Doing the Windows 2000 Samba

December 21, 2000
By Stew Benedict

Send Email »
More Articles »

Samba-PDC Setup

To use Samba as the primary domain controller, the following lines will need to be added to smb.conf:

   	domain master = yes
   	domain admin users = root stew
add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$
   	domain logons = yes
   	logon script = %U.bat

[netlogon]
   comment = Network Logon Service
   path = /home/netlogon
   guest ok = yes
   writable = no
   share modes = no

Substitute the user name for %U. You can create a batch file to mount a standard set of shares from whatever machine the user logs in at, or set the machine time from the server:

/home/netlogin/stew.bat:

	NET USE X: \\MOE\XFERS
	NET USE S: \\MOE\STEW
	NET TIME \\MOE /SET /YES

This file needs DOS-style CR/LF, rather than Unix, so it should be created on the Windows 2000 machine and then copied over to the server.

The add user script is still experimental. I opted for the manual addition of users. You will also need to add machines for Windows NT or 2000.

To add a user in Linux:

	adduser -g users -c 'Stew Benedict' -s /bin/false -n stew

And for Samba: smbpasswd -a stew You will be prompted for a password after the second command. The /bin/false entry prevents the user from logging on to the Linux machine. If you wanted a real shell account, you'd probably use /bin/bash. The -c parameter is just a comment.

To add a machine, you may want to create a "machines" group:

	groupadd machines

	adduser -g machines -c W2KMachine -d /dev/null -s /bin/false -n larry$

	smbpasswd -a -m larry$

A default password is created in this case. Note the '$' after the machine name; it's important.

Another thing to be aware of is that if you play with various versions of Samba, like I did, you can end up not being able to log in to the domain after switching versions. I found I needed to delete some files, and then delete and re-create the machine entries to get things to work:

	rm /etc/private/MACHINE.SID
	rm /etc/private/secrets.tdb

	smbpasswd -x larry$
	smbpasswd -a -m larry$

Windows 2000 Domain Login

I was unable to get this to work, but here is the process, per the Samba pages (it did work for Windows NT):

	Start | Settings | Network and Dial-up Connections

Then click on:

	Advanced | Network Identification | Properties

Enter your computer name (in my case, LARRY). Click on the Domain radio button and enter the domain name (in my case, AYSWNET). Enter a user name and password for a Domain Admin (who must be root until a pre-release bug is fixed). Click on OK, and you'll be welcomed to the domain and prompted to reboot the computer.

Page 4 of 5

IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD

Which topic are you interested in?

Mobile

Security

Networks/IoT

Cloud

Data Storage

Applications

Development

IT Management

Other

What is your company size?

What is your job title?

What is your job function?

Searching our resource database to find your matches...

0 Comments (click to add your comment)

Comment and Contribute

Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that developer.com may send you developer offers via email, phone and text message, as well as email offers about other products and services that developer believes may be of interest to you. developer will process your information in accordance with the Quinstreet Privacy Policy.