Its proven, its been done, and its awesome :))
Start reading the docus from samba-doc rpm package or you can download the latest samba source from www.samba.org there you will find a very good documentation on step by step setup for PDC. I suggest you read that first :) some stuffs that may be useful are : man smb.conf man samba man smbpasswd Mamaya sasagutin ka siguro ni Jijo ng Step by Step howto :) Paging Jijo, tapos na finals . I'll try to answer some of your questions but the docus are more correct and you'll learn more. You need to setup/modify smb.conf , usually found at /etc/samba/ directory or /usr/local/samba/lib/ . Contents of the smb.conf will be different on a linux workstation joining a DOMAIN or a linux box being the PDC of that windows domain. example below for a linux box acting as PDC. This setup is for samba 2.2.0 so some configs might not apply to the latest samba release. [global] bind interfaces only = true interfaces = 192.168.123.21 127.0.0.1 ;basic server config netbios name = STUDENT-21 workgroup=MATHSTUDENT ;domain administrator domain admin group = @ntdomainadmins ;domain group map = /usr/local/samba/private/domaingroup.map ;support domain logon domain logons = yes ;encrypted password are required for PDC encrypt passwords = yes ;security settings security = user ;act as domain master and local master browser os level = 65 preferred master = yes domain master = yes local master = yes wins support = yes ;start************* ;if log in with roaming is not a problem remve line below and use default ;remove profiles share also logon path = \\%N\profiles\%U ;this might not be a problem anymore ;Samba 2.2 PDC FAQ ;logon path = \\%N\%U\profiles ;added below to know if roaming prof in w2k works ;edit the [profiles] also ;logon path = \\%N\%U ;end*********** ;logon scripts . this is relative to netlogon path in netlogon ;net time \\server_name /set /yes doesnot work for ordinary users logon script = scripts\%U.bat ;log files log file = /usr/local/samba/var/log.%m add user script = /usr/bin/useradd -d /dev/null -s /bin/false -M %u ;homes of users Z: by default why? [homes] guest ok = no read only = no browsable = no ;accessible to owner only create mask = 0700 directory mask = 0700 [netlogon] case sensitive = no default case = yes comment = Network Logon Service path = /home/netlogon public = no writeable = no browseable = yes [public] path = /home/users/public guest ok = yes writable = no browsable = yes write list = @ntadmin [profiles] ;start******** ;without security issues on profile path = /home/profiles ;changed to know if win2k profile problem will be solved ; just comment out below to have a working profile albeit some unterminated samb a connection ; eventhough the user has logged out plus the \\%L\%U\ stuffs above ;path = /home/profiles/%U ;end********* ;start********** ;edited since in the mail list some session can not create ini files ;this is a working workaround :))) create mask = 0700 ;create mask = 0600 ;end********** directory mask = 0700 writeable = yes browsable = no ;******* truly working config ends here ;******** start of test num 2 ;added printing stuffs 5/2/01 [print$] path = /usr/local/samba/printers guest ok = no browsable = yes read only = yes #i dont know if a group can be placed here instead of an individual write list = root [printers] comment = All Printers path = /var/spool/samba browsable = no guest ok = no printable = yes print command = lpr-cups -P %p -o raw %s -r lpq command = lpstat -o %p lprm command = cancel %p-%j [cdrom] comment = CD ROM path = /mnt/cdrom readonly = yes public = yes The default smb.conf of mandrake has lots of comments, you can start from there 1. add your windows machine by useradd -c "Windows Machine" -d /dev/null -s /bin/false winMachineName$ do not forget the $ 2. smbpasswd -a -m winMachineName$ 3. Go to your windows machine if it is NT/W2k at it to the domain. to create a Domain User assuming he/she has a linux account on your linuxbox acting as PDC just do a smbpasswd -a -U username Remember you put a $ at the end to add a machine account. There are other setup like using samba-tng for authentication, but u use samba-2.2.3a (is this the latest?) for file sharing. you get the best of both worlds PDC capability of TNG file sharing stability of the main samba :) HTH, -Dax On Tue, 2 Apr 2002, Nhadie Ramos wrote: > hi all! > > how can i use linux to act as a primary domain > controller for the network (just like in Win NT). > > also, how can a linux workstation be a member of a > primary domain controller(NT or Linux, if possible), > how can this workstation login to the PDC? > > coz i'd like to suggest, here in our offc, changing > our Win NT PDC to Linux. I just have to prove it. > > TIA > > __________________________________________________ > Do You Yahoo!? > Yahoo! Tax Center - online filing with TurboTax > http://http://taxes.yahoo.com/ > _ > Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph > To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] > > To subscribe to the Linux Newbies' List: send "subscribe" in the body to >[EMAIL PROTECTED] > _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
