Configure Samba server as PDC with DNS+BIND

Tag Line : /etc/smb.conf,forward.zone,reverse.zone,configure samba PDC with primary DNS using BIND in rhel 6, centos 6,linux.

INDEX
Step 1: Installing Samba
Step 2: Preparing the Configuration Files
Step 3: Starting the Service
Step 4: User Management
Step 5: Now that the Unix users are created, time to create the samba users.
Step 6: Add the client entry
Step 7: Make a DNS entry of mypc1 in forward.zone and reverse.zone in /var/named/ as below
@Here change in /etc/smb.conf file


Step 1: Installing Samba
[root@server1 ~]#yum install samba

Step 2: Preparing the Configuration Files
[root@server1 ~]#cd /etc/samba/
[root@server1 samba]# cp smb.conf smb.conf.bak
@ Edit the main smb.conf files
[root@server1 samba]# vim smb.conf
workgroup = howtoc
## Here are the modifications
## The actual name of the domain ##
hosts allow = 127. 192.168.10.
## The IP range to be allowed. Alternatively, the “interfaces” parameter may be used. ##

security = user
passdb backend = tdbsam
domain master = yes
domain logons = yes
logon path =
## Because netlogons create more problems than benefit, we have used an empty logon path to force user accounts to be created at client end machines. ##
## save & exit ##
Step 3: Starting the Service
[root@server1 ~]#service smb restart; chkconfig smb on
[root@server1 ~]#service nmb restart; chkconfig nmb on
[root@server1 ~]#netstat -tulpn | grep mb

Step 4: User Management
@ To add clients into the domain, both machine and human users must be created. There are a couple of steps, but it's not hard.
[root@server1 ~]#mkdir –m 1777 /home/profiles
[root@server1 ~]#mkdir –m 1777 /home/netlogon
[root@server1 ~]#groupadd -g 501 computers
[root@server1 ~]#groupadd employee
[root@server1 ~]#useradd -d /dev/null –g 501 computers -s /sbin/noLogin computerName$
##### please note that machine users always end with $ #####

Step 5: Now that the Unix users are created, time to create the samba users.
[root@server1 ~]#useradd -g employee user1

[root@server1 ~]#smbpasswd -a root
### The administrative user is created. It is recommended that the password is different
### from the actual UNIX password. ####

[root@server1 ~]#smbpasswd -a -m computerName
[root@server1 ~]#smbpasswd -a user1

Step 6 : Add the client entry
Note :: if I wanto to join computer “ mypc1” to “howtoc “ domain then,
[root@server1 ~]#useradd -d /dev/null –g 501 computers  -s /sbin/noLogin mypc1$
[root@server1 ~]#smbpasswd -a -m mypc1

Step 7 :Make a DNS entry of mypc1 in forward.zone and reverse.zone in /var/named/ as below
@forward.zone
[root@server1 ~]#vim /var/named/forward.zone
$TTL 1D
@ IN SOA server1.howtoc.com. root.server1.howtoc.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS server1.howtoc.com.
IN A 192.168.10.2
server1 IN A 192.168.10.2
mypc1 IN A 192.168.10.3

@reverse.zone
[root@server1 ~]#vim /var/named/reverse.zone
$TTL 1D
@ IN SOA server1.howtoc.com. root.server1.howtoc.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS server1.howtoc.com.
IN PTR howtoc.com.
IN A 255.255.255.0
2 IN PTR server1.howtoc.com.
3 IN PTR mypc1.howtoc.com


Here change in /etc/smb.conf file
[root@server1 ~]#vim /etc/smb.conf

#======================= Global Settings =====================================

[global]

# ----------------------- Netwrok Related Options -------------------------
#
# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
#
# server string is the equivalent of the NT Description field
#
# netbios name can be used to specify a server name not tied to the hostname
#
# Interfaces lets you configure Samba to use multiple interfaces
# If you have multiple network interfaces then you can list the ones
# you want to listen on (never omit localhost)
#
# Hosts Allow/Hosts Deny lets you restrict who can connect, and you can
# specifiy it as a per share option as well
#
workgroup = howtoc
server string = Samba Server Version %v

; netbios name = MYSERVER

; interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
hosts allow = 127. 192.168.10. 192.168.0. 10.


# ----------------------- Domain Controller Options ------------------------
security = user
passdb backend = tdbsam

domain master = yes
domain logons = yes


# the login script name depends on the machine name
; logon script = %m.bat
# the login script name depends on the unix user used
; logon script = %u.bat
logon path = \\%L\Profiles\%U

# disables profiles support by specifing an empty path
; logon path =

[homes]
comment = Home Directories
browseable = yes
writable = yes

; valid users = %S
; valid users = MYDOMAIN\%S

[netlogon]
comment = User Login
path = /home/netlogon
writable = no

[Profiles]
comment = User Profiles
path = /home/profiles
create mask = 0755
directory mask = 0755
writeble = yes


[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes


Done !

Post a Comment

Mới hơn Cũ hơn