February 21, 2019
Hot Topics:

Doing the Windows 2000 Samba

  • December 21, 2000
  • By Stew Benedict
  • Send Email »
  • More Articles »

Samba-PDC Setup

To use Samba as the primary domain controller, the following lines will need to be added to smb.conf:
   	domain master = yes
   	domain admin users = root stew
add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$
   	domain logons = yes
   	logon script = %U.bat

   comment = Network Logon Service
   path = /home/netlogon
   guest ok = yes
   writable = no
   share modes = no
Substitute the user name for %U. You can create a batch file to mount a standard set of shares from whatever machine the user logs in at, or set the machine time from the server:


This file needs DOS-style CR/LF, rather than Unix, so it should be created on the Windows 2000 machine and then copied over to the server.

The add user script is still experimental. I opted for the manual addition of users. You will also need to add machines for Windows NT or 2000.

To add a user in Linux:

	adduser -g users -c 'Stew Benedict' -s /bin/false -n stew
And for Samba: smbpasswd -a stew You will be prompted for a password after the second command. The /bin/false entry prevents the user from logging on to the Linux machine. If you wanted a real shell account, you'd probably use /bin/bash. The -c parameter is just a comment.

To add a machine, you may want to create a "machines" group:

	groupadd machines

	adduser -g machines -c W2KMachine -d /dev/null -s /bin/false -n larry$

	smbpasswd -a -m larry$
A default password is created in this case. Note the '$' after the machine name; it's important.

Another thing to be aware of is that if you play with various versions of Samba, like I did, you can end up not being able to log in to the domain after switching versions. I found I needed to delete some files, and then delete and re-create the machine entries to get things to work:

	rm /etc/private/MACHINE.SID
	rm /etc/private/secrets.tdb

	smbpasswd -x larry$
	smbpasswd -a -m larry$

Windows 2000 Domain Login

I was unable to get this to work, but here is the process, per the Samba pages (it did work for Windows NT):
	Start | Settings | Network and Dial-up Connections
Then click on:
	Advanced | Network Identification | Properties
Enter your computer name (in my case, LARRY). Click on the Domain radio button and enter the domain name (in my case, AYSWNET). Enter a user name and password for a Domain Admin (who must be root until a pre-release bug is fixed). Click on OK, and you'll be welcomed to the domain and prompted to reboot the computer.

Page 4 of 5

Comment and Contribute


(Maximum characters: 1200). You have characters left.



Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

Thanks for your registration, follow us on our social networks to keep up-to-date