Subscribe Us

Configure Samba server as PDC with DNS+BIND

Tag Line : /etc/smb.conf,forward.zone,reverse.zone,configure samba PDC with primary DNS using BIND in rhel 6, centos 6,linux.

INDEX
Step 1: Installing Samba
Step 2: Preparing the Configuration Files
Step 3: Starting the Service
Step 4: User Management
Step 5: Now that the Unix users are created, time to create the samba users.
Step 6: Add the client entry
Step 7: Make a DNS entry of mypc1 in forward.zone and reverse.zone in /var/named/ as below
@Here change in /etc/smb.conf file


Step 1: Installing Samba
[root@server1 ~]#yum install samba

Step 2: Preparing the Configuration Files
[root@server1 ~]#cd /etc/samba/
[root@server1 samba]# cp smb.conf smb.conf.bak
@ Edit the main smb.conf files
[root@server1 samba]# vim smb.conf
workgroup = howtoc
## Here are the modifications
## The actual name of the domain ##
 hosts allow = 127. 192.168.10.
## The IP range to be allowed. Alternatively, the “interfaces” parameter may be used. ##

security = user
passdb backend = tdbsam
domain master = yes
domain logons = yes
logon path =
## Because netlogons create more problems than benefit, we have used an empty logon path to force user accounts to be created at client end machines. ##
## save & exit ##
Step 3: Starting the Service
[root@server1 ~]#service smb restart; chkconfig smb on
[root@server1 ~]#service nmb restart; chkconfig nmb on
[root@server1 ~]#netstat -tulpn | grep mb

Step 4: User Management
@ To add clients into the domain, both machine and human users must be created. There are a couple of steps, but it's not hard.
[root@server1 ~]#mkdir –m 1777 /home/profiles
[root@server1 ~]#mkdir –m 1777 /home/netlogon
[root@server1 ~]#groupadd  -g 501 computers
[root@server1 ~]#groupadd employee
[root@server1 ~]#useradd -d /dev/null –g 501 computers  -s /sbin/noLogin computerName$
##### please note that machine users always end with $ #####

Step 5: Now that the Unix users are created, time to create the samba users.
[root@server1 ~]#useradd -g employee user1

[root@server1 ~]#smbpasswd -a root
### The administrative user is created. It is recommended that the password is different
### from the actual UNIX password. ####

[root@server1 ~]#smbpasswd -a -m computerName 
[root@server1 ~]#smbpasswd -a user1

Step 6 : Add the client entry
Note :: if I wanto to join computer “ mypc1” to “howtoc “ domain then,
[root@server1 ~]#useradd -d /dev/null –g 501 computers  -s /sbin/noLogin mypc1$
[root@server1 ~]#smbpasswd -a -m mypc1

Step 7 :Make a DNS entry of mypc1 in forward.zone and reverse.zone in /var/named/ as below
@forward.zone
[root@server1 ~]#vim /var/named/forward.zone
$TTL 1D
@ IN SOA server1.howtoc.com. root.server1.howtoc.com. (
     0 ; serial
     1D ; refresh
     1H ; retry
     1W ; expire
     3H ) ; minimum
                IN    NS server1.howtoc.com.
    IN     A   192.168.10.2
server1   IN      A 192.168.10.2
mypc1   IN    A 192.168.10.3

@reverse.zone
[root@server1 ~]#vim /var/named/reverse.zone
$TTL 1D
@ IN SOA server1.howtoc.com. root.server1.howtoc.com. (
     0 ; serial
     1D ; refresh
     1H ; retry
     1W ; expire
     3H ) ; minimum
 IN NS server1.howtoc.com.
 IN PTR howtoc.com.
 IN A 255.255.255.0
2 IN PTR server1.howtoc.com.
3 IN PTR mypc1.howtoc.com


Here change in /etc/smb.conf file
[root@server1 ~]#vim /etc/smb.conf

#======================= Global Settings =====================================
 
[global]
 
# ----------------------- Netwrok Related Options -------------------------
#
# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
#
# server string is the equivalent of the NT Description field
#
# netbios name can be used to specify a server name not tied to the hostname
#
# Interfaces lets you configure Samba to use multiple interfaces
# If you have multiple network interfaces then you can list the ones
# you want to listen on (never omit localhost)
#
# Hosts Allow/Hosts Deny lets you restrict who can connect, and you can
# specifiy it as a per share option as well
#
 workgroup = howtoc
 server string = Samba Server Version %v
 
; netbios name = MYSERVER
 
; interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24 
 hosts allow = 127. 192.168.10. 192.168.0. 10. 

 
# ----------------------- Domain Controller Options ------------------------
 security = user
 passdb backend = tdbsam
 
 domain master = yes 
 domain logons = yes
 

 # the login script name depends on the machine name
; logon script = %m.bat
 # the login script name depends on the unix user used
; logon script = %u.bat
 logon path = \\%L\Profiles\%U 

 # disables profiles support by specifing an empty path
; logon path =          

[homes]
 comment = Home Directories
 browseable = yes
 writable = yes
; valid users = %S
; valid users = MYDOMAIN\%S
 
[netlogon]
 comment = User Login
 path = /home/netlogon
 writable = no

[Profiles]
 comment = User Profiles
 path = /home/profiles
 create mask = 0755
 directory mask = 0755
 writeble = yes
 

[printers]
 comment = All Printers
 path = /var/spool/samba
 browseable = no
 guest ok = no
 writable = no
 printable = yes


Done !

Post a Comment

4 Comments

  1. This web site definitely has all of the information I needed concerning this
    subject and didn't know who to ask.

    Here is my web site: arizona lawyer

    ReplyDelete
  2. Hi, for all time i used to check web site posts here in the early hours in the
    break of day, for the reason that i enjoy to find out more and more.


    Feel free to visit my site :: cash for cars vans trucks las vegas nv

    ReplyDelete
  3. I drop a leave a response whenever I especially enjoy a post on a site or I have something
    to contribute to the discussion. It's a result of the passion displayed in the post I browsed.
    And on this post "Configure Samba server as PDC with DNS+BIND".

    I was excited enough to drop a thought ;)
    I actually do have a few questions for you if you tend not to mind.
    Is it simply me or does it seem like a few of these responses appear like written by brain dead people?
    :-P And, if you are writing on other online social sites,
    I'd like to keep up with everything fresh you have to post.
    Would you list the complete urls of all your communal pages like your twitter feed, Facebook page or linkedin profile?



    Review my web blog - free mental health counseling

    ReplyDelete
  4. Thank you for sharing your info. I really appreciate your efforts and I will be waiting for
    your further post thanks once again.

    Also visit my page ... weight loss foods

    ReplyDelete