Need help integrating Samba into a Windows Domain.
 

So I have the task of integrating our businesses first Linux server into the network.
My success or failure in this project will determine whether we use more linux in the future or scrap linux and continue using microsoft products.

This Server is running Ubuntu 9.01 loaded with Samba and Likewise-Open.

This server must be able to join the domain for the shares to be established.

Your mission, should you chose to accept is to help me establish a samba shared folder on the network available to all Microsoft users.

I joined the domain successfully according to the server however I cannot see the Ubuntu machine on the network. I can ping it but something is wrong.

Where should I start looking to find out what is broken?

Is the server in the right workgroup? Do you have your "hosts allow" and "interfaces" parameters set correctly? Is the server accepting traffic on UDP 137,138 and TCP 139? That's where I would start looking.

Possibly a Missing Krb5.conf file.
 

I was having some issues with my Krb5.conf file so I deleted it thinking I could reinstall Likewise-open and it would regenerate the krb5.conf file but it did not. Now I have no Krb5 file and I need to find out how to regenerate the default file for it. Any ideas on which program actually creates this file so I can reinstall that program and get the file back?

Ok I have fixed the missing krb5 file by reinstalling Likewise Open.
I successfully connected to the domain but still can't see the linux server KMSOLRA04 in the windows network directory.

I should be able to just type in "\\KMSOLRA04\incoming" in any windows explorer and see the share but something behind the lines is incorrect.

Where do I check the "Hosts Allow and Interfaces" parameters?

"hosts allow" and "interfaces" are in the "smb.conf" file. It's usually in the /etc/samba directory.

Hosts and Interfaces.
 

Yeah, I'm pretty familiar with the smb.conf file now.

Interfaces are disabled ;.

The default it 127.0.0.0/8 etho 0.

What address should this be?

I don't see a hosts name in the smb file.

What section should it be in and what should it say?

It should be the network address/netmask (eg. 192.168.7.0/24) of the ethernet card in the server. You should also set "hosts allow" to let the other machines on the network connect to it. It's in the global section. In mine it's the third or fourth parameter.

Ok I changed the address to the Linux servers IP 192.168.168.37/8 (Im not sure about the 8 bit.)

I have the most recent version of samba and there is no Host option in the smb.conf file.

Can I simply enter one anywhere in the global section?

Like: Hosts = allow

is that correct?

That IP address is typically a Class C network and should have a netmask of 255.255.255.0, so the value should be 192.168.168.37/24, but double check the configuration.

The format is

Here is my global in the smb.conf. Is this correct?

#======================= Global Settings =======================

[global]

## Browsing/Identification ###

# Change this to the workgroup/NT-domain name your Samba server will part of
workgroup = KMLSDC1.KMLS.COM

realm = KMLSDC1.KMLS.COM

password server = 192.168.168.35

# server string is the equivalent of the NT Description field
server string = %h server (Samba, Ubuntu)

# Windows Internet Name Serving Support Section:
# WINS Support - Tells the NMBD component of Samba to enable its WINS Server
# wins support = no

# WINS Server - Tells the NMBD components of Samba to be a WINS Client
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
; wins server = w.x.y.z

# This will prevent nmbd to search for NetBIOS names through DNS.
dns proxy = no

# What naming service and in what order should we use to resolve host names
# to IP addresses
; name resolve order = lmhosts host wins bcast

#### Networking ####

# The specific set of interfaces / networks to bind to
# This can be either the interface name or an IP address/netmask;
# interface names are normally preferred

hosts allow = 192.168.168.37

interfaces = 192.168.168.37/8 eth0

# Only bind to the named interfaces and/or networks; you must use the
# 'interfaces' option above to use this.
# It is recommended that you enable this feature if your Samba machine is
# not protected by a firewall or is a firewall itself. However, this
# option cannot handle dynamic or non-broadcast interfaces correctly.
; bind interfaces only = yes

With that configuration, the only machine that will be able to connect is 192.168.168.37. If you want other machines on that network to connect, you can use 192.168.168. or 192.168. etc.

What is the netmask for interface eth0 as reported by ifconfig?

eth0 Link encap:Ethernet HWaddr 00:30:48:df:8c:5e
inet addr:192.168.168.37 Bcast:192.168.168.255 Mask:255.255.255.0
inet6 addr: fe80::230:48ff:fedf:8c5e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2213557 errors:0 dropped:0 overruns:0 frame:0
TX packets:1265667 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2377299638 (2.3 GB) TX bytes:108979814 (108.9 MB)
Memory:fb5e0000-fb600000

Are you saying this address (192.168.168.37) is the entry for an end user according to samba? as in a user that will have access to the samba file share? If that is the case I do not wish to specify each address because we use DHCP with 20+ users so you can see where this can get tricky. I want everyone on the domain to have access to the samba share.

Also, I am pretty sure the domain name that Ubuntu wants is: KMLSDC1.KMLS.COM but I would like to know for sure. Is there a place I can go to know for sure either in Ubuntu or my windows server? I am not sure if it only needs the parent domain: KMLS.COM.

Here is my testparm:



[global]
workgroup = KMLSDC1.KMLS.COM
realm = KMLSDC1.KMLS.COM
server string = %h server (Samba, Ubuntu)
interfaces = 192.168.168.37/8, eth0
security = DOMAIN
map to guest = Bad User
obey pam restrictions = Yes
password server = 192.168.168.35
passdb backend = tdbsam
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
unix password sync = Yes
syslog = 0
log file = /var/log/samba/log.%m
max log size = 1000
domain logons = Yes
dns proxy = No
usershare allow guests = Yes
panic action = /usr/share/samba/panic-action %d
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = Yes
winbind enum groups = Yes
read only = No
create mask = 0775
directory mask = 0775
hosts allow = 192.168.168.37/24

[printers]
comment = All Printers
path = /var/spool/samba
read only = Yes
create mask = 0700
printable = Yes
browseable = No

[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
read only = Yes

[SOLRA04SHARE]
comment = solra04 share
path = /home/KMSOLRA04SHARE
guest ok = Yes
root@kmsolra04:~#