Samba as Windows Domain Controller

I found an old server that was setup as a Windows Domain Controller, here is the configuration and stuff if you want to try this yourself (note: this is from 2006, so things may have changed!)

/etc/samba/smb.conf 

[global]
        server string = Linux
        os level = 65
        preferred master = yes
        domain master = yes
        local master = yes
        wins support = yes
        security = user
        encrypt passwords = yes
        domain logons = yes 
        logon path = \%Lprofiles%u
        logon drive = H:
        logon home = \%L%u
        logon script = logon-%u.bat
        add machine script = /usr/sbin/useradd -d /dev/null -g samba-clients -s /bin/false -M %u
        add user script = /usr/sbin/useradd -d /home/%u -g samba-clients -s /bin/false -M %u

[netlogon]
        path = /home/samba/netlogon
        comment = Server Login Files
        guest ok = Yes

[profiles]
        path = /home/samba/profiles
        comment = User Profiles
        profile acls = yes
        read only = No

[homes]
        comment = My Home Directory
        browseable = no
        read only = no
        valid users = %S
        create mode = 0600
        directory mode = 0700

[public]
        path = /opt/shares/public
        comment = Public Files for Everybody
        browseable = yes
        create mode = 660
        directory mode = 0770
        group = samba-clients
        writable = yes

[somesharename]
        path = /opt/shares/somefolder
        comment = Some Comment
        writable = yes
        browseable = yes
        create mode = 0660
        directory mode = 0770
        oplocks = no
        level2 oplocks = no
        available = yes
        inherit permissions = yes
        group = samba-clients
        valid users = @samba-group2 @samba-group3

Adding a new user on the linux server (to be used as a windows roaming profile):

  • Login as root on the Linux server
  • Type: adduser username
  • Fill in the required fields and choose a password
  • Type: usermod -G samba-clients -a username
  • Type: usermod -G samba-group1 -a username
  • Type: ln -s /home/samba/netlogon/logon-group1.bat /home/samba/netlogon/logon-username.bat

Join Computer to the Samba Network

  • Right click My Computer > Properties > Computer Name > Change
  • Select the “Domain” option and enter NETWORKNAME.LOCAL
  • Click OK, when prompted enter username: root password: (root password from linux box)
  • Click OK again. You will need to restart the computer.

When computer has restarted and successfully joined the NETWORKNAME.LOCAL domain press Ctrl+Alt+Del, choose the NETWORKNAME.LOCAL domain and login with the linux username and password created above.

 

 

 

scripts: logon-group1.bat

REM Drive Mapping Script
net use P: \servernamepublic

Leave a Reply

Your email address will not be published. Required fields are marked *