source: server/other/samba/samba-config.xml@ 3428fc3

10.0 10.1 11.0 6.0 6.1 6.2 6.2.0 6.2.0-rc1 6.2.0-rc2 6.3 6.3-rc1 6.3-rc2 6.3-rc3 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 ken/refactor-virt krejzi/svn lazarus nosym perl-modules qt5new systemd-11177 systemd-13485 trunk upgradedb v5_0 v5_0-pre1 v5_1 v5_1-pre1 xry111/git-date xry111/git-date-for-trunk xry111/git-date-test
Last change on this file since 3428fc3 was 40330fcd, checked in by Larry Lawrence <larry@…>, 18 years ago

update samba intro

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1181 af4574ff-66df-0310-9fd7-8a98e5e911e0

  • Property mode set to 100644
File size: 7.4 KB
Line 
1<sect2>
2<title>Configuring <application>Samba</application></title>
3<para>We will configure one <application>Samba</application> server (SAMBABOX)
4to act as a primary domain controller, as well as configure one domain client
5running Windows 2000 Server(WIN2KBOX) and acting as a member server of the
6domain. Detailed instructions will be given for adding WIN2KBOX to
7the domain due to the extra steps necessary. Instructions for adding
8Windows 95/98/XP clients can be found in the newly installed
9documentation by pointing a web browser to:</para>
10
11<screen><userinput>file:///usr/share/samba/swat/using_samba/ch03_01.html#ch03-55770.</userinput></screen>
12
13<sect3><title>Config files</title>
14<para><filename>/etc/samba/smb.conf</filename>,
15<filename>/etc/rc.d/init.d/samba </filename></para>
16
17<para>First we set up some directories needed by <application>Samba
18</application>:</para>
19<screen><userinput><command>mkdir /var/lib/samba &amp;&amp;
20mkdir /var/lib/samba/netlogon &amp;&amp;
21mkdir /var/lib/samba/ntprofile &amp;&amp;
22mkdir /var/lib/samba/profiles &amp;&amp;
23chmod -R 1777 /var/lib/samba</command></userinput></screen>
24
25<para>And the <application>Samba</application> configuration file: </para>
26<screen><userinput><command>cat &gt; /etc/samba/smb.conf &lt;&lt; "EOF"</command>
27[global]
28 netbios name = SAMBABOX
29 workgroup = DOMAIN01
30 os level = 64
31 preferred master = yes
32 domain master = yes
33 local master = yes
34 security = user
35 encrypt passwords = yes
36 domain logons = yes
37 log file = /var/log/log.%m
38 log level = 1
39 logon path = \\%N\home\%u
40 logon drive = H:
41 logon home = \\homeserver\%u
42 logon script = logon.cmd
43[netlogon]
44 path = /var/lib/samba/netlogon
45 read only = yes
46 write list = ntadmin
47[profiles]
48 path = /var/lib/samba/ntprofile
49 read only = no
50 create mask = 0600
51 directory mask = 0700
52; World writable share for testing
53[tmp]
54comment = Temporary file space
55 path = /tmp
56 read only = no
57 public = yes
58[home]
59comment = Users' home directories
60 path = /home
61 read only = no
62 public = no
63<command>EOF</command></userinput></screen>
64
65<para>Now add the machine trust account for WIN2KBOX:</para>
66<screen><userinput><command>/usr/sbin/useradd -g 100 -d /dev/null -c \
67 "machine nickname" -s /bin/false win2kbox$ &amp;&amp;
68passwd -l win2kbox$ &amp;&amp;
69smbpasswd -a -m win2kbox</command></userinput></screen>
70
71<para>Create the <application>Samba</application> boot script:</para>
72<screen><userinput><command>cat &gt; /etc/rc.d/init.d/samba &lt;&lt; "EOF"</command>
73#!/bin/bash
74# Begin $rc_base/init.d/samba
75# Based on sysklogd script from LFS-3.1 and earlier.
76# Rewritten by Gerard Beekmans - gerard@linuxfromscratch.org
77source /etc/sysconfig/rc
78source $rc_functions
79case "$1" in
80 start)
81 echo "Starting nmbd..."
82 loadproc /usr/sbin/nmbd -D
83 echo "Starting smbd..."
84 loadproc /usr/sbin/smbd -D
85 ;;
86 stop)
87 echo "Stopping smbd..."
88 killproc /usr/sbin/smbd
89 echo "Stopping nmbd..."
90 killproc /usr/sbin/nmbd
91 ;;
92 reload)
93 echo "Reloading smbd..."
94 reloadproc /usr/sbin/smbd
95 echo "Reloading nmbd..."
96 reloadproc /usr/sbin/nmbd
97 ;;
98 restart)
99 $0 stop
100 sleep 1
101 $0 start
102 ;;
103 status)
104 statusproc /usr/sbin/nmbd
105 statusproc /usr/sbin/smbd
106 ;;
107 *)
108 echo "Usage: $0 {start|stop|reload|restart|status}"
109 exit 1
110 ;;
111esac
112# End $rc_base/init.d/samba
113<command>EOF</command></userinput></screen>
114<para>Add the run level symlinks:</para>
115<screen><userinput>chmod 754 /etc/rc.d/init.d/samba &amp;&amp;
116ln -s /etc/rc.d/init.d/samba /etc/rc.d/rc0.d/K48samba &amp;&amp;
117ln -s /etc/rc.d/init.d/samba /etc/rc.d/rc1.d/K48samba &amp;&amp;
118ln -s /etc/rc.d/init.d/samba /etc/rc.d/rc2.d/K48samba &amp;&amp;
119ln -s /etc/rc.d/init.d/samba /etc/rc.d/rc3.d/S24samba &amp;&amp;
120ln -s /etc/rc.d/init.d/samba /etc/rc.d/rc4.d/S24samba &amp;&amp;
121ln -s /etc/rc.d/init.d/samba /etc/rc.d/rc5.d/S24samba &amp;&amp;
122ln -s /etc/rc.d/init.d/samba /etc/rc.d/rc6.d/K48samba</userinput></screen>
123
124<para>Now, we'll use our new boot script to start <application>Samba
125</application>: </para>
126<screen><userinput><command>/etc/rc.d/init.d/samba start</command></userinput></screen>
127<para>We have to add the SAMBABOX root account to the <application>Samba
128</application> user list first in order to join WIN2KBOX to the DOMAIN01
129domain: </para>
130
131<screen><userinput><command>smbpasswd -a root</command></userinput></screen>
132
133<para>After starting <application>Samba</application> and adding root to
134the <application>Samba</application> user list, the first machine we'll join
135to DOMAIN01 will be WIN2KBOX, the Windows 2000 Server box we created the
136machine trust account for. On WIN2KBOX:</para>
137<screen><userinput>1. Right click on My Computer.
1382. Click on Properties.
1393. Click on the Network Identification notebook tab.
1404. Click on the Properties button.
1415. In the Computer Name: edit field enter WIN2KBOX.
1426. Click on the Domain: radio button and enter DOMAIN01 in the edit
143 field and click OK.
1447. When presented with the Domain Username And Password dialog box,
145 enter root and root's password on SAMBABOX and click OK.
1468. After the machine trust is negotiated, click the OK button in the
147 dialog box welcoming you to the DOMAIN01 domain.
1489. Click OK in the reboot reminder dialog box.
14910. Click OK to close the System Properties window.
15011. Click Yes to reboot WIN2KBOX.</userinput></screen></sect3>
151
152<sect3><title>Add a new user to the DOMAIN01 domain.</title>
153<para>Before logging on to WIN2KBOX, we will create a new user with
154 the following commands:</para>
155<screen><userinput><command>useradd -m win2kuser01 &amp;&amp;
156passwd win2kuser01 &amp;&amp;
157smbpasswd -a win2kuser01</command></userinput></screen></sect3>
158
159<sect3><title>Logging on to DOMAIN01.</title>
160<para>Now we will log on the domain as our newly created user as
161 follows:</para>
162<screen><userinput>1. Press Ctrl-Alt-Del to bring up the Log On to Windows dialog box.
1632. Enter the win2kuser01 name and password.
1643. Select DOMAIN01 from the Log on to: combination box and click OK.</userinput></screen>
165
166<para>Add the swat entry to <filename>/etc/services</filename>with the
167following command: </para>
168
169<screen><userinput><command>echo "swat 901/tcp" &gt;&gt; /etc/services</command></userinput></screen>
170
171<para>If <command>inetd</command> is used, the following command will add the
172swat entry to <filename>/etc/inetd.conf</filename>: </para>
173<screen><userinput><command>echo "swat stream tcp nowait.400 root /usr/sbin/swat swat" \
174 &gt;&gt; /etc/inetd.conf</command></userinput></screen>
175
176<para>If xinetd is used, the following command will add the swat entry
177to <filename>/etc/xinetd.conf</filename>: </para>
178<screen><userinput><command>cat &gt;&gt; /etc/xinetd.conf &lt;&lt; "EOF"</command>
179service swat
180{
181 port = 901
182 socket_type = stream
183 wait = no
184 only_from = 127.0.0.1
185 user = root
186 server = /usr/sbin/swat
187 log_on_failure += USERID
188}
189<command>EOF</command></userinput></screen>
190
191<para>The Samba Web Administration Tool, <acronym>SWAT</acronym>, can be
192launched with the following command on SAMBABOX: </para>
193<screen><userinput><command>lynx http://localhost:901</command></userinput></screen>
194<note><para>Be sure <command>inetd</command> is running, and issue a
195<command>killall -HUP inetd</command> before starting
196<acronym>SWAT</acronym>.</para></note>
197<para>The <application>Lynx</application> browser is used in this
198demonstration, but is not necessary.</para></sect3>
199
200</sect2>
201
Note: See TracBrowser for help on using the repository browser.