Hi.
I'm trying to build a nt domain with samba 3.0.5 (only samba, no native
nt/xp servers), but I cannot succeed. I'm following this
http://thegoldenear.org/toolbox/unices/samba/samba-setup.html because I
find the samba documentation not so clear. It's for samba 2, but it must
be similar to samba 3... This is what I did:
quantum home # groupadd -g 2000 admins
quantum home # groupadd -g 2010 machines
quantum home # mkdir samba
quantum home # mkdir samba/profiles
quantum home # mkdir samba/backup
quantum home # chmod 1757 samba/profiles
quantum home # mkdir -m 0775 netlogon
quantum home # chown root:admins netlogon/
quantum home # adduser johndoe
quantum home # smbpasswd -a johndoe
New SMB password:
Retype new SMB password:
Added user johndoe.
quantum home # mkdir /home/samba/profiles/johndoe
quantum home # chown johndoe:users /home/samba/profiles/johndoe/
quantum home # adduser -g machines -s /bin/false -d /dev/null quantumwin
quantum home # passwd -l quantumwin
Now I try with johndoe:
quantum netlogon # smbclient -L quantum-file --user johndoe
Password:
Domain=[LINUX.DOMAIN] OS=[Unix] Server=[Samba 3.0.5]
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (My Quantum Samba Server)
ADMIN$ IPC IPC Service (My Quantum Samba Server)
johndoe Disk Samba home directories
Domain=[LINUX.DOMAIN] OS=[Unix] Server=[Samba 3.0.5]
Server Comment
--------- -------
QUANTUM-FILE My Quantum Samba Server
Workgroup Master
--------- -------
LINUX.DOMAIN QUANTUM-FILE
It should work... but I cannot join the domain (windows xp pro). At
first, the network identification wizard asks me for username, password
and domain. I use johndoe and the domain LINUX.DOMAIN --- nothing.
It appears ``windows cannot find an account for your computer on the
LINUX.DOMAIN domain''. Again, I insert the name of my windows computer
(quantumwin) and the domain. A dialog says: ``A domain controller for
the domain LINUX.DOMAIN could not be contacted.'' --- The error is about
a missing SRV entry in the DNS for the ldap server, but at the moment,
I'm just testing. Moreover... am I right in suspecting it's trying to
connect to an AD server instead of a NT4 domain?
This is my smb.conf:
[global]
workgroup = LINUX.DOMAIN
netbios name = quantum-file
server string = My Quantum Samba Server
time server = yes
security = user
encrypt passwords = yes
domain logons = yes
log file = /var/log/samba/log.%m
os level = 64
preferred master = yes
local master = yes
domain master = yes
add user script = /usr/sbin/useradd -d /dev/null -g machines -s
/bin/false -M %u
logon drive = Z:
logon path = \\%L\profiles\%U
logon script = netlogon.bat
preserve case = yes
short preserve case = yes
case sensitive = no
[profiles]
comment = Samba users profiles
path = /home/samba/profiles
read only = no
browseable = no
create mask = 0600
directory mask = 0700
[homes]
volume = HOMES
comment = Samba home directories
read only = no
browseable = no
public = no
create mode = 0750
[netlogon]
comment = Samba login service
path = /home/netlogon
read only = yes
browseable = no
write list = @admins
This is my \home\netlogon\NETLOGON.BAT
--
Sensei <mailto:senseiwa@tin.it>
<icqnum:241572242>
<msn-id:Sensei_Sen@hotmail.com>
Error: Keyboard not found. Press F1 to continue...
> quantum home # adduser -g machines -s /bin/false -d /dev/null > quantumwin > quantum home # passwd -l quantumwinWhen adding a machine account to the unix password file it needs to have a $ at the end of the name. Also the last time I checked the only user who could join a machine to the domain in Samba 2 was root. So you'll need a root account in the smbpasswd file, the password in smbpasswd does not have to match the unix root password. It's probably a good idea that they don't match.> It should work... but I cannot join the domain (windows xp pro). At > first, the network identification wizard asks me for username, password > and domain. I use johndoe and the domain LINUX.DOMAIN --- nothing. > > It appears ``windows cannot find an account for your computer on the > LINUX.DOMAIN domain''. Again, I insert the name of my windows computer > (quantumwin) and the domain. A dialog says: ``A domain controller for > the domain LINUX.DOMAIN could not be contacted.'' --- The error is > about > a missing SRV entry in the DNS for the ldap server, but at the moment, > I'm just testing. Moreover... am I right in suspecting it's trying to > connect to an AD server instead of a NT4 domain?Yes XP is looking for an AD server. You may want to enable wins support on your PDC and point you windows clients to it. This helps with finding servers across subnets, it cuts down on broadcast traffic, and can speed things up a bit.> add user script = /usr/sbin/useradd -d /dev/null -g machines -s > /bin/false -M %uIt appears you're using the add user script to add machines accounts, which means the %u at the end should really be a %m$ don't forget the $. Everything else looks okay. Derek Not one shred of evidence supports the notion that life is serious -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20040801/173d095d/PGP.bin