[plug] Samba domain issues

Paul Dean paul at thecave.cantech.net.au
Wed Apr 10 13:31:13 WST 2002 

Hya Chris,

On 10 Apr 2002 deicidal at iinet.net.au wrote:

> Im looking into setting up Samba to be a domain controller for my windoze 
> boxen and ive read bits and pieces about using poledit (win admin) to 
> create the policies and then store them on the linux machine. The policies 
> are then mapped to a drive on login so they can be used by the windows 
> machines.
> 
> My question is this: Thats all fine and dandy for windows9x/NT but what 
> about windowsXP pro? Will a windowsXP pro machine function fine on a 
> network that is run by a (simulated)NT controller? Will the policies be 
> different because the OS is so different? Will i have to use a policy 
> editing program on windowsXP and then use that policy instead of the 
> poledit ones?
> 
Ok this is a big subject with lots of different issues, but to keep it
simple it can be done with what you are saying.

First some ground rules on Policies.
Windows XP and 2000 use //server/netlogon/NTconfig.pol as the policy
file, this is for WinNT 4.0/Samba servers, for Win 2000 server it uses
Active Dirs and policies are handled slightly diferently.

Samba works as the same structure for shares, policies etc as NT 4.0, so
you can run .bat files from .../netlogon to map drives, printers, time
sync etc.

Because XP is built with the same kernel as 2000 (except for the 64bit
enh) XP Pro is basically works the same.

Ok, now we got that outta the way, let's talk about the good stuff...

Samba has lots of really funky stuff to handle all the cr*p that XP/2000
dishes out, such as ACLs, shares and printing, machine accounts, user
accounts, passwd sync and so on.

The first things you must do on your samba server is :
1 Server Name (obviously)
2 User account and mapping of the users name (if different in win/linux)
3 Machine account (useradd -d /dev/null -s /bin/false machinename$)
4 Encrypted passwds must be turned on in smb.conf
5 Domain logons = yes
These must be setup properly or Samba won't answer as a Domain
Controller.

Now for shares and stuff just uncomment the shares in smb.conf and see
how they come up then change them acordingly.

But then main help I got was from the docs on samba.org (read those
about 1000 times), but when it works it just goes good.

Hope this is a good starter for you.

> Any help is appreciated.
> 
> .Chris
> 

-- 
Paul...

/***** Experience is that marvelous thing that enables you to 
	recognize a mistake when you make it again. 
	-- Franklin P. Jones *****/

/*****All programmers are playwrights and all computers are lousy actors.
            -- Unknown*****/

/* How smart are Computers? They seem to need instructions all the time... 
	-- Me */

More information about the plug mailing list