PDC

From Amahi Wiki
Revision as of 19:01, 28 July 2009 by Cpg (talk | contribs)
Jump to: navigation, search

Making Amahi a PDC - Primary Domain Controller

  • To join a machine to the domain, it has to be done by logging in once as root. Unfortunately, Amahi does not currently create a root samba user. For now and until we enable granting admin rights to other users, do this:
      smbpasswd -a root
      (set the samba password for the root user)
      smbpasswd -e root
  • Then join the domain: Select start, control panel, system, and click computername. Then select network-id and follow the wizard. When it asks you for a username/password, supply the root username/password you created above. This only needs to be done once


Old Development Notes

WARNING: These settings apply to the beta test only!! Other users see the old directives

Browse to your HDA dashboard. Select setup, then shares, then settings, then check PDC. now your new smb.conf is beeing generated! create the following file:

  • /var/hda/domain-settings/netlogon/logon.bat

and add the following to it: 

;Sync Windows clock with Samba clock
net time /set /yes
;Mount a samba share into x:
net use u: \\hda\BACKUP /persistent:no
net use v: \\hda\AFBEELDINGEN /persistent:no
net use w: \\hda\DOCUMENTEN /persistent:no
net use x: \\hda\SOFTWARE /persistent:no
net use y: \\hda\VIDEOS /persistent:no
net use z: \\hda\MUZIEK /persistent:no

save the file. next go to the workstation that you want to add to the domain. Select start, control panel, system, and click computername. then select network-id and follow the wizard. when it asks you for a username/password, supply the root username/password you created on the PDC. This is needed because Windows will otherwise be unable to join the Domain. once windows welcomes you to the new domain, you can restart your computer, and login with any user you created through the hda tab!


Old Directions

Open a terminal on your hda, or, if you use putty, open a connection to your hda.
Login as root: su -
First, backup your smb.conf file, in case you run into problems you can easily revert back.

  • cp /etc/samba/smb.conf /etc/samba/smb_old.conf

next we need to modify the smb file, i use nano for this, you may use any editor you feel confortable with

  • nano /etc/samba/smb.conf

change the apropriate parts in the smb.conf.
Save your smb.conf

So at this point we need to create the corresponding directories:

  • mkdir /var/hda/domain-settings
  • mkdir /var/hda/domain-settings/netlogon
  • mkdir /var/hda/domain-settings/profiles

Each time you want a user to join the domain, a user needs to be added, this can be done through the users tab on the amahi dashboard.
aditionally, a profile directory needs to be created.

  • mkdir /var/hda/domain-settings/profiles/JanJacobs

JanJacobs is the user i created through the users tab of the amahi dashboard.
Since we are logging in as root, we need to change the ownership of the previously created directory to the corresponding owner:

  • chown -R JanJacobs /var/hda/domain-settings/profiles/JanJacobs

Now, this still doesnt allow us to login, because in samba, machines need to be added too!
this can be done automaticly, but for the time beeing we do it manually, amahi may facilitate this for you in the future.

  • useradd -s /bin/false -d /dev/null computername$
  • smbpasswd -a -m computername

Now as you can see there are some differences, when we added the Windows pc to Linux, we added the name computername$, this tells Linux that it is a machine, not a name.
Next when we added the Samba password, we invoked the -m, this again tells Samba that we are adding a pc, not a person.
Also, you probably noticed that it did not prompt for a password, it just added computername$.
When you logon to the domain, Samba will read the password from your Windows password.
Now that this done, all what is left to do is restart Samba, this also has to be done for each computer you intend to login with.
no we dont add the $ sign, since all we do is adding an existing linux user to the samba password file.
we tell samba its a machine simply by adding the -m switch to the command.
At this point i have network logins working, using roaming profiles.

now its time to restart samba.

  • /etc/init.d/smb restart

Now you need to setup your Windows pc for domain logins.
(Note the first time that you join a Samba domain from Windows, you will need to join the domain by using root as the name, and your root password for the password.
After rebooting, any valid user will be able to access the domain.)

Retrieved from "https://wiki.amahi.org/index.php?title=PDC&oldid=3847"