Doing the Windows 2000 Samba

December 21, 2000
By Stew Benedict

Send Email »
More Articles »

Samba-PDC Setup

To use Samba as the primary domain controller, the following lines will need to be added to smb.conf:

   	domain master = yes
   	domain admin users = root stew
add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$
   	domain logons = yes
   	logon script = %U.bat

[netlogon]
   comment = Network Logon Service
   path = /home/netlogon
   guest ok = yes
   writable = no
   share modes = no

Substitute the user name for %U. You can create a batch file to mount a standard set of shares from whatever machine the user logs in at, or set the machine time from the server:

/home/netlogin/stew.bat:

	NET USE X: \\MOE\XFERS
	NET USE S: \\MOE\STEW
	NET TIME \\MOE /SET /YES

This file needs DOS-style CR/LF, rather than Unix, so it should be created on the Windows 2000 machine and then copied over to the server.

The add user script is still experimental. I opted for the manual addition of users. You will also need to add machines for Windows NT or 2000.

To add a user in Linux:

	adduser -g users -c 'Stew Benedict' -s /bin/false -n stew

And for Samba: smbpasswd -a stew You will be prompted for a password after the second command. The /bin/false entry prevents the user from logging on to the Linux machine. If you wanted a real shell account, you'd probably use /bin/bash. The -c parameter is just a comment.

To add a machine, you may want to create a "machines" group:

	groupadd machines

	adduser -g machines -c W2KMachine -d /dev/null -s /bin/false -n larry$

	smbpasswd -a -m larry$

A default password is created in this case. Note the '$' after the machine name; it's important.

Another thing to be aware of is that if you play with various versions of Samba, like I did, you can end up not being able to log in to the domain after switching versions. I found I needed to delete some files, and then delete and re-create the machine entries to get things to work:

	rm /etc/private/MACHINE.SID
	rm /etc/private/secrets.tdb

	smbpasswd -x larry$
	smbpasswd -a -m larry$

Windows 2000 Domain Login

I was unable to get this to work, but here is the process, per the Samba pages (it did work for Windows NT):

	Start | Settings | Network and Dial-up Connections

Then click on:

	Advanced | Network Identification | Properties

Enter your computer name (in my case, LARRY). Click on the Domain radio button and enter the domain name (in my case, AYSWNET). Enter a user name and password for a Domain Admin (who must be root until a pre-release bug is fixed). Click on OK, and you'll be welcomed to the domain and prompted to reboot the computer.

Page 4 of 5

IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD

Which topic are you interested in?

Mobile

Security

Networks/IoT

Cloud

Data Storage

Applications

Development

IT Management

Other

What is your company size?

What is your job title?

What is your job function?

Searching our resource database to find your matches...

0 Comments (click to add your comment)

Comment and Contribute

Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

Advertiser Disclosure: Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.

Thanks for your registration, follow us on our social networks to keep up-to-date