Difference between revisions of "Samba domain controller"
(→Introduction) |
(→PreConfiguration LOL) |
||
Line 27: | Line 27: | ||
=Configuration= | =Configuration= | ||
− | ==PreConfiguration | + | ==PreConfiguration== |
run the following commands to create files and change permissions | run the following commands to create files and change permissions | ||
Line 40: | Line 40: | ||
chown -R root:users /home/shares/allusers/ | chown -R root:users /home/shares/allusers/ | ||
chmod -R ug+rwx,o+rx-w /home/shares/allusers/ | chmod -R ug+rwx,o+rx-w /home/shares/allusers/ | ||
− | |||
==Samba Config File== | ==Samba Config File== |
Revision as of 04:36, 2 November 2007
Contents
Introduction
This Article explains how to setup a simple Windows Domain Controller with user authentication and shares on a small network using samba. Note this Howto is currently only a rough guide and may not work properly
Installation
Make sure your Arch is up to date:
pacman -Syu
Set your IP Address to static through rc.conf
vi /etc/rc.conf
Edit the following line
eth0="eth0 192.168.0.101 netmask 255.255.255.0 broadcast 192.168.0.255"
Run the following command to install samba
pacman -Sy samba
Configuration
PreConfiguration
run the following commands to create files and change permissions
mkdir /home/samba mkdir /home/samba/netlogon mkdir /home/samba/profiles chmod 777 /var/spool/samba/ chown -R root:users /home/samba/ chmod -R 771 /home/samba/ mkdir -p /home/shares/allusers chown -R root:users /home/shares/allusers/ chmod -R ug+rwx,o+rx-w /home/shares/allusers/
Samba Config File
Create the samba config file
vi /etc/samba/smb.conf
Enter the following text
[global] workgroup = BBLEGAL netbios name = archer server string = Samba Domain Controller passdb backend = tdbsam security = user username map = /etc/samba/smbusers name resolve order = wins bcast hosts domain logons = yes preferred master = yes wins support = yes # Default logon logon drive = H: logon script = scripts/logon.bat logon path = \\archer\profile\%U # Useradd scripts add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usernod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false/ -d /var/lib/nobody %u idmap uid = 15000-20000 idmap gid = 15000-20000 template shell = /bin/bash # sync smb passwords with linux passwords passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* . passwd chat debug = yes unix password sync = yes # set the loglevel log level = 3 [public] browseable = yes public = yes [homes] comment = Home valid users = %S read only = no browsable = no [netlogon] comment = Network Logon Service path = /home/samba/netlogon admin users = Administrator valid users = %U read only = no guest ok = yes writable = no share modes = no [profile] comment = User profiles path = /home/samba/profiles valid users = %U create mode = 0600 directory mode = 0700 writable = yes browsable = no guest ok = no [allusers] comment = All Users path = /home/shares/allusers valid users = @users force group = users create mask = 0660 directory mask = 0771 writable = yes
Other Configuration
Next restart samba
/etc/rc.d/samba restart
Edit the following file
vi /etc/nsswitch.conf
And change the line
hosts: files dns
to say
hosts: files wins dns
Add the root user to the samba password database
smbpasswd -a root
This next command tells the server that the user Administrator will be our domain admin
echo "root = Administrator" > /etc/samba/smbusers
Add the default domain groups
net groupmap add ntgroup="Domain Admins" unixgroup=root net groupmap add ntgroup="Domain Users" unixgroup=users net groupmap add ntgroup="Domain Guests" unixgroup=nogroup
Adding users
First add the user
useradd username -m -G users
then add it to the samba database
smbpasswd -a username
Restart the samba server just to be sure
/etc/rc.d/samba restart
Finished :-)
Your samba domain controller may or may not work now that you have completed this untested how to.