------- Forwarded Message
Return-Path: hurricane-list-request@redhat.com
Return-Path: <hurricane-list-request@redhat.com>
Received: from innovace.aquasoft.com.au (jht@innovace.aquasoft.com.au
[192.245.14.12])
by innovace.aquasoft.com.au (8.8.7/8.8.7) with ESMTP id SAA00772
for <jht@innovace.aquasoft.com.au>; Sat, 20 Dec 1997 18:49:03 +1100
Received: from aqua.aquasoft.com.au
by innovace.aquasoft.com.au (fetchmail-4.3.2 IMAP run by jht)
for <jht@innovace.aquasoft.com.au> (single-drop); Sat Dec 20 18:49:03
1997
Received: from mail2.redhat.com by gatekeeper.aquasoft.com.au with smtp
(Smail3.1.28.1 #9) id m0xiktI-000doCC; Fri, 19 Dec 97 05:41 EST
Received: (qmail 15872 invoked by uid 501); 18 Dec 1997 16:44:52 -0000
Resent-Date: 18 Dec 1997 16:44:52 -0000
Resent-Cc: recipient list not shown: ;
MBOX-Line: From hurricane-list-request@redhat.com Thu Dec 18 11:44:49 1997
Reply-To: "D. Dante Lorenso" <dlorenso@afai.com>
From: "D. Dante Lorenso" <dlorenso@afai.com>
To: <cwinters@irex.org>, <dboyd@its.to>,
<hurricane-list@redhat.com>
Subject: SAMBA config to control a domain and user policies
Date: Thu, 18 Dec 1997 11:45:49 -0500
Message-ID: <01bd0bd4$64fb3940$3a151ecf@dns1.afai.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 4.71.1712.3
X-MimeOLE: Produced By Microsoft MimeOLE V4.71.1712.3
Resent-Message-ID: <"m2RRR3.0.Mt3.1CLcq"@mail2.redhat.com>
Resent-From: hurricane-list@redhat.com
X-Mailing-List: <hurricane-list@redhat.com> archive/latest/1194
X-Loop: hurricane-list@redhat.com
Precedence: list
Resent-Sender: hurricane-list-request@redhat.com
X-URL: http://www.redhat.com
Samba users,
For those of you that wanted to know how I set
up SAMBA to control a domain like NT does, I
am including a copy of my smb.conf so that you
might have an example to reference.
You wont need the [tmp] stuff in the smb.conf. I just
included that so you can see how I shared one of
the other directories.
I am not running windows NT (cant afford to) so...I
configured RedHat 5.0 to handle the logins for my
domain. I called my workgroup LORENSO, and set
up the system in user security mode. The following
steps outline the work I did:
1) Set up the server:
Create the /etc/smb.conf file and the /home/netlogon
share directory.
2) Restart the smbd and nmbd daemons:
/etc/rc.d/init.d/smb stop; /etc/rc.d/init.d/smb start
3) Test the visibility from client machines:
Look in the network neighborhood to see if the
machine is visible. If not...panic and cry...I'm not sure
if I can help you.
4) Set up the Client Win95 machine:
In the control panel, Click PASSWORDS...
------------------------------------------------------------
- then click User Profiles...Choose the bottom three
of the four checkboxes
a) Users can customize their settings...
b) Include desktop items...
c) Include Start Menu ...
In the control panel, Click NETWORK...
------------------------------------------------------------
- then click Identification...set your WORKGROUP name
- then click Access Control...set user-level access control
and obtain list from ... enter your server name ie: REDHAT
-then click Configuration...Add the client:
CLIENT FOR MICROSOFT NETWORKS
under the properties of that, choose:
a) Log on to win NT domain
b) enter your WORKGROUP name...ie: LORENSO
c) Log on and restore connections
- Finally, set the primary network logon to
CLIENT FOR MICROSOFT NETWORKS
4) Set up the User Profiles:
You'll have to know what your doing for this part,
but I'll attempt to give you a start...
- install the System Policy editor for Win95 (included
on your win95 system CD
- create a new config.pol and place it in the /home/netlogon
directory of the REDHAT server
- using the policy editor, Click File->Open Registry...
- Then, set all the options to reflect your server and
user config settings...
- save everything...
5) Reboot...login and cross your fingers
6) if (email->didHelp) { &SendMeAPizza; }
else { &GoRead("/usr/docs/$samba_doc_dir"); }
;)
THINGS TO WATCH OUT FOR:
- --------------------------------------------
When setting up my system, I was having all sorts
of trouble getting the login on to the network...well, it
turns out that Windows 95: OSR2 sends an uppercased
password to the server. I didn't know that... well, I changed
my unix password to all uppercase chars and ...voila! login
successful ;)
You may want to change the [netlogon] and [homes]
directories permissions in the smb.conf ... that'll need to
be changed to increase the security... I left mine this way for
testing and so I can write to the netlogon while configuring
stuff.
Although the documentation says you'll need wins support,
(I enabled it), I never set the NETWORK tcp/ip properties to
include a wins server, but I did edit my C:\win95\lmhosts file
to add the 192.168.14.XXX addresses and netbios names
of the three machines on my home network.
If I get a chance, I'll turn this mail into a website...It might take a
little while, though...
Best of luck...
D. Dante Lorenso
Accounting Firms Associated, inc.
dlorenso@afai.com
- ----------- 8< -------------------- 8< --------------------- 8<
------------
; The global setting for a RedHat default install
; smbd re-reads this file regularly, but if in doubt stop and restart it:
; /etc/rc.d/init.d/smb stop
; /etc/rc.d/init.d/smb start
;======================= Global Settings
====================================[global]
workgroup = Lorenso
comment = RedHat Samba Server
volume = RedHat5
lock directory = /var/lock/samba
locking = yes
strict locking = yes
share modes = yes
security = user
os level = 65
domain master = yes
local master = yes
prefered master = yes
domain logons = yes
wins support = yes
;logon script = %m.bat ; per workstation (machine)
;logon script = %u.bat ; per username
preserve case = yes
short case preserve = yes
case sensitive = no
[netlogon]
comment = Samba Network Logon Service
path = /home/netlogon
case sensitive = no
guest ok = yes
locking = no
read only = no ; I said no so I can still access it for
editing...you can say yes
browseable = yes ; say NO if you want to hide the NETLOGON share
admin users = @wheel
[homes]
comment = Home Directories
browseable = no
writable = yes
read only = no
preserve case = yes
short preserve case = yes
create mode = 0750
[tmp]
user = dlorenso
force group = users
comment = Temporary file space
browsable = yes
writable = yes
path = /tmp
read only = no
public = yes
- --
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail hurricane-list-request@redhat.com with
"unsubscribe" as the Subject.
------- End of Forwarded Message
--
==========================================================================John H
Terpstra, Director Telephone: +61 2 9524 4040
Aquasoft Pty Limited (ACN 050 057 488) Fax: +61 2 9540 4016
PO Box 105 Miranda NSW 2228 Australia Cellphone: +61 4 1935 3637
==========================================================================
Email: John.Terpstra@Aquasoft.Com.AU, jht@aquasoft.com.au
==========================================================================In the
beginning was the Word. The Word is NOT a trademark of Microsoft!
