Ok - I went here:

http://www.freeos.com/articles/3842/

.. and followed the "Samba as Primary Domain Controller" part.

Still, I get "No DNS Name" found error when attempting to connect to the newly established PDC hosted on my Mandrake 9.2 machine. I have 2 WinXP boxes that are trying to connect. If Samba is set to Workgroup, I can see the icon in network neighborhood, but "not access this network resource due to restrictions .. blah-blah".

Any idea why Samba is failing to broadcast a valid DNS domain? All users seem to be set up fine!

Also - I am running all this behind an SMC VBR7004 Router, in which I have disabled any DHCP server functions to allow Samba to do its thing. No luck ..

one bump?

I found this tutorial to work very nicely...
http://www-1.ibm.com/servers/esdd/tu...mba/index.html

There is no need to disable DHCP on the router. It could help if u pasted your smb.conf
BTW You need to apply a registry hack on XP machines if u want them to be able to log to a domain. These .reg files come with samba package, just execute them on the XP machine and reboot.

Here is the smb.conf file:

---------------------------------------------------------------

# /etc/samba/smb.conf
# samba configuration file
# last updated: 2/28/2002 by tms

[global]

;basic server settings
workgroup = server
netbios name = Mandrake
server string = Samba PDC running %v
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192


...
;PDC and master browser settings
os level = 64
preferred master = yes
local master = yes
domain master = yes

...
;security and logging settings
security = user
encrypt passwords = yes
domain logons = yes
log file = /var/log/samba/log.%m
log level = 2
max log size = 50
hosts allow =

...
;user profiles and home directory
logon home = \\%L\%U\.profile
logon drive = H:
logon path = \\%L\profiles\%U

...
logon script = netlogon.bat
...

...
;sync UNIX passwords
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *Enter*
new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: *all*
authentication*tokens*updated*successfully*
...

[homes]
comment = Home Directories
browseable = no
writeable = yes

[profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600
directory mask = 0700

# === shares ===
...
[netlogon]
path = /home/netlogon
read only = yes
write list = @admim

--------------------------------------

Even after the XP registry hack, I still get "access is denied" from the XP box upon attempting to join domain. I have added many users, all set to root access, including root itself!, but still "access is denied"

Rebooted countless times.

Any ideas why?

Hmm, that ibm site seems to be down. Here are the important things which they mentioned.

groupadd -g 200 admins
groupadd -g 201 machines

mkdir -m 0775 /home/netlogon
chown root.admins /home/netlogon

mkdir /home/samba /home/samba/profiles
chmod 1757 /home/samba/profiles

The automated approach for machine accounts is to add the following line to the /etc/smb.conf
( Note: that is supposed to be all one line )
add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u

_______________________________________________________________

In some cases, the Windows machine refuses to join the Samba domain. Then the manual approach is needed also. Use the following commands while logged in as the root user.

Note: machine_name is the computer name which is trying to join.

/usr/sbin/useradd -g machines -d /dev/null -s /bin/false machine_name$

passwd -l machine_name$
You should see something like this....
Locking password for user machine_name$
passwd: Success

Now add a samba password for the machine.
smbpasswd -a -m machine_name$
You should see something like this....
Added user machine_name$

________________________________________________________________

Add the user accounts ( Fred in my case ) and set the passwords
useradd fred
passwd fred
New password:
Retype password:

smbpasswd -a fred
New SMB password:
Retype SMB password:

***************************************************************
This part is very important for joining the domain from Windows.
When you get to the part on a Windows computer where it asks for the person who is authorized to join computers to the domain, I use the root user and password.

Give the root / admin user a samba password!!
smbpasswd -a root
New SMB password:
Retype SMB password:


Below is my smb.conf which works very nicely with those instructions.

_______________________________________________________________________
[global]
workgroup = mydomain.com
server string = Samba Server
hosts allow = 192.168.0. 192.168.1. 127.
printcap name = /etc/printcap
load printers = yes
printing = cups
log file = /var/log/samba/%m.log
max log size = 50
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd

unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*

pam password change = yes
username map = /etc/samba/smbusers
include = /etc/samba/smb.conf.%m
obey pam restrictions = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
os level = 64
domain master = yes
domain logons = yes

logon home = \\%L\%U
; logon drive = H:
logon path = \\%L\Profiles\%U
add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u

dns proxy = no

[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
# If you want users samba doesn't recognize to be mapped to a guest user
; map to guest = bad user

[netlogon]
comment = Network Logon Service
path = /home/netlogon
read only = yes
browseable = no
write list = fred

[Profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600
directory mask = 0700

[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = no
writable = no
printable = yes

Now I get the "specified user does not exist" error. Even after doing: smbpasswd -a root command .. ??

(I am using your smb.conf now btw .. with my own workgroup name .. )

What user is giving you that error?

"root" + name I give Samba etc.

Where could this be going wrong?

here's another thing:

sometimes it will give me the "unknown username or bad password instead of just "specified user does not exist"

.. methinks I have authentication problems ..

This is the registry hack I applied:

---------------------------

Configuring the Windows XP Client:

Notes : Only Windows XP-Professional Edition can join the Domain, it does not work for WindowsXP-Home Edition.

STEPS:

1) Make sure that the workstation belonged to the same workgroup as the server and have a fixed IP address and hostname assigned.

2) Change the registry entry, run the command regedt32 and do the below
a) RequireSignOrSeal Registry hack

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netlogon\parameters
"RequireSignOrSeal"=dword:00000000

b) Use the Registry Editor and edit the
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\CompatibleRUPSecurity to have the DWORD value of 1 <-- couldn't find this key, so I skipped it ...

3) Use the Group Policy Editor (gpedit.msc) and enable "Computer Configuration\Administrative Templates\System\User Profiles\Do not check for user ownership of Roaming Profile Folders".

4) Go to MyComputer right click Properties. Go to Change and click on Domain and enter the domain-name you want to join. When joining the domain for the First time enter userid as root and give the samba password. Make sure there is an entry for the root in the smbpasswd (samba password) file.

5) Reboot and then the changes will be effective.
------------------------

Is this the error, or my smb.conf file, or my users? I have followed the IBM tutorial exactly ..

I am using Mandrake 9.2 btw ...

Don't know what's going on.
Did you restart samba with the command: service smb restart after making the changes to smb.conf ?

I don't know about any reg hacks as I never had a need to.

Is your firewall preventing things?

Sorry, I just don't know....

Ok - I managed to login to the domain from the other computer, (as a different user), but couldn't access the /home/<user> directory?

Is this a problem with after adding users, I have to re-start the Samba service?

I'm just wondering what step i'm missing ...

I have the answer!

Uninstalled Mandrake, and installed Redhat 5 - works like a charm now!

currently i m working on roaming profile where linux is the server & windows is the client ....i m implementing it using samba as pdc my linux version is 2.6.27.5-117.fc10.x86_64

i m having some issues regarding smb.conf file.