input.
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question