LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-28-2004, 12:18 PM   #1
Lester
LQ Newbie
 
Registered: Jan 2004
Posts: 16

Rep: Reputation: 0
Samaba PDC config - help!


Ok - I went here:

http://www.freeos.com/articles/3842/

.. and followed the "Samba as Primary Domain Controller" part.

Still, I get "No DNS Name" found error when attempting to connect to the newly established PDC hosted on my Mandrake 9.2 machine. I have 2 WinXP boxes that are trying to connect. If Samba is set to Workgroup, I can see the icon in network neighborhood, but "not access this network resource due to restrictions .. blah-blah".

Any idea why Samba is failing to broadcast a valid DNS domain? All users seem to be set up fine!

Also - I am running all this behind an SMC VBR7004 Router, in which I have disabled any DHCP server functions to allow Samba to do its thing. No luck ..

Last edited by Lester; 01-28-2004 at 12:21 PM.
 
Old 01-28-2004, 01:53 PM   #2
Lester
LQ Newbie
 
Registered: Jan 2004
Posts: 16

Original Poster
Rep: Reputation: 0
one bump?
 
Old 01-28-2004, 05:06 PM   #3
homey
Senior Member
 
Registered: Oct 2003
Posts: 3,057

Rep: Reputation: 59
I found this tutorial to work very nicely...
http://www-1.ibm.com/servers/esdd/tu...mba/index.html
 
Old 01-29-2004, 04:41 AM   #4
muah
Member
 
Registered: Aug 2003
Location: Europe
Distribution: Slackware (current)
Posts: 228

Rep: Reputation: 33
There is no need to disable DHCP on the router. It could help if u pasted your smb.conf
BTW You need to apply a registry hack on XP machines if u want them to be able to log to a domain. These .reg files come with samba package, just execute them on the XP machine and reboot.
 
Old 01-29-2004, 10:20 PM   #5
Lester
LQ Newbie
 
Registered: Jan 2004
Posts: 16

Original Poster
Rep: Reputation: 0
Here is the smb.conf file:

---------------------------------------------------------------

# /etc/samba/smb.conf
# samba configuration file
# last updated: 2/28/2002 by tms

[global]

;basic server settings
workgroup = server
netbios name = Mandrake
server string = Samba PDC running %v
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192


...
;PDC and master browser settings
os level = 64
preferred master = yes
local master = yes
domain master = yes

...
;security and logging settings
security = user
encrypt passwords = yes
domain logons = yes
log file = /var/log/samba/log.%m
log level = 2
max log size = 50
hosts allow =

...
;user profiles and home directory
logon home = \\%L\%U\.profile
logon drive = H:
logon path = \\%L\profiles\%U

...
logon script = netlogon.bat
...

...
;sync UNIX passwords
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *Enter*
new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: *all*
authentication*tokens*updated*successfully*
...

[homes]
comment = Home Directories
browseable = no
writeable = yes

[profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600
directory mask = 0700

# === shares ===
...
[netlogon]
path = /home/netlogon
read only = yes
write list = @admim

--------------------------------------

Even after the XP registry hack, I still get "access is denied" from the XP box upon attempting to join domain. I have added many users, all set to root access, including root itself!, but still "access is denied"

Rebooted countless times.

Any ideas why?
 
Old 01-29-2004, 10:41 PM   #6
homey
Senior Member
 
Registered: Oct 2003
Posts: 3,057

Rep: Reputation: 59
Hmm, that ibm site seems to be down. Here are the important things which they mentioned.

groupadd -g 200 admins
groupadd -g 201 machines

mkdir -m 0775 /home/netlogon
chown root.admins /home/netlogon

mkdir /home/samba /home/samba/profiles
chmod 1757 /home/samba/profiles

The automated approach for machine accounts is to add the following line to the /etc/smb.conf
( Note: that is supposed to be all one line )
add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u

_______________________________________________________________

In some cases, the Windows machine refuses to join the Samba domain. Then the manual approach is needed also. Use the following commands while logged in as the root user.

Note: machine_name is the computer name which is trying to join.

/usr/sbin/useradd -g machines -d /dev/null -s /bin/false machine_name$

passwd -l machine_name$
You should see something like this....
Locking password for user machine_name$
passwd: Success

Now add a samba password for the machine.
smbpasswd -a -m machine_name$
You should see something like this....
Added user machine_name$

________________________________________________________________

Add the user accounts ( Fred in my case ) and set the passwords
useradd fred
passwd fred
New password:
Retype password:

smbpasswd -a fred
New SMB password:
Retype SMB password:

***************************************************************
This part is very important for joining the domain from Windows.
When you get to the part on a Windows computer where it asks for the person who is authorized to join computers to the domain, I use the root user and password.

Give the root / admin user a samba password!!
smbpasswd -a root
New SMB password:
Retype SMB password:


Below is my smb.conf which works very nicely with those instructions.

_______________________________________________________________________
[global]
workgroup = mydomain.com
server string = Samba Server
hosts allow = 192.168.0. 192.168.1. 127.
printcap name = /etc/printcap
load printers = yes
printing = cups
log file = /var/log/samba/%m.log
max log size = 50
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd

unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*

pam password change = yes
username map = /etc/samba/smbusers
include = /etc/samba/smb.conf.%m
obey pam restrictions = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
os level = 64
domain master = yes
domain logons = yes

logon home = \\%L\%U
; logon drive = H:
logon path = \\%L\Profiles\%U
add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u

dns proxy = no

[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
# If you want users samba doesn't recognize to be mapped to a guest user
; map to guest = bad user

[netlogon]
comment = Network Logon Service
path = /home/netlogon
read only = yes
browseable = no
write list = fred

[Profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600
directory mask = 0700

[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = no
writable = no
printable = yes

Last edited by homey; 01-29-2004 at 10:43 PM.
 
Old 01-29-2004, 11:21 PM   #7
Lester
LQ Newbie
 
Registered: Jan 2004
Posts: 16

Original Poster
Rep: Reputation: 0
Now I get the "specified user does not exist" error. Even after doing: smbpasswd -a root command .. ??

(I am using your smb.conf now btw .. with my own workgroup name .. )

Last edited by Lester; 01-29-2004 at 11:35 PM.
 
Old 01-29-2004, 11:48 PM   #8
homey
Senior Member
 
Registered: Oct 2003
Posts: 3,057

Rep: Reputation: 59
Quote:
specified user does not exist
What user is giving you that error?
 
Old 01-30-2004, 08:39 AM   #9
Lester
LQ Newbie
 
Registered: Jan 2004
Posts: 16

Original Poster
Rep: Reputation: 0
"root" + name I give Samba etc.

Where could this be going wrong?
 
Old 01-30-2004, 09:14 AM   #10
Lester
LQ Newbie
 
Registered: Jan 2004
Posts: 16

Original Poster
Rep: Reputation: 0
here's another thing:

sometimes it will give me the "unknown username or bad password instead of just "specified user does not exist"

.. methinks I have authentication problems ..
 
Old 01-30-2004, 09:16 AM   #11
Lester
LQ Newbie
 
Registered: Jan 2004
Posts: 16

Original Poster
Rep: Reputation: 0
This is the registry hack I applied:

---------------------------

Configuring the Windows XP Client:

Notes : Only Windows XP-Professional Edition can join the Domain, it does not work for WindowsXP-Home Edition.

STEPS:

1) Make sure that the workstation belonged to the same workgroup as the server and have a fixed IP address and hostname assigned.

2) Change the registry entry, run the command regedt32 and do the below
a) RequireSignOrSeal Registry hack

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netlogon\parameters
"RequireSignOrSeal"=dword:00000000

b) Use the Registry Editor and edit the
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\CompatibleRUPSecurity to have the DWORD value of 1 <-- couldn't find this key, so I skipped it ...

3) Use the Group Policy Editor (gpedit.msc) and enable "Computer Configuration\Administrative Templates\System\User Profiles\Do not check for user ownership of Roaming Profile Folders".

4) Go to MyComputer right click Properties. Go to Change and click on Domain and enter the domain-name you want to join. When joining the domain for the First time enter userid as root and give the samba password. Make sure there is an entry for the root in the smbpasswd (samba password) file.

5) Reboot and then the changes will be effective.
------------------------

Is this the error, or my smb.conf file, or my users? I have followed the IBM tutorial exactly ..

I am using Mandrake 9.2 btw ...
 
Old 01-30-2004, 09:28 AM   #12
homey
Senior Member
 
Registered: Oct 2003
Posts: 3,057

Rep: Reputation: 59
Don't know what's going on.
Did you restart samba with the command: service smb restart after making the changes to smb.conf ?

I don't know about any reg hacks as I never had a need to.

Is your firewall preventing things?

Sorry, I just don't know....

Last edited by homey; 01-30-2004 at 09:30 AM.
 
Old 01-30-2004, 09:47 AM   #13
Lester
LQ Newbie
 
Registered: Jan 2004
Posts: 16

Original Poster
Rep: Reputation: 0
Ok - I managed to login to the domain from the other computer, (as a different user), but couldn't access the /home/<user> directory?

Is this a problem with after adding users, I have to re-start the Samba service?

I'm just wondering what step i'm missing ...
 
Old 02-02-2004, 11:38 PM   #14
Lester
LQ Newbie
 
Registered: Jan 2004
Posts: 16

Original Poster
Rep: Reputation: 0
I have the answer!

Uninstalled Mandrake, and installed Redhat 5 - works like a charm now!
 
Old 01-21-2010, 07:24 AM   #15
sweetshubhi
LQ Newbie
 
Registered: Jan 2010
Posts: 5

Rep: Reputation: 0
roaming profile with samba as pdc & windows as client

currently i m working on roaming profile where linux is the server & windows is the client ....i m implementing it using samba as pdc my linux version is 2.6.27.5-117.fc10.x86_64

i m having some issues regarding smb.conf file.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Samaba Issue with copying dominator666 Linux - Networking 7 10-15-2005 01:34 PM
Samaba problem Mr.Bone Linux - Networking 5 08-29-2004 06:32 PM
Samaba Robush Linux - Newbie 3 01-29-2004 09:45 PM
Samaba Problems biggiefatts Linux - Networking 6 06-02-2003 06:42 PM
Samaba setup help ogden2k Linux - Networking 9 02-05-2003 01:28 PM


All times are GMT -5. The time now is 10:08 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration