Daniel Bell
2003-Apr-17 06:36 UTC
[Samba] Implementation of W2K Group Policies from a Linux Server
I am an evil M$ MCSE :), who of late is planning on opening his own business... Due to the large cost involved with setting up Win2K server, both Hardware and OS, we are considering a Linux server setup. We have SOME experience with Linux, but were after information specifically on the possible implementation of Win2K Group Policies (as well as 'Domain' Authentication_ for the client machines, from a Linux/Samba Server. There will be approx 30 Win2K/WinXP Client Machines. Our questions are this: Is this possible currently with Linux/Samba? As weve found little info on this... If so, are there Graphical Management Tools for the User/Groups and Group Policies? As we envisage the possibility of relatively inexperienced ppl having to at times perform simple administration tasks... What sort of minimum specs are we talking, for a machine to run this service? (we will also be running a Linux Gateway/Firewall on a separate box)... Thanks Daniel Bell
Coreix Systems - Unix - Linux Development & Internetworking Engineers
2003-Apr-17 08:15 UTC
[Samba] Implementation of W2K Group Policies from a Linux Server
I have resent this to the lists as the attachments were too big for the list.
So here it is without attachments.
Firstly i'll answer your questions:,
{
{Is this possible currently with Linux/Samba? As weve found little
{info on this...
Yes, It is possible to make samba perform "like" a Win2K machine as a
PDC on the
network.
goto http://www.samba.org and i have attached some files for your reading.
I have over 3000 Samba PDC's running and i rarely hear from their owners.
{If so, are there Graphical Management Tools for the User/Groups
{and Group Policies? As we envisage the possibility of relatively
{inexperienced ppl having to at times perform simple administration
{tasks...
There are two ways to do this, i can be done with a package that comes with the
samba
package and in enabled in inetd.conf, This is called "SWAT" it's a
web based GUI
Interface,
Specifically aimed at you M$ / Newbie's to Linux / UNIX. 'No pun
intended'
You can also us a tool to configure many applications, adduser etc etc, and
perform general admin
tasks on the Linux server call "webmin" And this can be found at:
http://www.webmin.com/
{What sort of minimum specs are we talking, for a machine to run
{this service? (we will also be running a Linux Gateway/Firewall on a
{separate box)...
{
This is a bit like a windows server spec, It all depends on what your going to
be doing with it
and how much use it's going to get, Considering it's probably going to
be a IT
Business, And it's going to be busy, I would make it as good a machine as
your
wallet can afford, EG.,
MSI, Intel MotherBD
Intel 2G CPU
512 - 1 GB RAM
Intel Pro 100 NIC
1 x 10 GB HDD For OS Only
1 x 120GB HDD For Storage, or more depending on your needs, you can always add
another one later...
As to your gateway machine, I would assume it's going to be a T1, ISDN, ADSL
Connection.?
This machine can be just about anything down to a 1G PIII with 128Mb RAM.
I would recommend you to only run a Shell Machine "No X Windows" on
the
gateway, and you spend some time
on firewalling the LAN correctly with iptables.
I would also recommend you to look at FreeBSD as a Operating System
http://www.freebsd.org This is more a UNIX like OS than Linux, and can be
quickly and easily configured with very little hassle.
But if you stuck on RedHat, Then use that.
I can provide you as much on-line support as you give me questions, Just ensure
your questions are detail
the "Whole Picture" and that will keep the to'ing and fro'ing
quantity down a
bit.
Ps: Were abouts are you in Good old AUSTRALIA..!?
Regards,
Craig R. Marshall
B.E (Hons), M.Eng.Sc., CCNA
Senior Software, IP Telecommunications
& Terrestrial Systems Engineer.
Coreix Systems Australia
mailto:craigrm@coreixsystems.com.au
http://www.coreixsystems.com
================================================================================================Disclaimer:
No guarantee is made that this email is free of computer viruses or
other defects.
We suggest that any attachments be scanned using appropriate virus detection
software before use.
We will accept no liability for any loss or damage, which may result directly or
indirectly from
opening or using any such attachment. This e-mail is confidential. If you
received this in error,
please notify the author by replying to this e-mail or advise us by telephone on
(+618) 9490 6698.
Privacy Policy: Coreix Systems is committed to protecting your privacy. If at
any time you choose
not to receive information from us, or you wish to amend your personal
information, please notify
Coreix Systems directly on (+618) 9490 6698, email
mailto:privacy@coreixsystems.com.au or by post
to: Coreix Systems : PO Box 252, Maddington, Perth - Western Australia,
AUSTRALIA 6989. Thank you.
================================================================================================
{-----Original Message-----
{From: samba-bounces+lists=coreixsystems.com.au@lists.samba.org
{[mailto:samba-bounces+lists=coreixsystems.com.au@lists.samba.org]On
{Behalf Of Daniel Bell
{Sent: Thursday, 17 April 2003 2:36 PM
{To: samba@lists.samba.org
{Subject: [Samba] Implementation of W2K Group Policies from a Linux
{Server
{
{
{I am an evil M$ MCSE :), who of late is planning on opening his
{own business... Due to the large cost involved with setting up
{Win2K server, both Hardware and OS, we are considering a Linux
{server setup. We have SOME experience with Linux, but were after
{information specifically on the possible implementation of Win2K
{Group Policies (as well as 'Domain' Authentication_ for the client
{machines, from a Linux/Samba Server. There will be approx 30
{Win2K/WinXP Client Machines.
{
{Our questions are this:
{
{Is this possible currently with Linux/Samba? As weve found little
{info on this...
{
{If so, are there Graphical Management Tools for the User/Groups
{and Group Policies? As we envisage the possibility of relatively
{inexperienced ppl having to at times perform simple administration
{tasks...
{
{What sort of minimum specs are we talking, for a machine to run
{this service? (we will also be running a Linux Gateway/Firewall on a
{separate box)...
{
{
{
{
{Thanks
{Daniel Bell
{
{--
{To unsubscribe from this list go to the following URL and read the
{instructions: http://lists.samba.org/mailman/listinfo/samba
{
{
John H Terpstra
2003-Apr-17 11:53 UTC
[Samba] Implementation of W2K Group Policies from a Linux Server
On Thu, 17 Apr 2003, Daniel Bell wrote:> I am an evil M$ MCSE :), who of late is planning on opening his > own business... Due to the large cost involved with setting up > Win2K server, both Hardware and OS, we are considering a Linux > server setup. We have SOME experience with Linux, but were afterWelcome to Linux Mr evil M$ MCSE! You will not regret the move if you follow a few basic rules and if when you ask for help you show that you have done at least some homework before hand.> information specifically on the possible implementation of Win2K > Group Policies (as well as 'Domain' Authentication_ for the client > machines, from a Linux/Samba Server. There will be approx 30 > Win2K/WinXP Client Machines.You can set up NTConfig.POL files using the NT4 Group Policy Editor. With Samba at this time there is no mechanism to implement Active Directory style Group Policy Objects (GPOs). The Samba-Team is exploring mechanisms for providing this but it will not be in Samba-3.0.0 when it ships and will have to wait until a later release.> Our questions are this: > > Is this possible currently with Linux/Samba? As weve found little > info on this... > > If so, are there Graphical Management Tools for the User/Groups > and Group Policies? As we envisage the possibility of relatively > inexperienced ppl having to at times perform simple administration > tasks...Use the NT4 Domain User Manager and the NT4 Server Manager that are part of the NEXUS tool kit available from Microsoft FTP sites. For more information please refer to the new Samba-HOWTO-Collection PDF file that is available from the Samba Web sites.> > What sort of minimum specs are we talking, for a machine to run > this service? (we will also be running a Linux Gateway/Firewall on a > separate box)...A dual processor AMD MP1500+ with 1GB RAM and a 3WARE IDE RAID controller with 3x 7200rpm IBM IDE drives, running SuSE Enterprise Linux Server will be more than adequate for up to 50 high demand users and up to 200 less demanding office users. - John T. -- John H Terpstra Email: jht@samba.org
Hi All, can somebody please help me on this or atleast point me to some Manuals ... we have installed samba 2.2.8a on a redhat linux 8 machine ...we need to maintain the password history (last 3 passwords) and the same password must not be allowed when he changes the password ... ...but i have not been able to do much ..can someone on this list please help me out ... Regards, Kiran
On Thu, 17 Apr 2003, Kiran Kumar M wrote:> Hi All, > can somebody please help me on this or atleast point me to some Manuals > ... > we have installed samba 2.2.8a on a redhat linux 8 machine ...we need to > maintain the password history (last 3 passwords) and the same password must > not be allowed when he changes the password ... ...but i have not been able > to do much ..can someone on this list please help me out ...SAmba-2.2.8a does not provide a password management scheme of this type. You would have to find a way to manage this through PAM. I am not aware of a mechanism to do this at this time. Maybe you could ask Red Hat for help on this. - John T. -- John H Terpstra Email: jht@samba.org