This is a Samba Tutorial. Its for getting a linux server to replace a basic (windows NT4 level of functionality) server, perhaps in a costcutting scenario, to serve files to windows (nt4 to xp) clients.
A good idea for a small home server (provided you have xp pro clients, home will work but not well)
First, install linux and samba. I wont cover that here as I will asssume you have some experience already. I personally used CentOS 5.3 (a free version of RedHat) and chose to install the Gnome Desktop, System Administration, System Tools, Server Tools, and Windows File Server package categories. During setup set the hostname to be whatever you want your server to be called, use block caps and keep it short, or else older windows clients wont like it much (e.g SERVER1)
If you do this, dont forget to ensure that the samba AND winbind services are enabled (use chkconfig) and that SELinux is OFF and the ports samba need are opened in the firewall.
Here is the smb.conf (put it in /etc/samba/smb.conf on RedHat). Replace where it says SMBSERVER with whatever you set your hostname to be during setup.
Change MYDOMAIN to be whatever you want your domain to be called too.
[global] netbios name = SMBSERVER server string = Samba %v on %L workgroup = MYDOMAIN ;domain & local master browser for win2k+ os level = 65 prefered master = yes domain master = yes local master = yes domain logons = yes ; do i need wins? lm announce = yes wins support = yes time server = yes ; do not show files starting with dots hide dot files = yes ; do not allow guest access, use only local system accounts security = user guest ok = no admin users = @wheel ; domain administrators - sometimes it complains about this? domain admin group = @wheel domain admin users = root ; use encrypted passwords encrypt passwords = yes update encrypted = yes smb passwd file = /etc/samba/smbpasswd ;do i need this? winbind enum groups = yes winbind enum users = yes ; user roaming profiles path logon path = \\SMBSERVER\profiles\%u ; user homes logon drive = H: logon home = \\SMBSERVER\homes\%u ; general logon script (in DOS format) logon script = logon.bat [homes] comment = Home Directory path = /home/%u browseable = No public = No writeable = Yes valid users = root @smbusers write list = %s ; share for domain controller [netlogon] comment = Network Logon Service path = /home/samba/netlogon public = no writeable = no browsable = no valid users = root @smbusers ; share for storing user profiles [profiles] comment = Roaming Profile path = /home/samba/profiles/%u writeable = yes create mask = 0700 directory mask = 0700 profile acls = Yes browsable = no valid users = root @smbusers write list = %s ;shared folder [share] comment = Shared folder path = /home/samba/share writeable = yes create mode = 0750 directory mode = 0750 browseable = yes valid users = root @smbusers
Make a group called machines and another called smbusers.
Add root to the smbusers group and ensure he is in the wheel group too while you are it (in CentOS/RedHat user Users and Groups under Administration in GNOME).
Give root a samba password by typing smbpasswd -a root into the console. Make it the same as his UNIX password.
Add your machines to machines group as users called e.g SERVER$ (where server is the netbios name. The $ is important as it tells SAMBA that its a machine account).
Lock the machine account users password with passwd -l SERVER$ for example. Make sure to deny these interactive login and give them the homedir of /dev/null when creating them
Then lets make these machine accounts active by doing smbpasswd -a -m SERVER for example (note lack of $)
Now you may join the machine to the domain in the normal windows way (Under system - Identification. The reason we needed to do the stuff before was because it cant automatically create a machine account when joining the domain) . Instead of "administrator" use the root username and password when prompted
You can now logon to the domain! A few more things to do though:
* Ensure all folders exist obviously, and that privileges are correct
* Particuarly the profiles/$username$ folders and the home/$username$ folders. The home folders should have been made when you created the UNIX user accounts, but the roaming profile folders will need to be made by hand. (if you get an error about the roaming profile not being found when logging in on windows, this is why)
If all goes well you should be able to have a centralised user database, roaming profiles and homedrives, as well as a public share. Printing is not supported yet. This assumes there are NO OTHER WINDOWS SERVERS OPERATING AS DCs & NO WINS SERVERS !!!
This hasnt been tested with linux to linux, but linux server to xp pro client worked fine. I gave em static IPs, enabled NetBIOS over TCP/IP and specified the IP of the WINS server under the TCP/IP config. I also added entries to the LMHOSTS and HOSTS files.