mirror of
https://github.com/Zeckmathederg/glfs.git
synced 2025-01-27 18:02:12 +08:00
ae9c5281f1
git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1941 af4574ff-66df-0310-9fd7-8a98e5e911e0
154 lines
6.2 KiB
XML
154 lines
6.2 KiB
XML
<sect2>
|
|
<title>Configuring <application>Samba</application></title>
|
|
<para>We will configure one <application>Samba</application> server (SAMBABOX)
|
|
to act as a primary domain controller, as well as configure one domain client
|
|
running Windows 2000 Server(WIN2KBOX) and acting as a member server of the
|
|
domain. Detailed instructions will be given for adding WIN2KBOX to
|
|
the domain due to the extra steps necessary. Instructions for adding
|
|
Windows 95/98/XP clients can be found in the newly installed
|
|
documentation by pointing a web browser to:</para>
|
|
|
|
<screen><userinput>file:///usr/share/samba/swat/using_samba/ch03_01.html#ch03-55770.</userinput></screen>
|
|
|
|
<sect3><title>Config files</title>
|
|
<para><filename>/etc/samba/smb.conf</filename>,
|
|
<filename>/etc/rc.d/init.d/samba </filename></para>
|
|
|
|
<para>First we set up some directories needed by <application>Samba
|
|
</application>:</para>
|
|
<screen><userinput><command>mkdir /var/lib/samba &&
|
|
mkdir /var/lib/samba/netlogon &&
|
|
mkdir /var/lib/samba/ntprofile &&
|
|
mkdir /var/lib/samba/profiles &&
|
|
chmod -R 1777 /var/lib/samba</command></userinput></screen>
|
|
|
|
<para>And the <application>Samba</application> configuration file: </para>
|
|
<screen><userinput><command>cat > /etc/samba/smb.conf << "EOF"</command>
|
|
[global]
|
|
netbios name = SAMBABOX
|
|
workgroup = DOMAIN01
|
|
os level = 64
|
|
preferred master = yes
|
|
domain master = yes
|
|
local master = yes
|
|
security = user
|
|
encrypt passwords = yes
|
|
domain logons = yes
|
|
log file = /var/log/log.%m
|
|
log level = 1
|
|
logon path = \\%N\home\%u\windows
|
|
logon drive = H:
|
|
logon home = \\homeserver\%u\windows
|
|
logon script = logon.cmd
|
|
[netlogon]
|
|
path = /var/lib/samba/netlogon
|
|
read only = yes
|
|
write list = ntadmin
|
|
[profiles]
|
|
path = /var/lib/samba/ntprofile
|
|
read only = no
|
|
create mask = 0600
|
|
directory mask = 0700
|
|
; World writable share for testing
|
|
[tmp]
|
|
comment = Temporary file space
|
|
path = /tmp
|
|
read only = no
|
|
public = yes
|
|
[home]
|
|
comment = Users' home directories
|
|
path = /home
|
|
read only = no
|
|
public = no
|
|
<command>EOF</command></userinput></screen>
|
|
|
|
<para>Now add the machine trust account for WIN2KBOX:</para>
|
|
<screen><userinput><command>/usr/sbin/useradd -g 100 -d /dev/null -c \
|
|
"machine nickname" -s /bin/false win2kbox$ &&
|
|
passwd -l win2kbox$ &&
|
|
smbpasswd -a -m win2kbox</command></userinput></screen>
|
|
|
|
<para>Install <filename>/etc/rc.d/init.d/samba</filename>
|
|
init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
|
|
|
|
<screen><userinput><command>make install-samba</command></userinput></screen>
|
|
|
|
<para>Now, we'll use our new boot script to start <application>Samba
|
|
</application>: </para>
|
|
<screen><userinput><command>/etc/rc.d/init.d/samba start</command></userinput></screen>
|
|
<para>We have to add the SAMBABOX root account to the <application>Samba
|
|
</application> user list first in order to join WIN2KBOX to the DOMAIN01
|
|
domain: </para>
|
|
|
|
<screen><userinput><command>smbpasswd -a root</command></userinput></screen>
|
|
|
|
<para>After starting <application>Samba</application> and adding root to
|
|
the <application>Samba</application> user list, the first machine we'll join
|
|
to DOMAIN01 will be WIN2KBOX, the Windows 2000 Server box we created the
|
|
machine trust account for. On WIN2KBOX:</para>
|
|
<screen><userinput>1. Right click on My Computer.
|
|
2. Click on Properties.
|
|
3. Click on the Network Identification notebook tab.
|
|
4. Click on the Properties button.
|
|
5. In the Computer Name: edit field enter WIN2KBOX.
|
|
6. Click on the Domain: radio button and enter DOMAIN01 in the edit
|
|
field and click OK.
|
|
7. When presented with the Domain Username And Password dialog box,
|
|
enter root and root's password on SAMBABOX and click OK.
|
|
8. After the machine trust is negotiated, click the OK button in the
|
|
dialog box welcoming you to the DOMAIN01 domain.
|
|
9. Click OK in the reboot reminder dialog box.
|
|
10. Click OK to close the System Properties window.
|
|
11. Click Yes to reboot WIN2KBOX.</userinput></screen></sect3>
|
|
|
|
<sect3><title>Add a new user to the DOMAIN01 domain.</title>
|
|
<para>Before logging on to WIN2KBOX, we will create a new user with
|
|
the following commands:</para>
|
|
<screen><userinput><command>useradd -m win2kuser01 &&
|
|
passwd win2kuser01 &&
|
|
smbpasswd -a win2kuser01</command></userinput></screen></sect3>
|
|
|
|
<sect3><title>Logging on to DOMAIN01.</title>
|
|
<para>Now we will log on the domain as our newly created user as
|
|
follows:</para>
|
|
<screen><userinput>1. Press Ctrl-Alt-Del to bring up the Log On to Windows dialog box.
|
|
2. Enter the win2kuser01 name and password.
|
|
3. Select DOMAIN01 from the Log on to: combination box and click OK.</userinput></screen>
|
|
|
|
<para>Add the swat entry to <filename>/etc/services</filename>with the
|
|
following command: </para>
|
|
|
|
<screen><userinput><command>echo "swat 901/tcp" >> /etc/services</command></userinput></screen>
|
|
|
|
<para>If <command>inetd</command> is used, the following command will add the
|
|
swat entry to <filename>/etc/inetd.conf</filename>: </para>
|
|
<screen><userinput><command>echo "swat stream tcp nowait.400 root /usr/sbin/swat swat" \
|
|
>> /etc/inetd.conf</command></userinput></screen>
|
|
|
|
<para>If xinetd is used, the following command will add the swat entry
|
|
to <filename>/etc/xinetd.conf</filename>: </para>
|
|
<screen><userinput><command>cat >> /etc/xinetd.conf << "EOF"</command>
|
|
service swat
|
|
{
|
|
port = 901
|
|
socket_type = stream
|
|
wait = no
|
|
only_from = 127.0.0.1
|
|
user = root
|
|
server = /usr/sbin/swat
|
|
log_on_failure += USERID
|
|
}
|
|
<command>EOF</command></userinput></screen>
|
|
|
|
<para>The Samba Web Administration Tool, <acronym>SWAT</acronym>, can be
|
|
launched with the following command on SAMBABOX: </para>
|
|
<screen><userinput><command>lynx http://localhost:901</command></userinput></screen>
|
|
<note><para>Be sure <command>inetd</command> is running, and issue a
|
|
<command>killall -HUP inetd</command> before starting
|
|
<acronym>SWAT</acronym>.</para></note>
|
|
<para>The <application>Lynx</application> browser is used in this
|
|
demonstration, but is not necessary.</para></sect3>
|
|
|
|
</sect2>
|
|
|