Thread: Windows domain

i trying setup server act windows domain controller house , 5 or som machines connect network. manage windows network , comfortable windows configuration , how install domain way.

trying stay legal , save money using samba. have followed directions best can follow here, https://help.ubuntu.com/11.04/server.../samba-dc.html
not able join windows xp computer domain. have installed dhcp , dns on server , seems working fine. able resolve server name , domain name , computers getting ip addresses.

xp machine gives , error domain controller domain cannot found. log says service record dns entry domain, not know how add type of record.

able browse network , see couple of shares setup know server running , of smb.conf file set right. below copy of have. help.

eric

#
# sample configuration file samba suite debian gnu/linux.
#
#
# main samba configuration file. should read the
# smb.conf(5) manual page in order understand options listed
# here. samba has huge number of configurable options of
# not shown in example
#
# options worth tuning have been included as
# commented-out examples in file.
# - when such options commented ";", proposed setting
# differs default samba behaviour
# - when commented "#", proposed setting default
# behaviour of samba option considered important
# enough mentioned here
#
# note: whenever modify file should run command
# "testparm" check have not made basic syntactic
# errors.
# well-established practice name original file
# "smb.conf.master" , create "real" config file with
# testparm -s smb.conf.master >smb.conf
# minimizes size of used smb.conf file
# which, according samba team, impacts performance
# however, use caution if smb.conf file contains nested
# "include" statements. see debian bug #483187 case
# using master file not idea.
#

#======================= global settings =======================

[global]

## browsing/identification ###

# change workgroup/nt-domain name samba server part of
workgroup = jenerics

# server string equivalent of nt description field
server string = %h server (samba, ubuntu)

# windows internet name serving support section:
# wins support - tells nmbd component of samba enable wins server
# wins support = no

# wins server - tells nmbd components of samba wins client
# note: samba can either wins server, or wins client, not both
; wins server = w.x.y.z

# prevent nmbd search netbios names through dns.
dns proxy = no

# naming service , in order should use resolve host names
# ip addresses
name resolve order = lmhosts host wins bcast

#### networking ####

# specific set of interfaces / networks bind to
# can either interface name or ip address/netmask;
# interface names preferred
interfaces = 127.0.0.0/16 eth0

# bind named interfaces and/or networks; must use the
# 'interfaces' option above use this.
# recommended enable feature if samba machine is
# not protected firewall or firewall itself. however, this
# option cannot handle dynamic or non-broadcast interfaces correctly.
bind interfaces = yes



#### debugging/accounting ####

# tells samba use separate log file each machine
# connects
log file = /var/log/samba/log.%m

# cap size of individual log files (in kib).
max log size = 1000

# if want samba log through syslog set following
# parameter 'yes'.
syslog = yes

# want samba log minimum amount of information syslog. everything
# should go /var/log/samba/log.{smbd,nmbd} instead. if want log
# through syslog should set following parameter higher.
syslog = 10

# sensible when samba crashes: mail admin backtrace
panic action = /usr/share/samba/panic-action %d


####### authentication #######

# "security = user" idea. require unix account
# in server every user accessing server. see
# /usr/share/doc/samba-doc/htmldocs/samba3-howto/servertype.html
# in samba-doc package details.
security = user

# may wish use password encryption. see section on
# 'encrypt passwords' in smb.conf(5) manpage before enabling.
encrypt passwords = true

# if using encrypted passwords, samba need know what
# password database type using.
passdb backend = tdbsam

obey pam restrictions = yes

# boolean parameter controls whether samba attempts sync unix
# password smb password when encrypted smb password in the
# passdb changed.
unix password sync = yes

# unix password sync work on debian gnu/linux system, following
# parameters must set (thanks ian kahan <<kahan@informatik.tu-muenchen.de> for
# sending correct chat script passwd program in debian sarge).
passwd program = /usr/bin/passwd %u
passwd chat = *enter\snew\s*\spassword:* %n\n *retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .

# boolean controls whether pam used password changes
# when requested smb client instead of program listed in
# 'passwd program'. default 'no'.
pam password change = yes

# option controls how unsuccessful authentication attempts mapped
# anonymous connections
map guest = bad user

########## domains ###########

# machine able authenticate users. both pdc , bdc
# must have setting enabled. if bdc must
# change 'domain master' setting no
#
domain logons = yes
#
# following setting takes effect if 'domain logons' set
# specifies location of user's profile directory
# client point of view)
# following required [profiles] share setup on the
# samba server (see below)
# logon path = \\%n\profile\%u
# common choice storing profile in user's home directory
# (this samba's default)
logon path = \\%n\%u\profile

# following setting takes effect if 'domain logons' set
# specifies location of user's home directory (from client
# point of view)
logon drive = h:
logon home = \\%n\%u

# following setting takes effect if 'domain logons' set
# specifies script run during logon. script must stored
# in [netlogon] share
# note: must store in 'dos' file format convention
logon script = logon.cmd

# allows unix users created on domain controller via samr
# rpc pipe. example command creates user account disabled unix
# password; please adapt needs
; add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u

# allows machine accounts created on domain controller via
# samr rpc pipe.
# following assumes "machines" group exists on system
add machine script = /usr/sbin/useradd -n -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u

# allows unix groups created on domain controller via samr
# rpc pipe.
; add group script = /usr/sbin/addgroup --force-badname %g

########## printing ##########

# if want automatically load printer list rather
# setting them individually you'll need this
# load printers = yes

# lpr(ng) printing. may wish override location of the
# printcap file
; printing = bsd
; printcap name = /etc/printcap

# cups printing. see cupsaddsmb(8) manpage in the
# cupsys-client package.
; printing = cups
; printcap name = cups

############ misc ############

# using following line enables customise configuration
# on per machine basis. %m gets replaced netbios name
# of machine connecting
; include = /home/samba/etc/smb.conf.%m

# people find option gives better performance.
# see smb.conf(5) , /usr/share/doc/samba-doc/htmldocs/samba3-howto/speed.html
# details
# may want add following on linux system:
# so_rcvbuf=8192 so_sndbuf=8192
# socket options = tcp_nodelay

# following parameter useful if have linpopup package
# installed. samba maintainer , linpopup maintainer are
# working ease installation , configuration of linpopup , samba.
; message command = /bin/sh -c '/usr/bin/linpopup "%f" "%m" %s; rm %s' &

# domain master specifies samba domain master browser. if this
# machine configured bdc (a secondary logon server), you
# must set 'no'; otherwise, default behavior recommended.
domain master = auto

# defaults winbind (make sure you're not using ranges
# else.)
; idmap uid = 10000-20000
; idmap gid = 10000-20000
; template shell = /bin/bash

# following default behaviour in sarge,
# samba upstream reverted default because might induce
# performance issues in large organizations.
# see debian bug #368251 of consequences of *not*
# having setting , smb.conf(5) details.
; winbind enum groups = yes
; winbind enum users = yes

# setup usershare options enable non-root users share folders
# net usershare command.

# maximum number of usershare. 0 (default) means usershare disabled.
; usershare max shares = 100

# allow users who've been granted usershare privileges create
# public shares, not authenticated ones
usershare allow guests = yes

#======================= share definitions =======================

# un-comment following (and tweak other settings below suit)
# enable default home directory shares. share each
# user's home director \\server\username
[homes]
comment = home directories
browseable = no

# default, home directories exported read-only. change the
# next parameter 'no' if want able write them.
read = no

# file creation mask set 0700 security reasons. if want to
# create files group=rw permissions, set next parameter 0775.
create mask = 0700

# directory creation mask set 0700 security reasons. if want to
# create dirs. group=rw permissions, set next parameter 0775.
directory mask = 0700

# default, \\server\username shares can connected anyone
# access samba server. un-comment following parameter
# make sure "username" can connect \\server\username
# following parameter makes sure "username" can connect
#
# might need tweaking when using external authentication schemes
valid users = %s

# un-comment following , create netlogon directory domain logons
# (you need configure samba act domain controller too.)
[netlogon]
comment = network logon service
path = /srv/samba/netlogon
guest ok = yes
read = yes
share modes = no

# share added music sharing on jenerics workgroup
# of computers. created 6-24-11 @ 11:05 am.
[music]
comment = music share
path = /share/music
guest ok = yes
read = no
share modes = no

# share creted stewart family pictures shared
# on network. date created 6-24-11 @ 11:16 am.
[pics]
comment = pictures share
path = /share/pictures
guest ok = yes
read = no
share modes = no

# un-comment following , create profiles directory store
# users profiles (see "logon path" option above)
# (you need configure samba act domain controller too.)
# path below should writable users their
# profile directory may created first time log on
[profiles]
comment = users profiles
path = /home/samba/profiles
guest ok = no
browseable = no
create mask = 0600
directory mask = 0700

[printers]
comment = printers
browseable = no
path = /var/spool/samba
printable = yes
guest ok = no
read = yes
create mask = 0700

# windows clients share name source of downloadable
# printer drivers
[print$]
comment = printer drivers
path = /var/lib/samba/printers
browseable = yes
read = yes
guest ok = no
# uncomment allow remote administration of windows print drivers.
# may need replace 'lpadmin' name of group your
# admin users members of.
# please note need set appropriate unix permissions
# drivers directory these users have write rights in it
; write list = root, @lpadmin

# sample share sharing cd-rom others.
;[cdrom]
; comment = samba server's cd-rom
; read = yes
; locking = no
; path = /cdrom
; guest ok = yes

# next 2 parameters show how auto-mount cd-rom when the
# cdrom share accesed. work /etc/fstab must contain
# entry this:
#
# /dev/scd0 /cdrom iso9660 defaults,noauto,ro,user 0 0
#
# cd-rom gets unmounted automatically after connection the
#
# if don't want use auto-mounting/unmounting make sure cd
# mounted on /cdrom
#
; preexec = /bin/mount /cdrom
; postexec = /bin/umount /cdrom

posted jenerics5

the xp machine gives , error domain controller domain cannot found. log says service record dns entry domain, not know how add type of record.

microsoft use special dns records in ad environment. article, http://technet.microsoft.com/en-us/l.../dd316373.aspx, might hold clues need.

if not, try google "microsoft service records dns bind".

regards,
helgman

Forum The Ubuntu Forum Community Ubuntu Official Flavours Support Networking & Wireless [ubuntu] Windows domain

Ubuntu