Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
|
01-28-2004, 11:18 AM
|
#1
|
LQ Newbie
Registered: Jan 2004
Posts: 16
Rep:
|
Samaba PDC config - help!
Ok - I went here:
http://www.freeos.com/articles/3842/
.. and followed the "Samba as Primary Domain Controller" part.
Still, I get "No DNS Name" found error when attempting to connect to the newly established PDC hosted on my Mandrake 9.2 machine. I have 2 WinXP boxes that are trying to connect. If Samba is set to Workgroup, I can see the icon in network neighborhood, but "not access this network resource due to restrictions .. blah-blah".
Any idea why Samba is failing to broadcast a valid DNS domain? All users seem to be set up fine!
Also - I am running all this behind an SMC VBR7004 Router, in which I have disabled any DHCP server functions to allow Samba to do its thing. No luck ..
Last edited by Lester; 01-28-2004 at 11:21 AM.
|
|
|
01-28-2004, 12:53 PM
|
#2
|
LQ Newbie
Registered: Jan 2004
Posts: 16
Original Poster
Rep:
|
one bump?
|
|
|
01-28-2004, 04:06 PM
|
#3
|
Senior Member
Registered: Oct 2003
Posts: 3,057
Rep:
|
|
|
|
01-29-2004, 03:41 AM
|
#4
|
Member
Registered: Aug 2003
Location: Europe
Distribution: Slackware (current)
Posts: 228
Rep:
|
There is no need to disable DHCP on the router. It could help if u pasted your smb.conf
BTW You need to apply a registry hack on XP machines if u want them to be able to log to a domain. These .reg files come with samba package, just execute them on the XP machine and reboot.
|
|
|
01-29-2004, 09:20 PM
|
#5
|
LQ Newbie
Registered: Jan 2004
Posts: 16
Original Poster
Rep:
|
Here is the smb.conf file:
---------------------------------------------------------------
# /etc/samba/smb.conf
# samba configuration file
# last updated: 2/28/2002 by tms
[global]
;basic server settings
workgroup = server
netbios name = Mandrake
server string = Samba PDC running %v
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192
...
;PDC and master browser settings
os level = 64
preferred master = yes
local master = yes
domain master = yes
...
;security and logging settings
security = user
encrypt passwords = yes
domain logons = yes
log file = /var/log/samba/log.%m
log level = 2
max log size = 50
hosts allow =
...
;user profiles and home directory
logon home = \\%L\%U\.profile
logon drive = H:
logon path = \\%L\profiles\%U
...
logon script = netlogon.bat
...
...
;sync UNIX passwords
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *Enter*
new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: *all*
authentication*tokens*updated*successfully*
...
[homes]
comment = Home Directories
browseable = no
writeable = yes
[profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600
directory mask = 0700
# === shares ===
...
[netlogon]
path = /home/netlogon
read only = yes
write list = @admim
--------------------------------------
Even after the XP registry hack, I still get "access is denied" from the XP box upon attempting to join domain. I have added many users, all set to root access, including root itself!, but still "access is denied"
Rebooted countless times.
Any ideas why?
|
|
|
01-29-2004, 09:41 PM
|
#6
|
Senior Member
Registered: Oct 2003
Posts: 3,057
Rep:
|
Hmm, that ibm site seems to be down. Here are the important things which they mentioned.
groupadd -g 200 admins
groupadd -g 201 machines
mkdir -m 0775 /home/netlogon
chown root.admins /home/netlogon
mkdir /home/samba /home/samba/profiles
chmod 1757 /home/samba/profiles
The automated approach for machine accounts is to add the following line to the /etc/smb.conf
( Note: that is supposed to be all one line )
add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u
_______________________________________________________________
In some cases, the Windows machine refuses to join the Samba domain. Then the manual approach is needed also. Use the following commands while logged in as the root user.
Note: machine_name is the computer name which is trying to join.
/usr/sbin/useradd -g machines -d /dev/null -s /bin/false machine_name$
passwd -l machine_name$
You should see something like this....
Locking password for user machine_name$
passwd: Success
Now add a samba password for the machine.
smbpasswd -a -m machine_name$
You should see something like this....
Added user machine_name$
________________________________________________________________
Add the user accounts ( Fred in my case ) and set the passwords
useradd fred
passwd fred
New password:
Retype password:
smbpasswd -a fred
New SMB password:
Retype SMB password:
***************************************************************
This part is very important for joining the domain from Windows.
When you get to the part on a Windows computer where it asks for the person who is authorized to join computers to the domain, I use the root user and password.
Give the root / admin user a samba password!!
smbpasswd -a root
New SMB password:
Retype SMB password:
Below is my smb.conf which works very nicely with those instructions.
_______________________________________________________________________
[global]
workgroup = mydomain.com
server string = Samba Server
hosts allow = 192.168.0. 192.168.1. 127.
printcap name = /etc/printcap
load printers = yes
printing = cups
log file = /var/log/samba/%m.log
max log size = 50
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
pam password change = yes
username map = /etc/samba/smbusers
include = /etc/samba/smb.conf.%m
obey pam restrictions = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = yes
os level = 64
domain master = yes
domain logons = yes
logon home = \\%L\%U
; logon drive = H:
logon path = \\%L\Profiles\%U
add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u
dns proxy = no
[homes]
comment = Home Directories
browseable = no
writable = yes
valid users = %S
create mode = 0664
directory mode = 0775
# If you want users samba doesn't recognize to be mapped to a guest user
; map to guest = bad user
[netlogon]
comment = Network Logon Service
path = /home/netlogon
read only = yes
browseable = no
write list = fred
[Profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600
directory mask = 0700
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
# Set public = yes to allow user 'guest account' to print
guest ok = no
writable = no
printable = yes
Last edited by homey; 01-29-2004 at 09:43 PM.
|
|
|
01-29-2004, 10:21 PM
|
#7
|
LQ Newbie
Registered: Jan 2004
Posts: 16
Original Poster
Rep:
|
Now I get the "specified user does not exist" error. Even after doing: smbpasswd -a root command .. ??
(I am using your smb.conf now btw .. with my own workgroup name .. )
Last edited by Lester; 01-29-2004 at 10:35 PM.
|
|
|
01-29-2004, 10:48 PM
|
#8
|
Senior Member
Registered: Oct 2003
Posts: 3,057
Rep:
|
Quote:
specified user does not exist
|
What user is giving you that error?
|
|
|
01-30-2004, 07:39 AM
|
#9
|
LQ Newbie
Registered: Jan 2004
Posts: 16
Original Poster
Rep:
|
"root" + name I give Samba etc.
Where could this be going wrong?
|
|
|
01-30-2004, 08:14 AM
|
#10
|
LQ Newbie
Registered: Jan 2004
Posts: 16
Original Poster
Rep:
|
here's another thing:
sometimes it will give me the "unknown username or bad password instead of just "specified user does not exist"
.. methinks I have authentication problems ..
|
|
|
01-30-2004, 08:16 AM
|
#11
|
LQ Newbie
Registered: Jan 2004
Posts: 16
Original Poster
Rep:
|
This is the registry hack I applied:
---------------------------
Configuring the Windows XP Client:
Notes : Only Windows XP-Professional Edition can join the Domain, it does not work for WindowsXP-Home Edition.
STEPS:
1) Make sure that the workstation belonged to the same workgroup as the server and have a fixed IP address and hostname assigned.
2) Change the registry entry, run the command regedt32 and do the below
a) RequireSignOrSeal Registry hack
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\netlogon\parameters
"RequireSignOrSeal"=dword:00000000
b) Use the Registry Editor and edit the
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System\CompatibleRUPSecurity to have the DWORD value of 1 <-- couldn't find this key, so I skipped it ...
3) Use the Group Policy Editor (gpedit.msc) and enable "Computer Configuration\Administrative Templates\System\User Profiles\Do not check for user ownership of Roaming Profile Folders".
4) Go to MyComputer right click Properties. Go to Change and click on Domain and enter the domain-name you want to join. When joining the domain for the First time enter userid as root and give the samba password. Make sure there is an entry for the root in the smbpasswd (samba password) file.
5) Reboot and then the changes will be effective.
------------------------
Is this the error, or my smb.conf file, or my users? I have followed the IBM tutorial exactly ..
I am using Mandrake 9.2 btw ...
|
|
|
01-30-2004, 08:28 AM
|
#12
|
Senior Member
Registered: Oct 2003
Posts: 3,057
Rep:
|
Don't know what's going on. 
Did you restart samba with the command: service smb restart after making the changes to smb.conf ?
I don't know about any reg hacks as I never had a need to.
Is your firewall preventing things?
Sorry, I just don't know....
Last edited by homey; 01-30-2004 at 08:30 AM.
|
|
|
01-30-2004, 08:47 AM
|
#13
|
LQ Newbie
Registered: Jan 2004
Posts: 16
Original Poster
Rep:
|
Ok - I managed to login to the domain from the other computer, (as a different user), but couldn't access the /home/<user> directory?
Is this a problem with after adding users, I have to re-start the Samba service?
I'm just wondering what step i'm missing ...
|
|
|
02-02-2004, 10:38 PM
|
#14
|
LQ Newbie
Registered: Jan 2004
Posts: 16
Original Poster
Rep:
|
I have the answer!
Uninstalled Mandrake, and installed Redhat 5 - works like a charm now! 
|
|
|
01-21-2010, 06:24 AM
|
#15
|
LQ Newbie
Registered: Jan 2010
Posts: 5
Rep:
|
roaming profile with samba as pdc & windows as client
currently i m working on roaming profile where linux is the server & windows is the client ....i m implementing it using samba as pdc my linux version is 2.6.27.5-117.fc10.x86_64
i m having some issues regarding smb.conf file.
|
|
|
All times are GMT -5. The time now is 06:51 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|