Topic: How to install Samba 3.0.5 and join a W2k3 Domain

[Silencer]

Hi there,

first Post here so be gentle  

I am no Linux Guru but i am also no novice.
Feel free to comment this and i would be pleased if someone can give me some hints what i possibly forgot , i think it will be a lot.

Following Files are needed (use RPM-Search or Google):

samba-3.0.5-0.0.rh73.i386.rpm
samba-client-3.0.5-0.0.rh73.i386.rpm
samba-common-3.0.5-0.0.rh73.i386.rpm

Uninstall existing Samba RPMs:
Rpm –e samba
Rpm –e samba-client
Rpm –e samba-common

Install the new (above mentioned) RPMs from a local Folder:

Rpm –Uvh *.rpm

In case of missing Lib files Download them from the CUPS-Folder (here at Contribs.org) and install the Library.

I changed following Files fitting my needs:

/etc/krb5.conf

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 ticket_lifetime = 24000
 default_realm = NOVA.LOCAL
 dns_lookup_realm = false
 dns_lookup_kdc = false

[realms]
 NOVA.LOCAL = {
  kdc = 192.168.0.100:88
  admin_server = 192.168.0.100:464
  default_domain = nova.local
 }

[domain_realm]
 .nova.local = NOVA.LOCAL
 nova.local = NOVA.LOCAL

[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }



/etc/smb.conf

Do it via Custom Template, i messed it up some time ago and was to lazy to fix it.


#------------------------------------------------------------
# DO NOT MODIFY THIS FILE! It is updated automatically by the
# SME Server software. Instead, modify the source template in
# an /etc/e-smith/templates-custom directory. For more
# information, see http://www.e-smith.org/custom/
#
# copyright (C) 1999-2003 Mitel Networks Corporation
#------------------------------------------------------------

[global]

add user script = /sbin/e-smith/signal-event machine-account-create '%u'
bind interfaces only = no
case sensitive = no
#character set = ISO8859-1
#client code page = 850
deadtime = 10080
dns proxy = no
#domain admin group = admin
domain logons = no
domain master = no
encrypt passwords = yes
guest account = public
guest ok = no
hosts allow = 127.0.0.1 192.168.0.0/255.255.255.0
interfaces = 127.0.0.1 192.168.0.2/255.255.255.0
kernel oplocks = true
level2 oplocks = true
log level = 2
log file = /var/log/samba/log.%m
logon home = \\%L\%U\._winprofile
logon path = \\%L\Profiles\%U
logon script = netlogon.bat
map to guest = never
max log size = 50
max connections = 0
name resolve order = hosts lmhosts wins bcast
netbios name = Mailserver
oplocks = true
os level = 0
pid directory = /var/run
preferred master = no
preserve case = yes
printer admin = admin
server string = Service System
short preserve case = yes
smb passwd file = /etc/samba/smbpasswd
socket options = TCP_NODELAY
strict locking = no
unix password sync = Yes
pam password change = Yes
wins support = no
workgroup = NOVA
wins server = 192.168.0.100
security = ADS
password server = 192.168.0.100
load printers = yes
printing = cups
winbind uid = 15000-20000
winbind gid = 15000-20000
realm = nova.local
winbind separator = /
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind enum users = yes
winbind enum groups = yes


[homes]
comment = Home directory
browseable = no
guest ok = no
read only = no
writable = yes
printable = no
create mode = 0660
force create mode = 0660
directory mode = 0770
force directory mode = 0770
path = /home/e-smith/files/users/%S/home

[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
use client driver = yes

[Profiles]
path = /home/e-smith/files/samba/profiles
writeable = yes
browseable = no
create mask = 0600
directory mask = 0700

[netlogon]
comment = Network Logon Service
path = /home/e-smith/files/samba/netlogon
guest ok = yes
writable = yes
browseable = no


[print$]
comment = Printer drivers
path = /home/e-smith/files/samba/printers
guest ok = yes
browsable = yes
writable = yes
use client driver = yes

[Primary]
comment = Primary i-bay
path = /home/e-smith/files/ibays/Primary
read only = no
writable = yes
printable = no
inherit permissions = yes
create mode = 0640

[mrtg]
comment = MRTG system monitor
path = /home/e-smith/files/ibays/mrtg
read only = no
writable = yes
printable = no
inherit permissions = yes
create mode = 0664

[netjuke]
comment = Networked Jukebox
path = /home/e-smith/files/ibays/netjuke
read only = no
writable = yes
printable = no
inherit permissions = yes
create mode = 0664

[pdfmaker]
comment = pdfmaker
path = /home/e-smith/files/ibays/pdfmaker
read only = no
writable = yes
printable = no
inherit permissions = yes
create mode = 0660

Change the Administrator Password (take the same again) in the Active Directoy and in Account-Tab (where you can set the pre-w2k Name) set the name of the Administrator.
In my Case this Field was empty

With the command "net ads join -U Administrator%PASSWORT" i have joined the Active Directory.

When there are Problems delete the Machine Account from your SME-Box and retry.
Also check the Event-Log (System and Security).

Good Luck

Patrice

[Yuri]

I'm definetely gonna try this one out these days. Thanks for this how-to, hopefully it'll work.
Best regards.  

[crazybob]

I am not a linux guru also, but I usually can follow directions. I need to know how much of the above changes are needed if this is going to be the only server in the system. I plan on it being the domain controller.

Thanks

Bob

[Silencer]

The SMB Conf isn't fully needed, the following part is important:
encrypt passwords = yes
security = ADS

In the case you haven't implementet DNS Support, you have to use IPs instead of the Netbios Name, like i did.

Inspite of the howtos you don't have to create a pre windows 2000 computer account if you want to join the 2003 domain.

If you like the SME to be your Domain Controller you will find under www.samba.org what you need, and i am also no linux guru!

have fun

[damianm]

Hi all,

I am a newbie to this list.  We are using SME 5.6 and VPN to it to log in to our W2K TS.  Has been working fine until we upgraded ouir server to W2k3.  We now cannot log in.  I suspect that it is a problem with Samba and our firewall not participating in the network.

My question is..can we upgrade Samba to 3.05 on SME 5.5 without having to go to Version 6 ?

Many Thanks

Damian Marinucci

[CharlieBrady]

Hi there,

Following Files are needed (use RPM-Search or Google):

samba-3.0.5-0.0.rh73.i386.rpm
samba-client-3.0.5-0.0.rh73.i386.rpm
samba-common-3.0.5-0.0.rh73.i386.rpm

Uninstall existing Samba RPMs:
Rpm –e samba
Rpm –e samba-client
Rpm –e samba-common

Install the new (above mentioned) RPMs from a local Folder:

Rpm –Uvh *.rpm

It's very rare that you should uninstall existing RPMs when you wish to upgrade them. Instead of your sequence, you should upgrade all three RPMs in one command:

rpm -Uhv samba-3.0.5-0.0.rh73.i386.rpm \
 samba-client-3.0.5-0.0.rh73.i386.rpm \
 samba-common-3.0.5-0.0.rh73.i386.rpm

I think you'll find that the above command will fail, because of additional required backages - the lib rpms you mention above. So download those as you say, and do:

rpm -Uhv samba-3.0.5-0.0.rh73.i386.rpm \
 samba-client-3.0.5-0.0.rh73.i386.rpm \
 samba-common-3.0.5-0.0.rh73.i386.rpm lib*.rpm

[Silencer]

You are right, in spite of that it worked!
By the way, i mentioned not to be a linux guru.
Learning by doing and google is your friend

I removed the link i posted earlier in this message, because it has no ADS Support compiled in.

Greetz

Silencer

[gardnc]

Has anyone had any luck locating
samba-3.0.5-0.0.rh73.i386.rpm and related rps?  If so would you email same to me at larry at tm-wd dot com

Much appreciated

[smeghead]

.. slightly newer ones here -

http://www.megaloman.sk/~hany/RPM/doors5.0/SByName.html

HTH