Difference between revisions of "PDC"
(New page: open a terminal on your hda, or, if you use putty, open a connection to your hda. First, backup your smb.conf file, in case you run into problems you can easily revert back. #* cp /etc/sam...) |
|||
| Line 1: | Line 1: | ||
open a terminal on your hda, or, if you use putty, open a connection to your hda. | open a terminal on your hda, or, if you use putty, open a connection to your hda. | ||
First, backup your smb.conf file, in case you run into problems you can easily revert back. | First, backup your smb.conf file, in case you run into problems you can easily revert back. | ||
| − | + | * cp /etc/samba/smb.conf /etc/samba/smb_old.conf | |
next we need to modify the smb file, i use nano for this, you may use any editor you feel confortable with | next we need to modify the smb file, i use nano for this, you may use any editor you feel confortable with | ||
| − | + | * nano /etc/samba/smb.conf | |
change the apropriate parts in the smb.conf | change the apropriate parts in the smb.conf | ||
for convienence i'll post my complete smb.conf as a sample for you. | for convienence i'll post my complete smb.conf as a sample for you. | ||
| − | + | ======================================================================= | |
| − | # This file is automatically generated any manual changes WILL BE OVERWRITTEN | + | ;# This file is automatically generated any manual changes WILL BE OVERWRITTEN |
| − | # Amahi configuration, generated on Sun Jul 05 18:15:27 +0200 2009 | + | ;# Amahi configuration, generated on Sun Jul 05 18:15:27 +0200 2009 |
[global] | [global] | ||
workgroup = {YOUR_DOMAIN} | workgroup = {YOUR_DOMAIN} | ||
| Line 21: | Line 21: | ||
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 | socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 | ||
| − | # below options are added to make amahi a pdc # | + | ;# below options are added to make amahi a pdc # |
os level = 65 | os level = 65 | ||
preferred master = yes | preferred master = yes | ||
| Line 31: | Line 31: | ||
logon drive = q: | logon drive = q: | ||
logon home = \\hda\%u | logon home = \\hda\%u | ||
| − | # end pdc options # | + | ;# end pdc options # |
time server = yes | time server = yes | ||
| Line 48: | Line 48: | ||
printer admin = root, @ntadmin, administrator | printer admin = root, @ntadmin, administrator | ||
| − | # The homes share # | + | ;# The homes share # |
[homes] | [homes] | ||
read only = no | read only = no | ||
browseable = no | browseable = no | ||
| − | # end [homes] # | + | ;# end [homes] # |
| − | # The netlogon share required for domain logons # | + | ;# The netlogon share required for domain logons # |
[netlogon] | [netlogon] | ||
comment = Network Logon Service | comment = Network Logon Service | ||
| Line 61: | Line 61: | ||
writable = no | writable = no | ||
share modes = no | share modes = no | ||
| − | # end [netlogon] # | + | ;# end [netlogon] # |
| − | # The profiles share needed to store your roaming profiles # | + | ;# The profiles share needed to store your roaming profiles # |
[Profiles] | [Profiles] | ||
comment = Roaming Profile Share | comment = Roaming Profile Share | ||
| Line 69: | Line 69: | ||
read only = No | read only = No | ||
profile acls = Yes | profile acls = Yes | ||
| − | # [end profiles share] # | + | ;# [end profiles share] # |
[print$] | [print$] | ||
| Line 87: | Line 87: | ||
printable = yes | printable = yes | ||
public = yes | public = yes | ||
| − | + | ======================================================================= | |
Save your smb.conf | Save your smb.conf | ||
| Line 94: | Line 94: | ||
- mkdir /var/hda/domain-settings | - mkdir /var/hda/domain-settings | ||
- mkdir /var/hda/domain-settings/netlogon | - mkdir /var/hda/domain-settings/netlogon | ||
| − | + | * mkdir /var/hda/domain-settings/profiles | |
Each time you want a user to join the domain, a user needs to be added, this can be done through the users tab on the amahi dashboard. | Each time you want a user to join the domain, a user needs to be added, this can be done through the users tab on the amahi dashboard. | ||
aditionally, a profile directory needs to be created. | aditionally, a profile directory needs to be created. | ||
| − | + | * mkdir /var/hda/domain-settings/profiles/nol | |
nol is the user i created through the users tab of the amahi dashboard. | nol is the user i created through the users tab of the amahi dashboard. | ||
Since we are logging in as root, we need to change the ownership of the previously created directory to the corresponding owner: | Since we are logging in as root, we need to change the ownership of the previously created directory to the corresponding owner: | ||
| Line 104: | Line 104: | ||
Now, this still doesnt allow us to login, because in samba, machines need to be added too! | Now, this still doesnt allow us to login, because in samba, machines need to be added too! | ||
this can be done automaticly, but for the time beeing we do it manually, amahi may facilitate this for you in the future. | this can be done automaticly, but for the time beeing we do it manually, amahi may facilitate this for you in the future. | ||
| − | + | * useradd -s /bin/false -d /dev/null computername$ | |
| − | + | * smbpasswd -a -m computername | |
Now as you can see there are some differences, when we added the Windows pc to Linux, we added the name computername$, | Now as you can see there are some differences, when we added the Windows pc to Linux, we added the name computername$, | ||
this tells Linux that it is a machine, not a name. Next when we added the Samba password, we invoked the -m, | this tells Linux that it is a machine, not a name. Next when we added the Samba password, we invoked the -m, | ||
| Line 118: | Line 118: | ||
now its time to restart samba. | now its time to restart samba. | ||
| − | + | * /etc/init.d/smb restart | |
Now you need to setup your Windows pc for domain logins. | Now you need to setup your Windows pc for domain logins. | ||
***Note the first time that you join a Samba domain from Windows, you will need to join the domain by using root as the name, and your root password for the password. | ***Note the first time that you join a Samba domain from Windows, you will need to join the domain by using root as the name, and your root password for the password. | ||
After rebooting, any valid user will be able to access the domain. | After rebooting, any valid user will be able to access the domain. | ||
Revision as of 13:39, 12 July 2009
open a terminal on your hda, or, if you use putty, open a connection to your hda. First, backup your smb.conf file, in case you run into problems you can easily revert back.
- cp /etc/samba/smb.conf /etc/samba/smb_old.conf
next we need to modify the smb file, i use nano for this, you may use any editor you feel confortable with
- nano /etc/samba/smb.conf
change the apropriate parts in the smb.conf for convienence i'll post my complete smb.conf as a sample for you.
===========================================================
- This file is automatically generated any manual changes WILL BE OVERWRITTEN
- Amahi configuration, generated on Sun Jul 05 18:15:27 +0200 2009
[global] workgroup = {YOUR_DOMAIN} server string = PDC (%v) netbios name = hda printing = cups printcap name = cups load printers = yes cups options = raw log file = /var/log/samba/%m.log max log size = 150 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
- below options are added to make amahi a pdc #
os level = 65 preferred master = yes domain master = yes local master = yes domain logons = yes logon path = \\hda\profiles
;automatically maps the home directory of the user, can be any drive letter you want. \\hda is the Samba server netbios name
logon drive = q: logon home = \\hda\%u
- end pdc options #
time server = yes unix extensions = yes veto files = /*.eml/*.nws/riched20.dll/*.{*}/ security = user username map script = /usr/share/hda-platform/hda-usermap large readwrite = yes encrypt passwords = yes dos charset = CP850 unix charset = UTF8 display charset = LOCALE guest account = nobody map to guest = Bad User wins support = yes printer admin = root, @ntadmin, administrator
- The homes share #
[homes] read only = no browseable = no
- end [homes] #
- The netlogon share required for domain logons #
[netlogon] comment = Network Logon Service path = /var/hda/domain-settings/netlogon guest ok = yes writable = no share modes = no
- end [netlogon] #
- The profiles share needed to store your roaming profiles #
[Profiles] comment = Roaming Profile Share path = /var/hda/domain-settings/profiles/%u read only = No profile acls = Yes
- [end profiles share] #
[print$] path = /var/lib/samba/drivers read only = yes force group = root write list = @ntadmin root force group = root create mask = 0664 directory mask = 0775 guest ok = yes
[printers] path = /var/spool/samba writeable = yes browseable = yes printable = yes public = yes
===========================================================
Save your smb.conf
So at this point we need to create the corresponding directories: - mkdir /var/hda/domain-settings - mkdir /var/hda/domain-settings/netlogon
- mkdir /var/hda/domain-settings/profiles
Each time you want a user to join the domain, a user needs to be added, this can be done through the users tab on the amahi dashboard. aditionally, a profile directory needs to be created.
- mkdir /var/hda/domain-settings/profiles/nol
nol is the user i created through the users tab of the amahi dashboard. Since we are logging in as root, we need to change the ownership of the previously created directory to the corresponding owner: chown -R nol /var/hda/domain-settings/profiles/nol Now, this still doesnt allow us to login, because in samba, machines need to be added too! this can be done automaticly, but for the time beeing we do it manually, amahi may facilitate this for you in the future.
- useradd -s /bin/false -d /dev/null computername$
- smbpasswd -a -m computername
Now as you can see there are some differences, when we added the Windows pc to Linux, we added the name computername$, this tells Linux that it is a machine, not a name. Next when we added the Samba password, we invoked the -m, this again tells Samba that we are adding a pc, not a person. Also, you probably noticed that it did not prompt for a password, it just added computername$. When you logon to the domain, Samba will read the password from your Windows password. Now that this done, all what is left to do is restart Samba, this also has to be done for each computer you intend to login with. no we dont add the $ sign, since all we do is adding an existing linux user to the samba password file. we tell samba its a machine simply by adding the -m switch to the command. At this point i have network logins working, using roaming profiles.
now its time to restart samba.
- /etc/init.d/smb restart
Now you need to setup your Windows pc for domain logins.
- Note the first time that you join a Samba domain from Windows, you will need to join the domain by using root as the name, and your root password for the password.
After rebooting, any valid user will be able to access the domain.
