Win7-SLES11.3 PDC
Hi All,
I learn from many experts online, and finally it works but still happens some sharing problems that I can handle it in different way. Here is what I have, and hopefully we can share what we have successed:
-Sles Linux 11.3 installed, Samba 3.5.4 server configured and started, no DNS or LDAP installed.
-added to smb.conf:
client ntlmv2 auth = yes
wins support = Yes
wins proxy = No
lanman auth = yes
ntlm auth = Yes
name resolve order = bcast host lmhosts wins
-add to smbusers:
noby=guest pcguest smbguest
WinXP or Win7 Clients:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters]
"EnableSecuritySignature"=dword:00000000
"DomainCompatibilityMode"=dword:00000001
"DNSNameResolutionRequired"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters]
"RequireSignOrSeal"=dword:00000001
"RequireStrongKey"=dword:00000001
"SealSecureChannel"=dword:00000001
"SignSecureChannel"=dword:00000001
WinXP joins the domain OK and read the mapped logon drive P: and all shared folders OK!
Win7: needs more modifications:
REGEDIT:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"QualifyingDestinationThreshold"=dword:00000003
"NV Domain"="Name of Samba Workgroup in smb.conf"
"NameServer"="Name of Samba Workgroup in smb.conf"
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\System\DNSClient]
"NV PrimaryDnsSuffix"="Name of Samba Workgroup in smb.conf"
Gpedit.msc:
Compouter|Windows Settings|Security Settings|Local Policies|Security Options
-Network Security: LAN Manager Auth. Level: Send LM&NTLM use NTLMv2 session sec. if negociated
-Network Security: Minimum session...both clients and servr: NO Required 128b encryption
Computer|Admin.Templates|System|User Profiles|
-Do not check for user ownership of roaming profile: Enabled
-Delete cache copies of roaming profile: Enabled
Reboot and now Win7 can join the domain, but with an error message about can't change the domain name to... but I just ignore it, and it works OK with any shared folders, the same way for WinXP.
The only problem is that it won't map the logon drive P: but I can apply the "logon.bat" instead.
However, I don't understand all of what I have done to make it work as I just copied from other experts.
Thanks to all experts online who already help us learning Linux. And thanks to anyone who can explain what I need or not need in the above modifications to make it runs correctly.
PNguyen
|