Samba as a PDC with tdbsam as a backend on CentOS 5
Here I discuss how to set up Samba as a Primary Domain Controller with tdbsam as a backend to store username and password.
Steps:
1. Install the following packages
samba-common-3.0.33-3.14.el5
samba-3.0.33-3.14.el5
samba-client-3.0.33-3.14.el5
2. Configure /etc/samba/smb.conf file as follows:
[global]
workgroup = "YOURDOMAIN NAME"
server string = Samba PDC
passdb backend = tdbsam
log level = 3
log file = /var/log/samba/%m.log
max log size = 50
add user script = /usr/sbin/useradd "%u" -n -g users
delete user script = /usr/sbin/userdel "%u"
add group script = /usr/sbin/groupadd "%g"
delete group script = /usr/sbin/groupdel "%g"
delete user from group script = /usr/sbin/userdel "%u" "%g"
add machine script = /usr/sbin/useradd -n -c "Workstation (%u)"-M /nohome -s /bin/false "%u"
domain logons = Yes
os level = 35
preferred master = Yes
domain master = Yes
wins support = Yes
cups options = raw
3. Now we need to create some group so that we can map those group with already existing group in windows.
#groupadd ntadmin
#groupadd ntusers
#groupadd ntguests
4. Map these newly created groups using following commands.
net groupmap add ntgroup="Domain Admins" unixgroup=ntadmins rid=512 type=d
net groupmap add ntgroup="Domain Users" unixgroup=ntusers rid=513 type=d
net groupmap add ntgroup="Domain Guests" unixgroup=ntguests rid=514 type=d
5. Check it maps properly.
#net groupmap list
6. Add the root user which is already map to administrator
#smbpasswd -a root
7. Now create local users and add them to the above groups which are mapped to Domain
Users, Domain Admins and Guests.
#useradd -G ntusers testuser
#passwd testuser
8. Final step is to add testuser to tdbsam backend.
#smbpasswd -a testuser
Join the Windows system to the domain MYDOMAIN. When joining to the domain for the
first time, Join the system with user root and password as set earlier. Once the system is
joined, login as user testuser with password set earlier.
Comments
Its not working in my case
I did the same but the thing is I am using CentOS6 and my client machine is Windows 7. I believe we have to make some registry changes in windows machine which all I did but still i am unable to connect my windows machine as a domain under samba.
Is there any thing else to be done for the same?
jcWCjxviJtGs
Hi , I test our tutorial and is work for one part , on other part I have some qutieson .This stepjk_jailuser -m -j /home/jail testuser is ok/home/testuser moved to /home/jail/homeAnd this :Your /etc/passwd should contain something like this now:testuser:x:1003:1004::/home/jail/./home/testuser:/usr/sbin/jk_chrootsh is ok same lines .And this jk_cp -v -f /home/jail /bin/bash is ok .But on this step :Now edit the /home/jail/etc/passwd file and make sure it contains something like this:testuser:x:1003:1004::/home/testuser:/bin/bashIs not like this but is like as :testuser:x:1002:1002::/home/testuser:/usr/sbin/jk_lsh And I need to edit it to set /bin/bash by hand ?This step is ok tha same line exist .Also make sure the group exists in /home/jail/etc/group:testuser:x:1004:And the second qutieson is , if I add other user on jail and login with first or second user with ssh I can to see others users directory on /home/jail/home/ not problem , I can change it but I can see all files ? I know if I set is read only by user is ok chmod 750 , but if is web server and public_html or other files need to be readable by system ? How I set it .Thank you .
Problem with activating account
bc781ec37a760a6ffc97bac3f0a2a4b3 Hi Guys, I am newbie in the internet stuff and I dont know if I am writing on correct board on this website. I
have got problem with activating my account. I received email but when I click on the link it was not working, is this link is correct? http://www.rahulpahade.com/?f49512e075e5,
Post new comment