http://forums.contribs.org/index.php?topic=12733.msg47846#msg47846or look at
http://myezserver.com/docs/mitel/samba-upgrade-howto.htmlinformation pasted below
To allow Samba to create user accounts for the workstations in your domain, you need to create a Samba user called root. First we add the user root, next we set the password where you must enter the root password twice, finally we enable the user:
[root@e-smith /root]# smbpasswd -add root
Added user root.
[root@e-smith /root]# smbpasswd root
New SMB password:
Retype new SMB password:
Password changed for user root. User has disabled flag set.
[root@e-smith /root]# smbpasswd -e root
Enabled user root.
Now rebuild the smb.conf file and restart Samba:
[root@e-smith /root]# /sbin/e-smith/expand-template /etc/smb.conf
[root@e-smith /root]# /etc/rc.d/init.d/smb restart
Shutting down SMB services: [ OK ]
Shutting down NMB services: [ OK ]
Starting SMB services: [ OK ]
Starting NMB services: [ OK ]
This completes the modifications to your e-smith server.
How to remove a machine from a domain or How to re-add a machine to a domain
--------------------------------------------------------------------------------
Problem1: You want to remove a machine from a domain.
Problem2: A domain machine account currently exists but the computer has been removed from the domain. You want to reconnect this same computer or you have replaced the computer and want to reconnect to the domain using the same computer (netbios) name.
--------------------------------------------------------------------------------
NOTE: %u when issued inside samba appends the $ to $machineName to create $machineName$. For instance if the computer netbios name is STATION1 then it becomes station1$. NOTE: uppercase netbios names are converted to lowercase.
To remove a machine from a domain once it is added you may follow these command-line steps:
/usr/bin/smbpasswd -x $machineName$
/usr/bin/passwd -d $machineName$
/usr/sbin/userdel $machineName$
/sbin/e-smith/db accounts delete $machineName$
As an example to remove a machine named STATION1 you would enter:
[root@e-smith /root]# /usr/bin/smbpasswd -x station1$
Deleted user station1$.
[root@e-smith /root]# /usr/bin/passwd -d station1$
Changing password for user station1$
Removing password for user station1$
passwd: Success
[root@e-smith /root]# /usr/sbin/userdel station1$
[root@e-smith /root]# /sbin/e-smith/db accounts delete station1$
On the samba side, after you perform the command lines above to remove the machineName, you need to restart samba before you try to rejoin the computer to the domain:
[root@e-smith /root]# /etc/rc.d/init.d/smb restart
On the Windows side, you need to switch to workgroup mode (use a non-existent workgroup name ex. "workgroup1") and reboot your computer. After successfully rebooting in workgroup mode, you then may attempt to rejoin the computer to the domain following the steps below:
--------------------------------------------------------------------------------
How to add a Windows 2000 computer to the domain
--------------------------------------------------------------------------------
STEP 1: Make sure you have no open workgroup connections to the domain server.
For instance, if you were previously connecting to the server in workgroup mode you must disconnect from the workgroup and close any open network shares. To check on this, bring up a command prompt on your Windows box and type net use. If it lists any connections to the server, do net use \servername /delete.
STEP 2: Login as Administrator and perform the following:
right-click on My Computer, and select Properties
click on the Network Identification tab, and click the Properties button
set the radio button at the bottom of the window to Domain, and enter the name of your domain (which is the same as the workgroup name you entered in the server-manager). Then select OK.
you will see a window asking for a username and password with permission to add the computer to the domain. Enter root for the username (do not use "admin" or any other username), and use the password you chose above.
After a minute, you should be rewarded with "Welcome to the
domain".
--------------------------------------------------------------------------------
Troubleshooting - Common Errors
"The Credentials supplied conflict with an existing set of credentials"
This error is almost always caused by already having an existing connection to the server while trying to join the domain. To check on this, bring up a command prompt on your Windows box and type net use. If it lists any connections to the server, do net use \servername /delete and try joining the domain again.
"The account supplied is a computer account"
This error may arise if the domain that you're trying to join has the same name as your workgroup. Change the name of the workgroup on your Windows machine, reboot, and then try joining the domain.
--------------------------------------------------------------------------------
Windows 2000 - Local Area Connection Properties
It is suggested to limit your active protocols in use to as few as possible. TCP/IP is the only required protocol. Implement other protocols only if you absolutely must have others active to support your environment. The more you have, the more trouble you may experience. The recommended minimum Local Area Connection Properties are:
[X] Client for Microsoft Networks
[X] File and Printer Sharing for Microsoft Networks
[X] Internet Protocol (TCP/IP)
--------------------------------------------------------------------------------
Windows 2000/XP Registry Settings
1 Replies
1899 Views